😈
isMalicious
  • 👋Welcome!
  • 📂Getting Started
  • Technical Docs
    • 📂API Reference
      • ✅Check ressource
        • Reputation
        • Vulnerabilities
        • Geolocation
        • Whois
      • 🔎Search resource
      • 📬Submit source
Powered by GitBook
On this page
  1. Technical Docs
  2. API Reference

Check ressource

The Check endpoint allows you to check if an IP or domain is malicious.

PreviousAPI ReferenceNextReputation

Last updated 5 months ago

Check IP

The response from the API indicates whether the queried IP address or domain is malicious. The malicious field is a boolean that confirms if the IP is associated with suspicious activity. If true, the sources array provides details about the blocklists where this IP was found, including the name, type, category, and a URL to the list. This helps users trace and verify the threat origins using reputable security sources.

Request

GET https://ismalicious.com/api/check?query=qouv.fr

Try this endpoint in your 🔗

Query Parameters

Parameter
Type
Description

query

string

The IP address / Domain name to check.

Response

{
    "sources": [
        {
            "status": "verified",
            "name": "Dl Red Flag Domains - Red.flag.domains.txt",
            "type": "domain",
            "url": "https://dl.red.flag.domains/red.flag.domains.txt"
        },
        {
            "category": "phishing",
            "status": "verified",
            "name": "Duggytuxy - Phishing Scam Domains.txt",
            "type": "domain",
            "url": "https://raw.githubusercontent.com/duggytuxy/phishing_scam_domains/main/phishing_scam_domains.txt"
        },
        {
            "status": "verified",
            "name": "Romain Marcoux - Full Domains Aa.txt",
            "type": "domain",
            "category": "malware",
            "url": "https://raw.githubusercontent.com/romainmarcoux/malicious-domains/main/full-domains-aa.txt"
        },
        {
            "status": "verified",
            "name": "Hyder365 - Combined.txt",
            "type": "domain",
            "category": "phishing",
            "url": "https://raw.githubusercontent.com/hyder365/combined-dns-list/master/combined.txt"
        },
        {
            "category": "phishing",
            "status": "verified",
            "name": "Hectorm - Hmirror - Someonewhocares.org",
            "type": "domain",
            "url": "https://raw.githubusercontent.com/hectorm/hmirror/master/data/someonewhocares.org/list.txt"
        },
        {
            "category": "phishing",
            "status": "verified",
            "name": "Someonewhocares Org - Hosts",
            "type": "domain",
            "url": "https://someonewhocares.org/hosts/hosts"
        },
        {
            "category": "malware",
            "status": "verified",
            "name": "V Firebog Net - Prigent Malware.txt",
            "type": "domain",
            "url": "https://v.firebog.net/hosts/Prigent-Malware.txt"
        }
    ],
    "type": "DOMAIN",
    "value": "qouv.fr",
    "malicious": true,
    "reputation": {
        "malicious": 7,
        "harmless": 0,
        "suspicious": 0,
        "undetected": 567,
        "timeout": 0
    },
    "whois": {
        "domain": {
            "domain": "qouv.fr",
            "punycode": "qouv.fr",
            "name": "qouv",
            "extension": "fr",
            "status": [
                "active"
            ],
            "name_servers": [
                "ns-150-b.gandi.net",
                "ns-197-a.gandi.net",
                "ns-220-c.gandi.net"
            ],
            "created_date": "2024-10-07T09:04:51.46256Z",
            "created_date_in_time": "2024-10-07T09:04:51.46256Z",
            "updated_date": "2024-10-12T09:11:24.271385Z",
            "updated_date_in_time": "2024-10-12T09:11:24.271385Z",
            "expiration_date": "2025-10-07T09:04:51.418135Z",
            "expiration_date_in_time": "2025-10-07T09:04:51.418135Z"
        },
        "registrar": {
            "name": "GANDI",
            "street": "63-65 boulevard Massena, 75013 PARIS",
            "country": "FR",
            "phone": "+33.170377661",
            "fax": "+33.143731851",
            "email": "support@support.gandi.net",
            "referral_url": "https://www.gandi.net/fr/tlds/fr/"
        },
        "registrant": {
            "id": "CTC4025262-FRNIC"
        },
        "administrative": {
            "id": "CTC4025262-FRNIC",
            "name": "Etat francais represente par le Premier Ministre DSAF",
            "street": "Etat francais represente par le Premier Ministre DSAF, 18 RUE VANEAU, 75700 PARIS",
            "country": "FR",
            "phone": "+33.142758000",
            "email": "00e0885df59caa9c48c10d1d493d15ff-50551183@contact.gandi.net"
        },
        "technical": {
            "id": "CTC4025262-FRNIC"
        }
    },
    "geo": {
        "status": "fail",
        "message": "invalid query",
        "query": "qouv.fr"
    },
    "similar_domains": {
        "total_hits": 0,
        "keywords": "qouv.fr",
        "hits": []
    }
}

Description

Feature Description: IP and Domain Checking

The IP and Domain checking feature offers an advanced security layer for users aiming to proactively detect and mitigate potential threats. By leveraging a robust database of verified sources, this feature identifies malicious domains and IP addresses, ensuring businesses can address risks swiftly. Its real-time updates and comprehensive threat detection capabilities make it a pivotal tool for network security management, helping prevent data breaches and associated financial losses. Users can also perform targeted checks with specialized sub-endpoints, allowing for performance optimization and detailed threat analysis.

Why is this useful?

  • Enhances security by identifying malicious domains and IPs proactively.

  • Utilizes multiple verified sources for comprehensive threat detection.

  • Provides timely updates ensuring current threat protection.

  • Allows businesses to assess potential threats quickly and efficiently.

  • Facilitates informed decision-making regarding network security actions.

  • Minimizes risk of data breaches and financial loss.

  • Offers targeted sub-checks for detailed analysis, optimizing performance.

For performance reasons, you'll find separate endpoints for each sub-check you want to look for:

📂
✅
browser
Reputation
Vulnerabilities
Geolocation
Whois