Modern approach to URL Intelligence - Expose threats, Empower trust

Welcome to the API documentation. This guide provides detailed information about each endpoint, including required parameters, expected return values, and example usage in Python. Use this documentation to integrate smoothly with our services and ensure correct implementation of requests and responses. Currently, we provide two public (report_url and get_trusted_report) APIs for trusted reporters and one API end-point (Internal report) for administrators. To receive a token for the APIs, you can use our contact form or send email to contact email.

🔗 API Endpoint

POST https://zapi.urlabuse.com/feed/report_url

Report a URL to URLAbuse.

Using this API, you can report malicious activity to URLAbuse. This API is only given to trusted third-parties who want to report URL to URLAbuse.

All the data received using this API is verified by URLAbuse team.

📥 Parameters

# Name Mandatory Default Description
1 token Yes — Contact us for the token
2 url Yes — Malicious or suspicious URL
3 date_type Yes — one of the 'phishing', 'malware', 'hacked', 'bet' or 'scam'
4 target No OTHER Target of the phishing or malware type (e.g., #pe32) or scam type
5 geofenced No — two letter country code (e.g., US) to get the phishing or malare data
6 reporter No anonymous Name of the reporter or your company (Maximum 30 characters)

📤 Return Value

The API always returns a JSON structure as follows.


{
    "success": true,
    "code": 200,
    "msg": "Reported successfully"
}
        

💻 Code Example (Python)


# Report a malicious activity to URLAbuse
import requests, json, sys
to_report_url = 'https://paypal-support.com/malicious_login.php'
url = "https://zapi.urlabuse.com/feed/report_url
data_type = 'phishing'
target = 'PayPal'
geofenced = 'US'
params = {"token": "YOUR-TOKEN-HERE", "target": target, "data_type": data_type,
            "url": url, "geofenced": geofenced}
r = requests.get(url, params=params, timeout=10)
if r.status_code != 200:
    print("Failed to get the result from service")
    sys.exit(1)
result = json.loads(r.text)
print(result)
                    

🔗 API Endpoint

POST https://zapi.urlabuse.com/get_trusted_report

Report a URL to URLAbuse.

Using this API, you can report malicious activity to URLAbuse. This API is only given to trusted third-parties who want to report URL to URLAbuse.

We don't manually verify the received data of this API. This API is only given to trusted third-parties

📥 Parameters

# Name Mandatory Default Description
1 token Yes — Contact us for the token
2 url Yes — Malicious or suspicious URL
3 rtype Yes — one of the 'phishing', 'malware', 'hacked', 'bet' or 'scam'
4 target No OTHER Target of the phishing or malware type (e.g., #pe32) or scam type
5 screenshot No — base64-encoded of the JPG file (screenshot only phishing, bet, scam or hacked)
6 reporter No anonymous Name of the reporter or your company (Maximum 30 characters)
6 is_public No 1 (public) You can choose to report the data privately (0 private and 1 means public)

📤 Return Value

The API always returns a JSON structure as follows.


{
    "success": true,
}
    

💻 Code Example (Python)


# Report a malicious activity to URLAbuse
import requests
import json
import sys
import base64

# this is the URL we want to report
to_report_url = 'https://webmail.50-6-111-32.cprapid.com/security-chec/signin?verify_id=62054'

# this is the API URL
api_url = "https://urlabuse.com/get_trusted_report"

# we want to report a phishing attack
rtype = 'phishing'

# targeting AT&T
target = "AT&T"

# with screenshot already saved on our machine
screenshot = open("/temp/att_image.jpg", "rb").read()
screenshot = base64.b64encode(screenshot)

reporter = "SOURENA"
is_public = 0
params = {
    "token": "YOUR-TOKEN-HERE",
    "target": target, "rtype": rtype,
    "url": to_report_url, "is_public": is_public,
    "screenshot": screenshot, "reporter": reporter
}
r = requests.post(api_url, data=params, timeout=10)
if r.status_code != 200:
    print("Failed to get the result from service")
    sys.exit(1)
result = json.loads(r.text)
print(result)
                

🔗 API Endpoint

POST https://urlabuse.com/get_report_from_cti_data

Report a URL to URLAbuse from internal services.

This API is only available to adminstrators of the system.

The data comes from this API is already collected and verified by the internal system.

📥 Parameters

# Name Mandatory Default Description
1 token Yes — You have the token if you have the token
2 cti_url Yes — Permanent URL of the internal system
3 rtype Yes — one of the 'phishing', 'malware', 'hacked', 'bet' or 'scam'
4 target No OTHER Target of the phishing or malware type (e.g., #pe32) or scam type
6 is_public No 1 (public) You can choose to report the data privately (0 private and 1 means public)

📤 Return Value

The API always returns a JSON structure as follows.


{
"success": true,
}

💻 Code Example (Python)


If you are an admin, contact us and we will provide you the sample code.