API Documentation
curl --request GET \
--url https://api.urldna.io/v1/scan/{scan_id} \
--header 'Authorization: <api-key>'{
"certificate": {
"authority_info_access": "<string>",
"authority_key_identifier": "<string>",
"basic_constraints": "<string>",
"certificate_policies": "<string>",
"ct_precert_scts": "<string>",
"extended_key_usage": "<string>",
"issuer": "<string>",
"key_usage": "<string>",
"not_after": "<string>",
"not_before": "<string>",
"serial_number": "<string>",
"subject": "<string>",
"subject_key_identifier": "<string>",
"version": 123
},
"console_messages": [
{
"text": "<string>",
"type": "<string>"
}
],
"cookies": [
{
"domain": "<string>",
"expiry": "<string>",
"http_only": true,
"name": "<string>",
"path": "<string>",
"secure": true,
"value": "<string>"
}
],
"dom": "<string>",
"favicon": {
"blob_uri": "<string>",
"format": "<string>",
"height": 123,
"mimetype": "<string>",
"name": "<string>",
"phash": "<string>",
"url": "<string>",
"width": 123
},
"http_transactions": [
{
"content_type": "<string>",
"ip": "<string>",
"method": "<string>",
"mimetypes": "<string>",
"size": 123,
"status_code": 123,
"url": "<string>"
}
],
"ip_address": {
"asn": "<string>",
"city": "<string>",
"country": "<string>",
"country_code": "<string>",
"ip": "<string>",
"isp": "<string>",
"latitude": 123,
"longitude": 123,
"org": "<string>",
"region": "<string>",
"timezone_gmt": "<string>",
"type": "<string>"
},
"classification": {
"verdict": "SAFE"
},
"page": {
"headers": {},
"meta_tags": {},
"outgoing_links": [
"<string>"
],
"ssdeep": "<string>",
"text": "<string>",
"title": "<string>"
},
"scan": {
"id": "<string>",
"submitted_url": "<string>",
"domain": "<string>",
"target_url": "<string>",
"protocol": "<string>",
"device": "DESKTOP",
"user_agent": "<string>",
"http_referer": "<string>",
"nsfw": true,
"scanned_from": "DEFAULT",
"origin": "API",
"width": 123,
"height": 123,
"private_scan": true,
"status": "PENDING",
"submitted_date": "2023-11-07T05:31:56Z",
"submitter_tags": [
"<string>"
],
"error_code": "<string>"
},
"scan_whois": {
"address": "<string>",
"country": "<string>",
"creation_date": "<string>",
"domain_name": "<string>",
"expiration_date": "<string>",
"name": "<string>",
"org": "<string>",
"registrant_postal_code": "<string>",
"registrar": "<string>",
"state": "<string>",
"updated_date": "<string>"
},
"screenshot": {
"blob_uri": "<string>",
"format": "<string>",
"height": 123,
"mimetype": "<string>",
"phash": "<string>",
"width": 123
},
"redirect_chains": {
"redirect_url": "<string>",
"status": "<string>",
"elapsed_time": 123
},
"technologies": [
{
"category": "<string>",
"name": "<string>",
"version": "<string>"
}
]
}Get Scan
Fetches complete scan results for a specific scan ID. Returns scan metadata immediately; full results (certificate, screenshot, etc.) are available once status is DONE. Scans in PENDING or RUNNING states return metadata only.
curl --request GET \
--url https://api.urldna.io/v1/scan/{scan_id} \
--header 'Authorization: <api-key>'{
"certificate": {
"authority_info_access": "<string>",
"authority_key_identifier": "<string>",
"basic_constraints": "<string>",
"certificate_policies": "<string>",
"ct_precert_scts": "<string>",
"extended_key_usage": "<string>",
"issuer": "<string>",
"key_usage": "<string>",
"not_after": "<string>",
"not_before": "<string>",
"serial_number": "<string>",
"subject": "<string>",
"subject_key_identifier": "<string>",
"version": 123
},
"console_messages": [
{
"text": "<string>",
"type": "<string>"
}
],
"cookies": [
{
"domain": "<string>",
"expiry": "<string>",
"http_only": true,
"name": "<string>",
"path": "<string>",
"secure": true,
"value": "<string>"
}
],
"dom": "<string>",
"favicon": {
"blob_uri": "<string>",
"format": "<string>",
"height": 123,
"mimetype": "<string>",
"name": "<string>",
"phash": "<string>",
"url": "<string>",
"width": 123
},
"http_transactions": [
{
"content_type": "<string>",
"ip": "<string>",
"method": "<string>",
"mimetypes": "<string>",
"size": 123,
"status_code": 123,
"url": "<string>"
}
],
"ip_address": {
"asn": "<string>",
"city": "<string>",
"country": "<string>",
"country_code": "<string>",
"ip": "<string>",
"isp": "<string>",
"latitude": 123,
"longitude": 123,
"org": "<string>",
"region": "<string>",
"timezone_gmt": "<string>",
"type": "<string>"
},
"classification": {
"verdict": "SAFE"
},
"page": {
"headers": {},
"meta_tags": {},
"outgoing_links": [
"<string>"
],
"ssdeep": "<string>",
"text": "<string>",
"title": "<string>"
},
"scan": {
"id": "<string>",
"submitted_url": "<string>",
"domain": "<string>",
"target_url": "<string>",
"protocol": "<string>",
"device": "DESKTOP",
"user_agent": "<string>",
"http_referer": "<string>",
"nsfw": true,
"scanned_from": "DEFAULT",
"origin": "API",
"width": 123,
"height": 123,
"private_scan": true,
"status": "PENDING",
"submitted_date": "2023-11-07T05:31:56Z",
"submitter_tags": [
"<string>"
],
"error_code": "<string>"
},
"scan_whois": {
"address": "<string>",
"country": "<string>",
"creation_date": "<string>",
"domain_name": "<string>",
"expiration_date": "<string>",
"name": "<string>",
"org": "<string>",
"registrant_postal_code": "<string>",
"registrar": "<string>",
"state": "<string>",
"updated_date": "<string>"
},
"screenshot": {
"blob_uri": "<string>",
"format": "<string>",
"height": 123,
"mimetype": "<string>",
"phash": "<string>",
"width": 123
},
"redirect_chains": {
"redirect_url": "<string>",
"status": "<string>",
"elapsed_time": 123
},
"technologies": [
{
"category": "<string>",
"name": "<string>",
"version": "<string>"
}
]
}Authorizations
Path Parameters
Unique scan identifier returned from scan submission.
Response
Scan results retrieved successfully.
Comprehensive scan results containing security analysis, network information, content extraction, and metadata.
SSL/TLS certificate information for the scanned domain.
Show child attributes
Show child attributes
URLs for accessing Certificate Authority services (OCSP responder and CA issuer locations).
Unique identifier for the issuing CA's public key, used for certificate chain validation.
Indicates CA status and maximum certificate chain depth allowed.
Certificate usage policies with references to policy documentation URLs.
Signed Certificate Timestamps (SCTs) from Certificate Transparency logs for public audit trail.
Permitted uses for the certificate (e.g., server authentication, code signing).
Distinguished Name (DN) of the Certificate Authority that issued this certificate.
Cryptographic operations permitted for this certificate's key pair (e.g., digital signature, key encipherment).
Certificate expiration timestamp after which the certificate is no longer valid.
Certificate validity start timestamp.
Unique serial number assigned by the issuing CA.
Distinguished Name (DN) of the entity for which the certificate was issued.
Unique identifier for the certificate's public key, facilitating key management.
X.509 certificate version number (typically 1, 2, or 3).
HTTP cookies set by the page and its resources.
Show child attributes
Show child attributes
Domain scope for which the cookie is valid.
Cookie expiration timestamp in UTC format.
When true, cookie is inaccessible to JavaScript, mitigating XSS attacks.
Cookie identifier name.
URL path scope within the domain where the cookie applies.
When true, cookie is transmitted only over HTTPS connections.
Cookie value data.
Complete HTML Document Object Model (DOM) of the rendered page.
Favicon metadata and perceptual hash for similarity matching.
Show child attributes
Show child attributes
Temporary URI for accessing the favicon image (30-minute TTL).
Detected image format (e.g., ico, png, svg).
Favicon height in pixels.
MIME type of the favicon (e.g., image/x-icon, image/png).
Favicon filename if available.
Perceptual hash (pHash) for identifying visually similar favicons across different scans.
Complete URL of the favicon resource.
Favicon width in pixels.
All HTTP requests and responses observed during page load.
Show child attributes
Show child attributes
Content-Type header value from the HTTP response (e.g., text/html, application/json).
IP address of the server that responded to the request.
HTTP method used for the request (GET, POST, HEAD, etc.).
MIME types associated with the response content.
Response body size in bytes.
HTTP status code returned (e.g., 200 for OK, 404 for Not Found, 301 for redirect).
Complete URL of the requested resource.
IP address and geolocation details of the hosting server.
Show child attributes
Show child attributes
Autonomous System Number (ASN) identifying the network operator.
City location of the IP address.
Country where the IP address is registered.
Two-letter ISO 3166-1 alpha-2 country code.
IP address being analyzed.
Internet Service Provider managing this IP address.
Approximate latitude coordinate of the IP location.
Approximate longitude coordinate of the IP location.
Organization that owns or manages the IP address.
State or region where the IP address is located.
Time zone offset in GMT format.
IP address classification (e.g., residential, corporate, cloud provider, hosting).
Classification assessment indicating potential malicious activity.
Show child attributes
Show child attributes
The final classification verdict. SAFE indicates that no threats were detected, while MALICIOUS indicates that the AI engine identified potentially harmful or suspicious content.
SAFE, MALICIOUS Extracted page content and metadata.
Show child attributes
Show child attributes
HTTP response headers returned by the server.
HTML meta tags extracted from the document head section.
Array of URLs linked from the scanned page, useful for mapping site structure.
SSDEEP fuzzy hash for detecting similar or modified page content.
Extracted plaintext content from the webpage, with HTML markup removed.
Page title extracted from the HTML
Scan configuration and processing metadata.
Show child attributes
Show child attributes
Unique auto-generated scan identifier.
Original URL submitted for scanning.
Extracted domain from the submitted URL.
Final destination URL after following all redirects.
Protocol used (HTTP or HTTPS).
Device type used for the scan simulation.
DESKTOP, MOBILE User agent string used to simulate the browser environment.
HTTP Referer header value indicating the originating page for the request.
Indicates whether the page contains Not Safe For Work (NSFW) content such as nudity or adult material.
Country code from which the scan was initiated. Available for PREMIUM users only.
DEFAULT, AU, BE, CA, CH, DE, ES, FR, GB, GR, HU, ID, IT, JP, MX, NL, PT, ZA, TR, US Indicates whether the scan was submitted programmatically via API or manually by a user.
API, USER Viewport width in pixels used during the scan.
Viewport height in pixels used during the scan.
When true, scan results are only accessible to the submitting user.
Current scan status. PENDING and RUNNING are transient states; DONE and ERROR are terminal states.
PENDING, RUNNING, DONE, ERROR ISO 8601 timestamp when the scan was submitted.
User-defined tags for organizing and categorizing scans.
Error code when scan status is ERROR, indicating the reason for failure.
Domain registration information from WHOIS records.
Show child attributes
Show child attributes
Registrant's physical address from WHOIS record.
Country of domain registration.
Date when the domain was initially registered.
Fully qualified domain name.
Date when the domain registration expires.
Registrant name from WHOIS record.
Organization name of the domain owner.
Postal code associated with the registrant address.
Domain registrar company through which the domain was registered.
State or province of domain registration.
Date when the WHOIS record was last modified.
Visual screenshot of the rendered webpage.
Show child attributes
Show child attributes
Temporary URI for accessing the screenshot image (30-minute TTL).
Image file format (png or jpeg).
Screenshot height in pixels.
MIME type of the screenshot image.
Perceptual hash (pHash) for detecting visually similar pages.
Screenshot width in pixels.
Complete redirect chain from submitted URL to final destination.
Web technologies detected on the page.