✅Check ressource

The Check endpoint allows you to check if an IP or domain is malicious.

Check IP

The response from the API indicates whether the queried IP address or domain is malicious. The malicious field is a boolean that confirms if the IP is associated with suspicious activity. If true, the sources array provides details about the blocklists where this IP was found, including the name, type, category, and a URL to the list. This helps users trace and verify the threat origins using reputable security sources.

Request

GET https://ismalicious.com/api/check?query=qouv.fr

Try this endpoint in your browser 🔗

Query Parameters

Parameter

Type

Description

query

string

The IP address / Domain name to check.

Response

{
    "sources": [
        {
            "status": "verified",
            "name": "Dl Red Flag Domains - Red.flag.domains.txt",
            "type": "domain",
            "url": "https://dl.red.flag.domains/red.flag.domains.txt"
        },
        {
            "category": "phishing",
            "status": "verified",
            "name": "Duggytuxy - Phishing Scam Domains.txt",
            "type": "domain",
            "url": "https://raw.githubusercontent.com/duggytuxy/phishing_scam_domains/main/phishing_scam_domains.txt"
        },
        {
            "status": "verified",
            "name": "Romain Marcoux - Full Domains Aa.txt",
            "type": "domain",
            "category": "malware",
            "url": "https://raw.githubusercontent.com/romainmarcoux/malicious-domains/main/full-domains-aa.txt"
        },
        {
            "status": "verified",
            "name": "Hyder365 - Combined.txt",
            "type": "domain",
            "category": "phishing",
            "url": "https://raw.githubusercontent.com/hyder365/combined-dns-list/master/combined.txt"
        },
        {
            "category": "phishing",
            "status": "verified",
            "name": "Hectorm - Hmirror - Someonewhocares.org",
            "type": "domain",
            "url": "https://raw.githubusercontent.com/hectorm/hmirror/master/data/someonewhocares.org/list.txt"
        },
        {
            "category": "phishing",
            "status": "verified",
            "name": "Someonewhocares Org - Hosts",
            "type": "domain",
            "url": "https://someonewhocares.org/hosts/hosts"
        },
        {
            "category": "malware",
            "status": "verified",
            "name": "V Firebog Net - Prigent Malware.txt",
            "type": "domain",
            "url": "https://v.firebog.net/hosts/Prigent-Malware.txt"
        }
    ],
    "type": "DOMAIN",
    "value": "qouv.fr",
    "malicious": true,
    "reputation": {
        "malicious": 7,
        "harmless": 0,
        "suspicious": 0,
        "undetected": 567,
        "timeout": 0
    },
    "whois": {
        "domain": {
            "domain": "qouv.fr",
            "punycode": "qouv.fr",
            "name": "qouv",
            "extension": "fr",
            "status": [
                "active"
            ],
            "name_servers": [
                "ns-150-b.gandi.net",
                "ns-197-a.gandi.net",
                "ns-220-c.gandi.net"
            ],
            "created_date": "2024-10-07T09:04:51.46256Z",
            "created_date_in_time": "2024-10-07T09:04:51.46256Z",
            "updated_date": "2024-10-12T09:11:24.271385Z",
            "updated_date_in_time": "2024-10-12T09:11:24.271385Z",
            "expiration_date": "2025-10-07T09:04:51.418135Z",
            "expiration_date_in_time": "2025-10-07T09:04:51.418135Z"
        },
        "registrar": {
            "name": "GANDI",
            "street": "63-65 boulevard Massena, 75013 PARIS",
            "country": "FR",
            "phone": "+33.170377661",
            "fax": "+33.143731851",
            "email": "[email protected]",
            "referral_url": "https://www.gandi.net/fr/tlds/fr/"
        },
        "registrant": {
            "id": "CTC4025262-FRNIC"
        },
        "administrative": {
            "id": "CTC4025262-FRNIC",
            "name": "Etat francais represente par le Premier Ministre DSAF",
            "street": "Etat francais represente par le Premier Ministre DSAF, 18 RUE VANEAU, 75700 PARIS",
            "country": "FR",
            "phone": "+33.142758000",
            "email": "[email protected]"
        },
        "technical": {
            "id": "CTC4025262-FRNIC"
        }
    },
    "geo": {
        "status": "fail",
        "message": "invalid query",
        "query": "qouv.fr"
    },
    "similar_domains": {
        "total_hits": 0,
        "keywords": "qouv.fr",
        "hits": []
    }
}

Description

Feature Description: IP and Domain Checking

The IP and Domain checking feature offers an advanced security layer for users aiming to proactively detect and mitigate potential threats. By leveraging a robust database of verified sources, this feature identifies malicious domains and IP addresses, ensuring businesses can address risks swiftly. Its real-time updates and comprehensive threat detection capabilities make it a pivotal tool for network security management, helping prevent data breaches and associated financial losses. Users can also perform targeted checks with specialized sub-endpoints, allowing for performance optimization and detailed threat analysis.

Why is this useful?

Enhances security by identifying malicious domains and IPs proactively.
Utilizes multiple verified sources for comprehensive threat detection.
Provides timely updates ensuring current threat protection.
Allows businesses to assess potential threats quickly and efficiently.
Facilitates informed decision-making regarding network security actions.
Minimizes risk of data breaches and financial loss.
Offers targeted sub-checks for detailed analysis, optimizing performance.

For performance reasons, you'll find separate endpoints for each sub-check you want to look for:

Reputation Vulnerabilities Geolocation Whois

PreviousAPI Reference NextReputation

Last updated 1 year ago

hashtagCheck IP

hashtagRequest

hashtagResponse

hashtagDescription

hashtagFeature Description: IP and Domain Checking

Check IP

Request

Response

Description

Feature Description: IP and Domain Checking