The Bolster Scan API can detect the following scams and threat categories in real-time:
- Zero-Day Phishing
- Tech Support Scams
- Gift Card Scams
- Survey Scams
- Adult Websites
- Drug Pharmacy (Drug Spam) Websites
- Illegal/Rogue Streaming Sites
- Gambling Websites
- Hacked Websites
- Cryptojacking / Cryptomining
Use the Scan API to submit the URLs you would like to have scanned. You can submit for a quick scan or full scan. Your Bolster enterprise license determines the limit on the number of scan requests you can submit.
Before You Start: Locate Your API Key
You will need to provide your Bolster API key to submit URLs for scan requests.
- Click the user dropdown on the right.
2. Click Profile Information.
3. Copy the API key displayed in your profile screen.
How to Use the Scan API
To use the Scan API, you complete the following steps:
- Submit the URL you want to scan.
- Query the results of the scan when complete.
Submitting a URL for Scanning
Your scan request requires the following information:
- Endpoint:
/neo/scan/ - API host:
https://developers.bolster.ai/api - your Bolster API key
For a quick scan, submit the following request:
curl -X POST --header 'Content-Type: application/json' -d '{"apiKey": "<api_key>", "urlInfo": {"url": "<url_to_scan/"}, "scanType": "quick"}'}' https://developers.bolster.ai/api/neo/scanFor a full scan, submit the following request:
curl -X POST --header 'Content-Type: application/json' -d '{"apiKey": "<api_key>", "urlInfo": {"url": "<url_to_scan/"}, "scanType": "full"}'}' https://developers.bolster.ai/api/neo/scanExamples
curl -X POST --header 'Content-Type: application/json' -d '{"apiKey": "1f207653ec034ab9f04fbdd8e09fa7879205b4c85addeaa299da326167cc00a1", "urlInfo": {"url": "http://webidlogin101997.5gbfree.com/"}, "scanType": "quick"}' https://developers.bolster.ai/api/neo/scancurl -X POST --header 'Content-Type: application/json' -d '{"apiKey": "1f207653ec034ab9f04fbdd8e09fa7879205b4c85addeaa299da326167cc00a1", "urlInfo": {"url": "http://webidlogin101997.5gbfree.com/"}, "scanType": "full"}' https://developers.bolster.ai/api/neo/scanResponse
The scan request will return a job ID and timestamp in JSON format:
{"jobID":"ca1b827b-1f14-4e74-a242-ed17cc1808b0","timestamp":1538090611675}
Querying the Scan Results
Submit the following request to query your scan results:
curl -X POST --header 'Content-Type: application/json' -d '{"apiKey": "<apiKey>", "jobID": "<jobID>", "insights": true}' https://developers.bolster.ai/api/neo/scan/status where <jobID > is the ID returned by your scan request.
Example
curl -X POST --header 'Content-Type: application/json' -d '{"apiKey": "1f207653ec034ab9f04fbdd8e09fa7879205b4c85addeaa299da326167cc00a1", "jobID": "ca1b827b-1f14-4e74-a242-ed17cc1808b0", "insights": true}' https://developers.bolster.ai/api/neo/scan/status Response
Results will be returned in JSON format. The insights, screenshot_path and resolved fields are returned when “insights”: true is included in the query.
{"job_id":"ca1b827b-1f14-4e74-a242-ed17cc1808b0","status":"DONE","url":"http://webidlogin101997.5gbfree.com/","url_sha256":"a395e2130500750d34703f66c62c50ce99be0c7272b6763f6508c6bd473f1d74","disposition":"phish","brand":"paypal","insights":"https://checkphish.ai/insights/url/1528247234149/a395e2130500750d34703f66c62c50ce99be0c7272b6763f6508c6bd473f1d74","resolved":true,"screenshot_path":"https://storage.googleapis.com/rm-prod-screenshots/images/20180606/a395e2130500750d34703f66c62c50ce99be0c7272b6763f6508c6bd473f1d74.png","scan_start_ts":1654129884891,"scan_end_ts":1654129887641,"categories":[{"score":1,"threshold":0.9,"category":"sensitive_data"}]}The response includes the following information in JSON format:
- jobID: jobID of the scan
- status: Status of whether the job has completed. Returns DONE when completed
- url: URL submitted for scanning
- url_sha256: SHA256 of the url submitted for scanning
- brand: Brand being targeted by the URL
- insights: insights link
- resolved: True if the URL resolved. Else False
- screenshot_path: storage location of the screenshot for the scan
- disposition: the list of dispositions can be found below
- scan_start_ts: Unix Timestamp of when the scan the triggered
- scan_end_ts: Unix Timestamp of when the scan ended
- categories: List of categories from our webpage category detection model
List of Dispositions
| Disposition description | Disposition identifier returned in response |
|---|---|
| Phishing Websites | phish |
| Gift Card Scams/ Survey Scams/Tech support scams | scam |
| Adult websitse | adult |
| Drug Spam/Drug Pharmacy Sites | drug_spam |
| Gambling websites | gambling |
| Suspicious websites | suspicious |
| Likely Phish websites | likely_phish |
| Cryptomining/Cryptojacking | cryptojacking |
| Illegal Streaming website websites | streaming |
| Hacked/Defaced websites | hacked_website |
| Mortgage Refinance Scam | mortgage |
| Clean Websites | clean |
List of Categories
See Intent Detection – Categories.
API Rate Limiting
Scan API requests are restricted to the rate specified by your Bolster enterprise license. If requests exceed this rate, the caller will receive the following error:
{"error": {"status_code": 429,"status": "Request rate limit exceeded. Please try again later"}}