🚀 Experience the new and improved APIVoid! Check out what's new
A JSON API to detect potentially malicious domains related to phishing, malware and fraudulent activities. Use this API to quickly check if a domain is blocklisted among 30+ blocklists, and which blocklist detects it.
Consumes 1 credit per API call
# Example Curl request from the command line:
curl -X POST "https://api.apivoid.com/v2/domain-reputation" \
-H "Content-Type: application/json" \
-H "X-API-Key: YOUR_API_KEY_HERE" \
-d '{"host": "google.com"}'
# Example JSON output for a 200 HTTP status code:
{
"host": "google.com",
"blacklists": {
"engines": {
"0": {
"name": "Phishing Test",
"detected": false,
"reference": "https://www.novirusthanks.org/",
"confidence": "low",
"elapsed_ms": 0
},
"1": {
"name": "Scam Test",
"detected": false,
"reference": "https://www.novirusthanks.org/",
"confidence": "low",
"elapsed_ms": 1
},
"2": {
"name": "Sinkholed Domain",
"detected": false,
"reference": "https://www.novirusthanks.org/",
"confidence": "low",
"elapsed_ms": 0
},
"3": {
"name": "Suspicious Hosting IP",
"detected": false,
"reference": "https://www.novirusthanks.org/",
"confidence": "low",
"elapsed_ms": 0
},
"4": {
"name": "urlQuery",
"detected": 0,
"reference": "https://urlquery.net/",
"confidence": "high",
"elapsed_ms": 392
},
"5": {
"name": "AntiSocial Blacklist",
"detected": false,
"reference": "https://theantisocialengineer.com/",
"confidence": "high",
"elapsed_ms": 0
},
"6": {
"name": "Artists Against 419",
"detected": false,
"reference": "http://wiki.aa419.org/index.php/Main_Page",
"confidence": "high",
"elapsed_ms": 0
},
"7": {
"name": "AZORult Tracker",
"detected": false,
"reference": "https://azorult-tracker.net/",
"confidence": "high",
"elapsed_ms": 0
},
"8": {
"name": "Badbitcoin",
"detected": false,
"reference": "https://badbitcoin.org/",
"confidence": "high",
"elapsed_ms": 0
},
"9": {
"name": "Bambenek Consulting",
"detected": false,
"reference": "https://www.bambenekconsulting.com/",
"confidence": "high",
"elapsed_ms": 0
},
"10": {
"name": "C_APT_ure",
"detected": false,
"reference": "http://c-apt-ure.blogspot.com/",
"confidence": "high",
"elapsed_ms": 0
},
"11": {
"name": "CERT Polska",
"detected": false,
"reference": "https://www.cert.pl/",
"confidence": "high",
"elapsed_ms": 0
},
"12": {
"name": "Chong Lua Dao",
"detected": false,
"reference": "https://chongluadao.vn/",
"confidence": "high",
"elapsed_ms": 0
},
"13": {
"name": "CoinBlockerLists",
"detected": false,
"reference": "https://gitlab.com/ZeroDot1/CoinBlockerLists/",
"confidence": "high",
"elapsed_ms": 0
},
"14": {
"name": "CRDF",
"detected": false,
"reference": "https://threatcenter.crdf.fr/check.html",
"confidence": "high",
"elapsed_ms": 0
},
"15": {
"name": "CryptoScamDB",
"detected": false,
"reference": "https://cryptoscamdb.org/",
"confidence": "high",
"elapsed_ms": 0
},
"16": {
"name": "CyberCrime",
"detected": false,
"reference": "https://cybercrime-tracker.net/",
"confidence": "high",
"elapsed_ms": 0
},
"17": {
"name": "EtherAddressLookup",
"detected": false,
"reference": "https://github.com/409H/EtherAddressLookup/",
"confidence": "high",
"elapsed_ms": 0
},
"18": {
"name": "EtherScamDB",
"detected": false,
"reference": "https://etherscamdb.info/",
"confidence": "high",
"elapsed_ms": 0
},
"19": {
"name": "Fake Website Buster",
"detected": false,
"reference": "https://fakewebsitebuster.com/",
"confidence": "high",
"elapsed_ms": 0
},
"20": {
"name": "MetaMask EthPhishing",
"detected": false,
"reference": "https://github.com/MetaMask/eth-phishing-detect/",
"confidence": "high",
"elapsed_ms": 0
},
"21": {
"name": "NABP Not Recommended Sites",
"detected": false,
"reference": "https://safe.pharmacy/buy-safely/",
"confidence": "high",
"elapsed_ms": 0
},
"22": {
"name": "OpenPhish",
"detected": false,
"reference": "https://openphish.com/",
"confidence": "high",
"elapsed_ms": 0
},
"23": {
"name": "PetScams",
"detected": false,
"reference": "https://petscams.com/",
"confidence": "high",
"elapsed_ms": 0
},
"24": {
"name": "PhishFort",
"detected": false,
"reference": "https://www.phishfort.com/",
"confidence": "high",
"elapsed_ms": 0
},
"25": {
"name": "Phishing.Database",
"detected": false,
"reference": "https://github.com/mitchellkrogza/Phishing.Database",
"confidence": "high",
"elapsed_ms": 0
},
"26": {
"name": "PhishFeed",
"detected": false,
"reference": "https://phishfeed.com/",
"confidence": "high",
"elapsed_ms": 0
},
"27": {
"name": "PhishStats",
"detected": false,
"reference": "https://phishstats.info/",
"confidence": "high",
"elapsed_ms": 0
},
"28": {
"name": "PhishTank",
"detected": false,
"reference": "https://www.phishtank.com/",
"confidence": "high",
"elapsed_ms": 0
},
"29": {
"name": "Phishunt",
"detected": false,
"reference": "https://phishunt.io/",
"confidence": "high",
"elapsed_ms": 0
},
"30": {
"name": "RPiList Not Serious",
"detected": false,
"reference": "https://github.com/RPiList/specials",
"confidence": "high",
"elapsed_ms": 0
},
"31": {
"name": "Scam.Directory",
"detected": false,
"reference": "https://scam.directory/",
"confidence": "high",
"elapsed_ms": 0
},
"32": {
"name": "SecureReload Phishing List",
"detected": false,
"reference": "https://securereload.tech/",
"confidence": "high",
"elapsed_ms": 0
},
"33": {
"name": "Spam404",
"detected": false,
"reference": "https://www.spam404.com/",
"confidence": "high",
"elapsed_ms": 0
},
"34": {
"name": "StopGunScams",
"detected": false,
"reference": "https://stopgunscams.com/",
"confidence": "high",
"elapsed_ms": 0
},
"35": {
"name": "ThreatFox",
"detected": false,
"reference": "https://threatfox.abuse.ch/",
"confidence": "high",
"elapsed_ms": 0
},
"36": {
"name": "ThreatLog",
"detected": false,
"reference": "https://www.threatlog.com/",
"confidence": "high",
"elapsed_ms": 0
},
"37": {
"name": "Threat Sourcing",
"detected": false,
"reference": "https://www.threatsourcing.com/",
"confidence": "high",
"elapsed_ms": 0
},
"38": {
"name": "TweetFeed",
"detected": false,
"reference": "https://github.com/0xDanielLopez/TweetFeed",
"confidence": "high",
"elapsed_ms": 0
},
"39": {
"name": "URLhaus",
"detected": false,
"reference": "https://urlhaus.abuse.ch/",
"confidence": "high",
"elapsed_ms": 0
},
"40": {
"name": "ViriBack C2 Tracker",
"detected": false,
"reference": "http://tracker.viriback.com/",
"confidence": "high",
"elapsed_ms": 0
},
"41": {
"name": "VXVault",
"detected": false,
"reference": "http://vxvault.net/",
"confidence": "high",
"elapsed_ms": 0
}
},
"detections": 0,
"engines_count": 42,
"detection_rate": "0%",
"scan_time_ms": 397
},
"server_details": {
"ip": "142.250.9.101",
"reverse_dns": "yq-in-f101.1e100.net",
"continent_code": "NA",
"continent_name": "North America",
"country_code": "US",
"country_name": "United States of America",
"region_name": "California",
"city_name": "Mountain View",
"latitude": 37.405992,
"longitude": -122.078515,
"isp": "Google LLC",
"asn": "AS15169"
},
"category": {
"is_free_hosting": false,
"is_anonymizer": false,
"is_url_shortener": false,
"is_free_dynamic_dns": false,
"is_code_sandbox": false,
"is_form_builder": false,
"is_free_file_sharing": false,
"is_pastebin": false
},
"security_checks": {
"is_most_abused_tld": false,
"is_domain_ipv4_assigned": true,
"is_domain_ipv4_private": false,
"is_domain_ipv4_loopback": false,
"is_domain_ipv4_reserved": false,
"is_domain_ipv4_valid": true,
"is_domain_blacklisted": false,
"is_uncommon_host_length": false,
"is_uncommon_dash_char_count": false,
"is_uncommon_dot_char_count": false,
"website_popularity": "high",
"is_uncommon_clickable_domain": false,
"is_risky_category": false
},
"risk_score": {
"result": 0
},
"elapsed_ms": 501
}Checking reputation...
Checking reputation...
Checking reputation...
Checking reputation...
Checking reputation...
Checking reputation...
Checking reputation...
Key Features
Businesses use this Domain Reputation API to check if a domain is blocklisted and by which blocklist service, if the domain is related to risky categories (URL shorteners, free hosting, etc).
We support 30+ domain blocklist services, including some of our in-house phishing detection engines.
Identify risky categories like URL shorteners (e.g bit.ly), dynamic DNS (e.g hopto.org), pastebin.
Based on blocklist scan report and other smart security checks, the API provides a domain risk score.
Find out which blocklist service(s) detect your domain name, this can help to fix eventual false positives.
Common Use Cases
Our API can be used in many ways, from cybersecurity tasks to other business-specific tasks. Here we showcase the most popular use cases according to our customers usage:
Using a SIEM platform? Add context to security incidents, convert events into valuable insights.
If you have some indicators of compromise (IoC) of a domain, you can verify them with our API.
Whether you need to get domain reputation, phishing detection or risk score, our API has it all.
Before allowing a customer, supplier or user to register, you can verify the safety of the domain name.
USAGE EXAMPLE
All it takes is a HTTPS POST request with JSON payload to our endpoint, and you’ll receive the response within seconds, usually within 1-3 seconds. Here are a few code examples to use the API:
$domain = 'google.com';
$apiUrl = 'https://api.apivoid.com/v2/domain-reputation';
$apiKey = 'your_api_key_here';
$ch = curl_init($apiUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json', 'X-API-Key: ' . $apiKey]);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode(['host' => $domain]));
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($httpCode === 200) {
$responseData = json_decode($response, true);
print_r($responseData);
// Block domain if it is detected by 1 or more blacklists
if (($responseData['blacklists']['detections'] ?? 0) >= 1) {
echo "The domain is detect by " . intval($responseData['blacklists']['detections']) . " blacklists.";
exit;
}
// Block domain if it has a risky TLD
if ($responseData['security_checks']['is_most_abused_tld'] ?? false) {
echo "Domains with a risky TLD (e.g .top or .xyz) are banned.";
exit;
}
// Block URL shortening domains such as bit.ly
if ($responseData['category']['is_url_shortener'] ?? false) {
echo "URL shortening domains are banned.";
exit;
}
}Create your account, pick a subscription plan, and make your first API call instantly with your API key—simple as that!
Get started now