APT C&C Tracking API
This section explains how to request a list of dangerous IP addresses by using the Kaspersky Threat Intelligence Portal API.
Before working with the Kaspersky Threat Intelligence Portal API, you must accept the Terms and Conditions online in your browser at https://tip.kaspersky.com.
To work with C&C Tracking by using the Kaspersky Threat Intelligence Portal API:
- Make sure that the application you use for working with Kaspersky Threat Intelligence Portal API uses the certificate you received from Kaspersky.
- In the Authorization field of the HEADER section, specify the user name and password that you received from Kaspersky.
- Specify the Basic authentication scheme.
- Specify the GET HTTP method.
- Run your query by using the
api/apt_cnc/{country}
method described below.
Request
Request method: GET
Endpoint: https://tip.kaspersky.com/api/apt_cnc/{country}
Query parameters:
Expected parameters
Parameter
|
Description
|
country
|
The two-letter code of a country you want to receive a feed for.
Required parameter.
Available values:
all —The response will contain information for all countries.
The two-letter country code (lowercase).
|
Request example:
Get a list of dangerous IP addresses:
curl -u <user name> --cert <full path to the certificate on your computer> -X GET 'https://tip.kaspersky.com/api/apt_cnc/ru'
|
Responses
Click the links below for information about possible responses.
Expand all | Collapse all
200 OK
Endpoint returns a JSON object that contains information about dangerous IP addresses in the specified countries.
401 Unauthorized
Request not processed: user authentication failed.
Make sure you enter the correct credentials, and then try to run the query again. If the problem recurs, please contact your dedicated Kaspersky Technical Account Manager.
403 Forbidden
Request not processed.
This error is returned if you have the trial license and request a feed for a country (or for all countries) to which you do not have access to.
Purchase a commercial license or specify another value for the country
parameter and try again.
This error is also returned if you try to run a request by using an API token, not specifying your credentials. You can use an API token only for running Threat Lookup API requests.
451 Unavailable For Legal Reasons
Page top