Modern approach to URL Intelligence - Expose threats, Empower trust
Welcome to the API documentation. This guide provides detailed information about each endpoint,
including required parameters, expected return values, and example usage in Python. Use this
documentation to integrate smoothly with our services and ensure correct implementation of requests and
responses. Currently, we provide two public (report_url and get_trusted_report) APIs for trusted
reporters and one API end-point (Internal report) for
administrators.
To receive a token for the APIs, you can use our contact form
or send email to 
.
🔗 API Endpoint
POST https://zapi.urlabuse.com/feed/report_url
Report a URL to URLAbuse.
Using this API, you can report malicious activity to URLAbuse. This API is only given to trusted third-parties who want to report URL to URLAbuse.
All the data received using this API is verified by URLAbuse team.
📥 Parameters
| # | Name | Mandatory | Default | Description |
|---|---|---|---|---|
| 1 | token |
Yes | — | Contact us for the token |
| 2 | url |
Yes | — | Malicious or suspicious URL |
| 3 | date_type |
Yes | — | one of the 'phishing', 'malware', 'hacked', 'bet' or 'scam' |
| 4 | target |
No | OTHER |
Target of the phishing or malware type (e.g., #pe32) or scam type |
| 5 | geofenced |
No | — |
two letter country code (e.g., US) to get the phishing or malare data |
| 6 | reporter |
No | anonymous |
Name of the reporter or your company (Maximum 30 characters) |
📤 Return Value
The API always returns a JSON structure as follows.
{
"success": true,
"code": 200,
"msg": "Reported successfully"
}
💻 Code Example (Python)
# Report a malicious activity to URLAbuse
import requests, json, sys
to_report_url = 'https://paypal-support.com/malicious_login.php'
url = "https://zapi.urlabuse.com/feed/report_url
data_type = 'phishing'
target = 'PayPal'
geofenced = 'US'
params = {"token": "YOUR-TOKEN-HERE", "target": target, "data_type": data_type,
"url": url, "geofenced": geofenced}
r = requests.get(url, params=params, timeout=10)
if r.status_code != 200:
print("Failed to get the result from service")
sys.exit(1)
result = json.loads(r.text)
print(result)
🔗 API Endpoint
POST https://urlabuse.com/get_trusted_report
Report a URL to URLAbuse.
Using this API, you can report malicious activity to URLAbuse. This API is only given to trusted third-parties who want to report URL to URLAbuse.
We don't manually verify the received data of this API. This API is only given to trusted third-parties
📥 Parameters
| # | Name | Mandatory | Default | Description |
|---|---|---|---|---|
| 1 | token |
Yes | — | Contact us for the token |
| 2 | url |
Yes | — | Malicious or suspicious URL |
| 3 | rtype |
Yes | — | one of the 'phishing', 'malware', 'hacked', 'bet' or 'scam' |
| 4 | target |
No | OTHER |
Target of the phishing or malware type (e.g., #pe32) or scam type |
| 5 | screenshot |
No | — |
base64-encoded of the JPG file (screenshot only phishing, bet, scam or hacked) |
| 6 | reporter |
No | anonymous |
Name of the reporter or your company (Maximum 30 characters) |
| 6 | is_public |
No | 1 (public) |
You can choose to report the data privately (0 private and 1 means public) |
📤 Return Value
The API always returns a JSON structure as follows.
{
"success": true,
}
💻 Code Example (Python)
# Report a malicious activity to URLAbuse
import requests
import json
import sys
import base64
# this is the URL we want to report
to_report_url = 'https://webmail.50-6-111-32.cprapid.com/security-chec/signin?verify_id=62054'
# this is the API URL
api_url = "https://urlabuse.com/get_trusted_report"
# we want to report a phishing attack
rtype = 'phishing'
# targeting AT&T
target = "AT&T"
# with screenshot already saved on our machine
screenshot = open("/temp/att_image.jpg", "rb").read()
screenshot = base64.b64encode(screenshot)
reporter = "SOURENA"
is_public = 0
params = {
"token": "YOUR-TOKEN-HERE",
"target": target, "rtype": rtype,
"url": to_report_url, "is_public": is_public,
"screenshot": screenshot, "reporter": reporter
}
r = requests.post(api_url, data=params, timeout=10)
if r.status_code != 200:
print("Failed to get the result from service")
sys.exit(1)
result = json.loads(r.text)
print(result)
🔗 API Endpoint
POST https://urlabuse.com/get_report_from_cti_data
Report a URL to URLAbuse from internal services.
This API is only available to adminstrators of the system.
The data comes from this API is already collected and verified by the internal system.
📥 Parameters
| # | Name | Mandatory | Default | Description |
|---|---|---|---|---|
| 1 | token |
Yes | — | You have the token if you have the token |
| 2 | cti_url |
Yes | — | Permanent URL of the internal system |
| 3 | rtype |
Yes | — | one of the 'phishing', 'malware', 'hacked', 'bet' or 'scam' |
| 4 | target |
No | OTHER |
Target of the phishing or malware type (e.g., #pe32) or scam type |
| 6 | is_public |
No | 1 (public) |
You can choose to report the data privately (0 private and 1 means public) |
📤 Return Value
The API always returns a JSON structure as follows.
{
"success": true,
}
💻 Code Example (Python)
If you are an admin, contact us and we will provide you the sample code.