Phishing Domain Search
- Url: https://services.blackkitetech.com/api/v1/phishing/domain
- Method: POST
- Description: Black Kite Potential Phishing Domain Search generates possible words from your domain name with specific algorithms and searches these generated names among all domain name databases. With this service, you can identify the possible phishing domain names registered for cyber attacks
Request-Example Json
{
"domain": "blackkitetech.com"
}
Response-Example Json
{
"status":"success",
"results":{
"DomainList":[
{
"ContactEmail": "[email protected]",
"CreatedDate": "2011-03-06",
"ExpireDate": "2018-03-06",
"FraudDomain": "example.com",
"FraudScore": 56.5,
"RegistrantName": "Contact Privacy Inc. Customer 0130186334",
"RegistrantOrg": "96 Mowat Ave",
"RegistrarName": "TUCOWS DOMAINS INC."
}
[...]
],
"DomainListSize":1
}
}
Example usage
curl -H "Content-Type: application/json" -X POST -d '{"domain": "blackkitetech.com"}' https://services.blackkitetech.com/api/v1/phishing/domain
Errors
- IpLimitError Rate limit error
- MissingDictKey Raising when recieved json data hasnt any "domain" key.
- MalformedJson Requests must have valid json otherwise this error will be raised
- ApiFailed Temporary api error message
- InvalidDomainName Raising when recieved domain name field is not valid
Error Example
HTTP/1.1 400 Invalid Domain Name
{
"status": False,
"msg": "given domain is not valid"
}
IP Blacklist Search
- Url: https://services.blackkitetech.com/api/v1/blacklist/searchip
- Method: POST
- Description Search your ip asset at Black Kite Blacklist Service to see if your ip address is in any blacklist. Our data is collected from various resources on the net plus Black Kite own honeypot systems spread all over the world.
Request-Example Json
{
"ip": "1.1.1.1"
}
Response-Example Json
{
"status": "success",
"results": {
"blacklistSize": 2,
"blacklistData": [
{
"Category": "organizations",
"Data": "1.1.1.1",
"Description": " [BitNodes] (https://getaddr.bitnodes.io/) Bitcoin connected nodes, globally.",
"FileSource": "bitcoin_nodes",
"FirstListingDate": "2017-05-31 02:47:45",
"LastUpdatedDate": "2017-06-15 11:23:41",
"ListSourceUrl": "https://getaddr.bitnodes.io/api/v1/snapshots/latest/",
"Maintainer": "BitNodes",
"MaintainerUrl": "https://getaddr.bitnodes.io/",
"ReputationCount": 2,
"UpdateFrequency": "10 mins"
},
{
"Category": "abuse",
"Data": "1.1.1.1",
"Description": " Cymon.io ip abuse list",
"FileSource": "cymon-ip-phishing",
"FirstListingDate": "2017-05-18 04:00:02",
"LastUpdatedDate": "2017-06-15 04:00:01",
"ListSourceUrl": "https://cymon.io/api/nexus/v1/blacklist/ip/phishing/?days=1&format=json&limit=5000",
"Maintainer": "Cymon",
"MaintainerUrl": "https://cymon.io/",
"ReputationCount": 2,
"UpdateFrequency": "1 day"
}
]
}
}
Example usage
curl -H "Content-Type: application/json" -X POST -d '{"ip": "1.1.1.1"}' https://services.blackkitetech.com/api/v1/blacklist/searchip
Errors
- IpLimitError Rate limit error
- MissingDictKey Raising when recieved json data hasnt any "domain" key.
- MalformedJson Requests must have valid json otherwise this error will be raised
- ApiFailed Temporary api error message
- InvalidIpAddress Raising when recieved domain name field is not valid
Error Example
HTTP/1.1 400 Invalid Ip Address
{
"status": False,
"msg": "given input is not an ip address or it is local ip"
}
Breach Email Search
- Url: https://services.blackkitetech.com/api/v1/breach/email
- Method: POST
- Description: Black Kite Breach Service helps you to identify your account has been compromised before. Search your email address in our huge data. Having information about your leaked accounts allows you to quickly notify any privacy violation.
Request-Example Json
{
"email": "[email protected]"
}
Response-Example Json
{
"status": "success",
"results": {
"breachSize": 5,
"breachList": [
{
"Email": "(youraddress)@gmail.com",
"LeakTime": "2016-07-18 04:40:26",
"Tags": "R2GAMES"
},
{
"Email": "(youraddress)@gmail.com",
"LeakTime": "2013-04-13 20:23:34",
"Tags": "TUMBLR"
},
{
"Email": "(youraddress)@gmail.com",
"LeakTime": "2016-11-08 00:11:51",
"Tags": "NULLED"
},
{
"Email": "(youraddress)@gmail.com",
"LeakTime": "2015-04-24 02:26:31",
"Tags": "MPGH.NET"
},
{
"Email": "(youraddress)@gmail.com",
"LeakTime": "2016-03-22 02:26:42",
"Tags": "NULLED.IO"
}
]
}
}
Example usage
curl -H "Content-Type: application/json" -X POST -d '{"email": "[email protected]"}' https://services.blackkitetech.com/api/v1/breach/email
Errors
- IpLimitError Rate limit error
- MissingDictKey Raising when recieved json data hasnt any "domain" key.
- MalformedJson Requests must have valid json otherwise this error will be raised
- ApiFailed Temporary api error message
- InvalidEmailAddress Raising when recieved Email field is not valid
Error Example
HTTP/1.1 400 Invalid Email Address
{
"status": False,
"msg": "given input is not an email address"
}
Breach Domain Search
- Url: https://services.blackkitetech.com/api/v1/breach/domain
- Method: POST
- Description: Black Kite Breach Service helps you to identify your account has been compromised before. Search your email address in our huge data. Having information about your leaked accounts allows you to quickly notify any privacy violation.
Request-Example Json
{
"domain": "blackkitetech.com"
}
Response-Example Json
{
"status": "success",
"results": {
"breachSize": 6,
"breachList": [
{
"Email": "si****[email protected]",
"LeakTime": "2016-05-18 02:26:25",
"Tags": "JAX"
},
{
"Email": "la****[email protected]",
"LeakTime": "2016-10-20 16:19:20",
"Tags": "TOR"
},
{
"Email": "se****[email protected]",
"LeakTime": "2016-10-05 05:50:26",
"Tags": "TOR"
},
{
"Email": "lo****[email protected]",
"LeakTime": "2016-10-18 05:39:41",
"Tags": "TOR"
},
{
"Email": "an****[email protected]",
"LeakTime": "2016-10-15 01:24:04",
"Tags": "TOR"
},
{
"Email": "ra****[email protected]",
"LeakTime": "2016-10-08 21:00:27",
"Tags": "TOR"
}
]
}
}
Example usage
curl -H "Content-Type: application/json" -X POST -d '{"domain": "blackkitetech.com"}' https://services.blackkitetech.com/api/v1/breach/domain
Errors
- IpLimitError Rate limit error
- MissingDictKey Raising when recieved json data hasnt any "domain" key.
- MalformedJson Requests must have valid json otherwise this error will be raised
- ApiFailed Temporary api error message
- InvalidDomainAddress Raising when recieved Domain field is not valid
Error Example
HTTP/1.1 400 Invalid Domain Name
{
"status": False,
"msg": "given domain is not valid"
}
Threat Intelligence Downloads
- Url: https://services.blackkitetech.com/api/v1/threatfeed/downloadintel
- Method: GET
- Description: Users with verified ip have the opportunity to download all the information in a format with this API
Params
- date:
- For dailymaldomain category, formatted as %Y%m%d (ex: 20171231)
- For frauddomains and honeypotfeeds categories, formatted as "%m%d%Y" (ex: 12312017)
- category: one of the following: frauddomains, honeypotfeeds, dailymaldomain
- format: one of the following: "stix" and "csv"
Params Example
?date=05122017&format=csv&category=frauddomains
Example usage
curl "https://services.blackkitetech.com/api/v1/threatfeed/downloadintel?date=12312017&format=csv&category=frauddomains" > reportfile
Error Example
HTTP/1.1 400 ApiFailed
{
"status": False,
"msg": "api query failed. please try again later"
}