Phishing and Fraudulent Site Detection APIs

Let's get started with Phishing Detection APIs

Scan API can detect following scams and categories in real-time.

• Zero-Day Phishing
• Tech Support Scams
• Gift Card Scams
• Survey Scams
• Adult Websites
• Drug Pharmacy (Drug Spam) Websites
• Illegal/Rogue Streaming Sites
• Gambling Websites
• Hacked Websites
• Cryptojacking / Cryptomining

We also support custom integrations and detection of other categories that are not listed above. Please Contact Us for more details

Request Your Free API Key

Try out Phishing Detection APIs for free. 250 scans per month are completely free. No credit card required. Sign up for your API key here

How to Use APIs

1. Submit URL for Scan Requests to /neo/scan/ endpoint. Your api host will be:

For Bolster Platform users: https://developers.bolster.ai/api

For CheckPhish users: https://developers.checkphish.ai/api

There are two ways to do a scan

Quick Scan

curl -X POST --header 'Content-Type: application/json' -d  '{"apiKey": "1f207653ec034ab9f04fbdd8e09fa7879205b4c85addeaa299da326167cc00a1", "urlInfo": {"url": "http://webidlogin101997.5gbfree.com/"}}' https://developers.bolster.ai/api/neo/scan

or

curl -X POST --header 'Content-Type: application/json' -d  '{"apiKey": "1f207653ec034ab9f04fbdd8e09fa7879205b4c85addeaa299da326167cc00a1", "urlInfo": {"url": "http://webidlogin101997.5gbfree.com/"}, "scanType": "quick"}' https://developers.bolster.ai/api/neo/scan

Full Scan

curl -X POST --header 'Content-Type: application/json' -d  '{"apiKey": "1f207653ec034ab9f04fbdd8e09fa7879205b4c85addeaa299da326167cc00a1", "urlInfo": {"url": "http://webidlogin101997.5gbfree.com/"}, "scanType": "full"}' https://developers.bolster.ai/api/neo/scan

The scan request will return job id and timestamp in JSON format

{"jobID":"ca1b827b-1f14-4e74-a242-ed17cc1808b0","timestamp":1538090611675}
                    

2. Next step is to get API results by query /neo/scan/status endpoint by using Job ID, API Key and insights (optional)

curl -X POST --header 'Content-Type: application/json' -d '{"apiKey": "1f207653ec034ab9f04fbdd8e09fa7879205b4c85addeaa299da326167cc00a1", "jobID": "ca1b827b-1f14-4e74-a242-ed17cc1808b0", "insights": true}' https://developers.bolster.ai/api/neo/scan/status                    

results will be returned back in JSON format. The insights, screenshot_path and resolved fields are returned when "insights": true in the query.

{"job_id":"ca1b827b-1f14-4e74-a242-ed17cc1808b0","status":"DONE","url":"http://webidlogin101997.5gbfree.com/","url_sha256":"a395e2130500750d34703f66c62c50ce99be0c7272b6763f6508c6bd473f1d74","disposition":"phish","brand":"paypal","insights":"https://checkphish.ai/insights/url/1528247234149/a395e2130500750d34703f66c62c50ce99be0c7272b6763f6508c6bd473f1d74","resolved":true,"screenshot_path":"https://storage.googleapis.com/rm-prod-screenshots/images/20180606/a395e2130500750d34703f66c62c50ce99be0c7272b6763f6508c6bd473f1d74.png"}

Response explained:

This should return the following response in a JSON format with

1. jobID: jobID of the scan
2. status:  Status of whether the job has completed. Returns DONE when completed
3. url: URL submitted for scanning
4. url_sha256: SHA256 of the url submitted for scanning
5. brand: Brand being targeted by the URL
6. insights: insights link
7. resolved: True if the URL resolved. Else False
8. screenshot_path: storage location of the screenshot for the scan
9. disposition: the list of dispositions can be found below

List of Dispositions

API Rate Limiting

All API requests are restricted to 20 requests per minute (1 every 3 seconds). If requests exceed this rate, the caller will receive the following error:

{"error": {"status_code": 429,"status": "Request rate limit exceeded. Please try again later"}}