Search by Keyword

post

https://api.hudsonrock.com/json/v3/search-by-keyword

Search for domains based on keywords.

Recent Requests

Time	Status	User Agent
Retrieving recent requests…

Loading…

Body Params

keywords

array of strings

required

length between 1 and 10

List of keywords to search for in URLs and domains. Useful for discovering compromises related to specific services (e.g., ['vpn', 'admin', 'portal']). Case-insensitive matching. Between 1-10 keywords required per request.

keywords*

min_employees_compromised

number

≥ 0

Minimum number of compromised employees required for results. Useful for filtering out domains with low compromise counts and focusing on significant breaches. Set to 0 to include all results regardless of count.

max_employees_compromised

number

≥ 0

Maximum number of compromised employees for results. Useful for excluding extremely large breaches or focusing on organizations of specific sizes. Set to 0 to remove upper limit.

min_users_compromised

number

≥ 0

Minimum number of compromised users (non-employees) required for results. Helps identify services with significant user impact. Set to 0 to include all results regardless of count.

max_users_compromised

number

≥ 0

Maximum number of compromised users (non-employees) for results. Helps focus on services with specific user impact ranges. Set to 0 to remove upper limit.

last_employee_compromised

date-time

ISO 8601 formatted timestamp (YYYY-MM-DDThh:mm:ssZ) to filter for domains with employee compromises after this date. Useful for monitoring recent corporate breaches and active campaigns.

last_user_compromised

date-time

ISO 8601 formatted timestamp (YYYY-MM-DDThh:mm:ssZ) to filter for domains with user compromises after this date. Useful for monitoring recent consumer-facing breaches and active campaigns.

last_employee_uploaded

date-time

ISO 8601 formatted timestamp (YYYY-MM-DDThh:mm:ssZ) to filter for domains with employee data uploaded after this date. Reflects when the data became available in our system rather than infection time.

last_user_uploaded

date-time

ISO 8601 formatted timestamp (YYYY-MM-DDThh:mm:ssZ) to filter for domains with user data uploaded after this date. Reflects when the data became available in our system rather than infection time.

cursor

string

Base64 encoded pagination cursor for retrieving the next set of results. Obtained from the 'nextCursor' field in the previous response. Enables efficient pagination through large result sets without data loss.

Responses

Language

Credentials

Header

Loading…

Response

Click Try It! to start a request and see the response here! Or choose an example:

application/json

200Successful keyword search

400Validation error - the request or request body was invalid

401Unauthorized - the server could not authenticate the request

403Forbidden - the server authenticated the request but refuses to process it because of insufficient permissions

404Not found - the server could not find the requested resource

408Timeout - the server timed out while waiting for a response (90 seconds)

429Rate limit exceeded - the server has received too many requests in a short period of time

500Internal server error - the server encountered an unexpected condition that prevented it from fulfilling the request