Lookup request for IP address

Expand all | Collapse all

The endpoint is used to display specific information for an IP address.

Request

Request method: GET

Endpoint: https://tip.kaspersky.com/api/ip/<request>

Query parameters:

Expected parameters

Parameter

Description

request

IP address that you want to investigate.

If you want an IP address to be processed as a web address, add the http:// or https:// prefix to the IP address in your request. For example, 82.118.16.30 is processed as an IP address, and http://82.118.16.30 is processed as a web address.

count

Maximum number of records in each data group to display.

If this parameter is not specified, up to 1000 records will be displayed. This restriction does not apply to DetectionsInfo and FileParentCertificates groups. For these groups all records are displayed regardless of the number of records.

sections

Sections that you want to investigate for the requested IP address. Use the comma to specify several sections.

format

Investigation result format.

Optional parameter.

Available values:

json—Investigation results are returned in JSON format.

stix—Investigation results are returned in STIX format. If this value is specified, the count and sections parameters are ignored: data from all groups is returned.

If the format parameter is not specified, investigation results are returned in JSON format.

Use the question mark (?) to separate the first parameter from the request. Use the ampersand (&) to separate parameters from each other. The parameters can be specified in any order.

Dates in all sections are displayed in Coordinated Universal Time (UTC) format.

Key values are case-sensitive.

Request examples:

Investigate FilesDownloadedFromIp, HostedUrls, IpWhoIs, and IpDnsResolutions sections for the IP address 103.234.36.190:

curl --cert <file name>.pem --user <user name> https://tip.kaspersky.com/api/ip/103.234.36.190?sections=FilesDownloadedFromIp,HostedUrls,IpWhoIs,IpDnsResolutions&count=10&format=stix

Run the same request by using an API token:

curl -H "Authorization: Bearer <API token>" https://tip.kaspersky.com/api/ip/103.234.36.190?sections=FilesDownloadedFromIp,HostedUrls,IpWhoIs,IpDnsResolutions&count=10&format=stix

Responses

200 OK

401 Unauthorized

402 License Expired

403 Forbidden

451 Unavailable For Legal Reasons

Page top