Open URL abuse blacklist feed

Different formats of the list

Here is the list of possible formats to download the list

How to use the API

This page describes the procedure of using the API endpoint to submit a report to urlabuse.com. Using our API, you are able to submit both confirmed and unconfirmed URLs to our system for all three types of malware, phishing and hacked websites. However, the API endpoint must be used very carefully as it can directly insert records to the verified list. This means if you are not sure about a URL (if it's phishing or not), you should not send it as confirmed.

Unfortunately, because of the huge amount of false-positives submitted through the API endpoint to our system, we decided to give the API token only to individuals (or companies) we trust. So if you want to have access to the API, do not hesitate to fill the contact form and contact us.

The API can accept all three types of malicious activity: 1) malware, 2) phishing and 3) hacked websites. However, if you have a malware delivery link, feel free to submit it to urlhaus.abuse.ch platform. We also submit all the malware delivery links to that platform. The reason is simple: abuse.ch has been designed by the owner to work with malware and malware delivery links. Everything there is free of charge with a CC0 license. WE DON'T WANT TO REINVENT THE WHEEL!

Here is the description of the API

API endpoint: https://urlabuse.com/api_report (POST)

Here is the list of parameters

# Name Required? Type Description
1 token YES STRING You must contact us for the token
2 url YES STRING URL to submit. Must start with 'http://' or 'https://'
3 rtype YES STRING One of the 'phishing', 'malware' or 'hacked'
4 reporter NO STRING Your Twitter ID (without '@' char)
5 target NO STRING Target of the attack for phishing. You can specify malware name for rtype of malware
6 confirmed YES INTEGER either 0 or 1 (1 means you already confirmed the URL as malicious and 0 means you are not sure).

The response from the API is always in JSON format. In case of failure, there is a 'msg' field in the response that describes the error.

If it's still not clear how to use the API, you can contact us and we will help you.