API Documentation
Integrate PhiShark URL scanning into your applications
Overview
PhiShark provides a simple REST API to check URLs for phishing threats. The API returns a probability score indicating how likely a URL is to be malicious.
Authentication
Currently, the API is free to use with rate limiting (10 requests per minute per IP). No authentication required for basic usage.
Check URL
Request
{
"url": "https://example.com",
"private_mode": false
}Private Scan
{
"url": "https://example.com",
"private_mode": true
}Response
{
"url": "https://example.com",
"malicious_probability": 0.15,
"decision": "allow",
"analysis_details": {
"probability": 0.15,
"html_available": true,
"status_code": 200,
"content_length": 12345,
"analysis_time": 2.5,
"individual_scores": {...},
"dns_records": {...},
"whois_info": {...},
"cert_info": {...}
},
"timestamp": "2024-07-18T12:00:00Z",
"request_id": "abc123..."
}Code Examples
JavaScript
// Public scan
const response = await fetch('https://phishark.net/api/check-url', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
url: 'https://example.com',
private_mode: false
})
});
// Private scan
const privateResponse = await fetch('https://phishark.net/api/check-url', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
url: 'https://example.com',
private_mode: true
})
});
const result = await response.json();
console.log(result.malicious_probability);Python
import requests
# Public scan
response = requests.post(
'https://phishark.net/api/check-url',
json={
'url': 'https://example.com',
'private_mode': False
}
)
# Private scan
private_response = requests.post(
'https://phishark.net/api/check-url',
json={
'url': 'https://example.com',
'private_mode': True
}
)
result = response.json()
print(result['malicious_probability'])cURL
# Public scan
curl -X POST https://phishark.net/api/check-url \
-H "Content-Type: application/json" \
-d '{"url": "https://example.com", "private_mode": false}'
# Private scan
curl -X POST https://phishark.net/api/check-url \
-H "Content-Type: application/json" \
-d '{"url": "https://example.com", "private_mode": true}'PHP
// Public scan
$data = [
'url' => 'https://example.com',
'private_mode' => false
];
// Private scan
$privateData = [
'url' => 'https://example.com',
'private_mode' => true
];
$json = json_encode($data);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://phishark.net/api/check-url');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $json);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
$response = curl_exec($ch);
$result = json_decode($response, true);
echo $result['malicious_probability'];Response Codes
Private Mode
Private scans are logged separately from public scans and are not visible in the public scan history. This is useful for:
- Testing suspicious URLs without them appearing in public logs
- Corporate environments where scan history should be private
- Personal security checks that should remain confidential
- API integrations where you don't want scans to be publicly visible
Private scans use the same analysis engine and provide identical results, but are stored in a separate log system.
Rate Limiting
20 requests per minute per IP address
This helps prevent abuse and ensures fair usage for all users.
Need Help?
For commercial use, higher rate limits, or custom integrations, please contact us at info@phishark.net
Contact Us
