Scan a target's open ports, in one call.
Pass a target. Get back the open ports detected, the service banners observed, and basic protocol fingerprinting. Useful for service-exposure validation and ASM workflows.
Service-exposure detection, against a single target.
The Port Scan API runs an on-demand scan against a target host and returns the open ports detected along with the service banners observed and basic protocol fingerprinting. The scan operates from Deepinfo's distributed probe network.
Pass the target as a domain or IP. Use timeout to bound how long the scan runs; use proxy to route the probe through a different region.
This API is the right input for ASM verification, vendor-exposure validation, and any workflow that needs to confirm what services a target is currently exposing.
POST a target, get an open-port report back.
Endpoint:
POST https://api.deepinfo.com/v1/lookup/port-scanRequest body is a JSON object with the parameters below.
Body parameters:
Authentication is by API token in the request header. See docs.deepinfo.com for the full request reference.
See what the API returns.
Real response structure for the Scan a target's open ports, in one call endpoint. Field coverage may vary based on query parameters and data availability.
{
"target": "deepinfo.com",
"resolved_ip": "203.0.113.42",
"check_date": "2026-05-02T08:30:11Z",
"open_ports": [
{"port": 22, "protocol": "tcp", "service": "ssh", "banner": "SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5"},
{"port": 80, "protocol": "tcp", "service": "http", "banner": "HTTP/1.1 301 Moved Permanently
Server: nginx"},
{"port": 443, "protocol": "tcp", "service": "https", "banner": "TLS 1.3, ECDHE-RSA-AES256-GCM-SHA384"}
],
"scan_status": "complete"
}Sample response shown. Real responses depend on query parameters, data availability, and API version. Talk to us for full schema documentation.
Workflows this API plugs into directly.
Attack Surface Management
Validate exposed services across your asset inventory on demand.
Read the use caseThird-Party Risk Management
Verify vendor exposure claims with live port-scan evidence.
Read the use caseIncident Investigation and Response
Confirm current service exposure on a target during incident scoping.
Read the use case“On-demand port scans in our exposure-validation workflow give us the live state our customers expect during ASM reviews. Service banners and protocol fingerprinting in the same call cut the validation step we used to do separately.”
Other lookup APIs.
Current Whois state for any domain, in one call.
The Whois Lookup API returns the registration record for a domain right now: registrar, dates, registrant, name servers, and status codes.
See API APICurrent IP allocation state, in one call.
Pass an IP address.
See API APICurrent DNS state for an FQDN, in one call.
Pass an FQDN and one or more record types.
See API APICurrent TLS state for a host, in one call.
Pass a domain or IP.
See API APIFind every domain on an MX record.
Pass an MX record value.
See API APIFind every domain on a name server.
Pass a name server hostname.
See API APIFind every domain on an IP.
Pass an IP address or CIDR.
See API APICapture a target page as the user sees it.
Pass a URL.
See API APIDetect the technology stack of a target, in one call.
Pass a URL.
See API APILive web-page data for a target, in one call.
Pass a URL.
See APIRun a sample scan, or schedule continuous validation.
We'll set up token access and answer schema questions on a call.