Check URL format, local domain blacklist matches, suspicious parameters, and phishing-like patterns.
/api/v1
First stable version for local URL security checks.
/api/v1/url-security/check
Auth Required
Checks whether the URL format is valid, whether the domain matches a local blacklist, whether query parameters look suspicious, and whether phishing-like URL patterns are present.
X-Api-Key: your_api_key| Name | Type | Required | Example | Description |
|---|---|---|---|---|
url |
string | required | https://example.com/products?id=123 |
Absolute HTTP or HTTPS URL to check. |
POST /api/v1/url-security/check
Content-Type: application/json
X-Api-Key: your_api_key
{
"url": "https://example.com/products?id=123"
}{
"success": true,
"message": "URL security checked successfully.",
"data": {
"analyzed_url": "https://example.com/products?id=123",
"domain": "example.com",
"scheme": "https",
"risk_score": 0,
"risk_level": "safe",
"is_potentially_unsafe": false,
"checks": {
"is_valid_format": true,
"uses_https": true,
"is_blacklisted_domain": false,
"has_suspicious_parameters": false,
"has_phishing_pattern": false
},
"blacklist": {
"is_blacklisted": false,
"matched_domain": null
},
"suspicious_parameters": [],
"phishing_patterns": [],
"findings": [],
"note": "This endpoint performs local heuristic checks only. It does not crawl the URL or query external threat-intelligence feeds."
}
}{
"success": false,
"message": "The url field is required.",
"error_code": "VALIDATION_ERROR"
}