Lookup request for domain

Expand all | Collapse all

The endpoint is used to display specific information for a domain.


Request method: GET

Endpoint: https://tip.kaspersky.com/api/domain/<request>

Query parameters:

Expected parameters




Domain that you want to investigate.


Maximum number of records in each data group to display.

If this parameter is not specified, up to 1000 records will be displayed. This restriction does not apply to DetectionsInfo and FileParentCertificates groups. For these groups all records are displayed regardless of the number of records.


Sections that you want to investigate for the requested domain. Use the comma to specify several sections.


Investigation result format.

Optional parameter.

Available values:

json—Investigation results are returned in JSON format.

stix—Investigation results are returned in STIX format. If this value is specified, the count and sections parameters are ignored: data from all groups is returned.

If the format parameter is not specified, investigation results are returned in JSON format.

Use the question mark (?) to separate the first parameter from the request. Use the ampersand (&) to separate parameters from each other. The parameters can be specified in any order.

Dates in all sections are displayed in Coordinated Universal Time (UTC) format.

Key values are case-sensitive.

Request examples:

Investigate LicenseInfo, Zone, and FileAccessed sections for the domain differentia.ru:

curl --cert <file name>.pem --user <user name> https://tip.kaspersky.com/api/domain/differentia.ru?sections=LicenseInfo,Zone,FileAccessed&count=10&format=stix

Run the same request by using an API token:

curl -H "Authorization: Bearer <API token>" https://tip.kaspersky.com/api/domain/differentia.ru?sections=LicenseInfo,Zone,FileAccessed&count=10&format=stix


200 OK

401 Unauthorized

402 License Expired

403 Forbidden

451 Unavailable For Legal Reasons

Page top