1. Home
  2. Knowledge Base
  3. Platform Integrations
  4. APIs
  5. Phishing and Fraudulent Site Detection API

Phishing and Fraudulent Site Detection API

The Bolster Scan API can detect the following scams and threat categories in real-time:

  • Zero-Day Phishing
  • Tech Support Scams
  • Gift Card Scams
  • Survey Scams
  • Adult Websites
  • Drug Pharmacy (Drug Spam) Websites
  • Illegal/Rogue Streaming Sites
  • Gambling Websites
  • Hacked Websites
  • Cryptojacking / Cryptomining

Use the Scan API to submit the URLs you would like to have scanned. You can submit for a quick scan or full scan. Your Bolster enterprise license determines the limit on the number of scan requests you can submit.

Before You Start: Locate Your API Key

You will need to provide your Bolster API key to submit URLs for scan requests.

  1. Click the user dropdown on the right.

2. Click Profile Information.

3. Copy the API key displayed in your profile screen.

How to Use the Scan API

To use the Scan API, you complete the following steps:

  1. Submit the URL you want to scan.
  2. Query the results of the scan when complete.

Submitting a URL for Scanning

Your scan request requires the following information:

  • Endpoint: /neo/scan/
  • API host: https://developers.bolster.ai/api
  • your Bolster API key

For a quick scan, submit the following request:

curl -X POST --header 'Content-Type: application/json' -d  '{"apiKey": "<api_key>", "urlInfo": {"url": "<url_to_scan/"}, "scanType": "quick"}'}' https://developers.bolster.ai/api/neo/scan

For a full scan, submit the following request:

curl -X POST --header 'Content-Type: application/json' -d  '{"apiKey": "<api_key>", "urlInfo": {"url": "<url_to_scan/"}, "scanType": "full"}'}' https://developers.bolster.ai/api/neo/scan

Examples

curl -X POST --header 'Content-Type: application/json' -d  '{"apiKey": "1f207653ec034ab9f04fbdd8e09fa7879205b4c85addeaa299da326167cc00a1", "urlInfo": {"url": "http://webidlogin101997.5gbfree.com/"}, "scanType": "quick"}' https://developers.bolster.ai/api/neo/scan
curl -X POST --header 'Content-Type: application/json' -d  '{"apiKey": "1f207653ec034ab9f04fbdd8e09fa7879205b4c85addeaa299da326167cc00a1", "urlInfo": {"url": "http://webidlogin101997.5gbfree.com/"}, "scanType": "full"}' https://developers.bolster.ai/api/neo/scan

Response

The scan request will return a job ID and timestamp in JSON format:

{"jobID":"ca1b827b-1f14-4e74-a242-ed17cc1808b0","timestamp":1538090611675}
                    

Querying the Scan Results

Submit the following request to query your scan results:

curl -X POST --header 'Content-Type: application/json' -d '{"apiKey": "<apiKey>", "jobID": "<jobID>", "insights": true}' https://developers.bolster.ai/api/neo/scan/status                    

where <jobID > is the ID returned by your scan request.

Example

curl -X POST --header 'Content-Type: application/json' -d '{"apiKey": "1f207653ec034ab9f04fbdd8e09fa7879205b4c85addeaa299da326167cc00a1", "jobID": "ca1b827b-1f14-4e74-a242-ed17cc1808b0", "insights": true}' https://developers.bolster.ai/api/neo/scan/status                    

Response

Results will be returned in JSON format. The insightsscreenshot_path and resolved fields are returned when “insights”: true is included in the query.

{"job_id":"ca1b827b-1f14-4e74-a242-ed17cc1808b0","status":"DONE","url":"http://webidlogin101997.5gbfree.com/","url_sha256":"a395e2130500750d34703f66c62c50ce99be0c7272b6763f6508c6bd473f1d74","disposition":"phish","brand":"paypal","insights":"https://checkphish.ai/insights/url/1528247234149/a395e2130500750d34703f66c62c50ce99be0c7272b6763f6508c6bd473f1d74","resolved":true,"screenshot_path":"https://storage.googleapis.com/rm-prod-screenshots/images/20180606/a395e2130500750d34703f66c62c50ce99be0c7272b6763f6508c6bd473f1d74.png","scan_start_ts":1654129884891,"scan_end_ts":1654129887641,"categories":[{"score":1,"threshold":0.9,"category":"sensitive_data"}]}

The response includes the following information in JSON format:

  • jobID: jobID of the scan
  • status:  Status of whether the job has completed. Returns DONE when completed
  • url: URL submitted for scanning
  • url_sha256: SHA256 of the url submitted for scanning
  • brand: Brand being targeted by the URL
  • insights: insights link
  • resolvedTrue if the URL resolved. Else False
  • screenshot_path: storage location of the screenshot for the scan
  • disposition: the list of dispositions can be found below
  • scan_start_ts: Unix Timestamp of when the scan the triggered
  • scan_end_ts: Unix Timestamp of when the scan ended
  • categories: List of categories from our webpage category detection model

List of Dispositions

Disposition descriptionDisposition identifier returned in response
Phishing Websitesphish
Gift Card Scams/ Survey Scams/Tech support scamsscam
Adult websitseadult
Drug Spam/Drug Pharmacy Sitesdrug_spam
Gambling websitesgambling
Suspicious websitessuspicious
Likely Phish websiteslikely_phish
Cryptomining/Cryptojackingcryptojacking
Illegal Streaming website websitesstreaming
Hacked/Defaced websiteshacked_website
Mortgage Refinance Scammortgage
Clean Websitesclean

List of Categories

See Intent Detection – Categories.

API Rate Limiting

Scan API requests are restricted to the rate specified by your Bolster enterprise license. If requests exceed this rate, the caller will receive the following error:

{"error": {"status_code": 429,"status": "Request rate limit exceeded. Please try again later"}}

Updated on May 3, 2023

Was this article helpful?

Related Articles