API Playground

Try every endpoint from your browser. No signup, no API key, no setup.

Domain Intelligence
GET /v1/domain/{domain} Full domain security report with DNS, WHOIS, SSL, subdomains, and risk score 
{
  "domain": "cloudflare.com",
  "risk_score": 15,
  "dns": {
    "a": ["104.16.132.229"],
    "mx": ["route1.mx.cloudflare.net"]
  },
  "whois": {
    "registrar": "Cloudflare, Inc.",
    "created": "2009-02-17"
  },
  "ssl": {
    "grade": "A",
    "issuer": "Google Trust Services",
    "expires_in_days": 89
  },
  "subdomains": ["www.cloudflare.com", "api.cloudflare.com", "dash.cloudflare.com"]
}
GET /v1/dns/{domain} DNS records — A, AAAA, MX, NS, TXT, CNAME, SOA 
{
  "domain": "cloudflare.com",
  "records": [
    {"type": "A", "value": "104.16.132.229", "ttl": 300},
    {"type": "MX", "value": "route1.mx.cloudflare.net", "ttl": 300, "priority": 36},
    {"type": "NS", "value": "ns1.cloudflare.com", "ttl": 86400},
    {"type": "TXT", "value": "v=spf1 include:_spf.google.com ~all", "ttl": 300}
  ]
}
GET /v1/whois/{domain} WHOIS registration data — registrar, dates, nameservers, DNSSEC 
{
  "domain": "cloudflare.com",
  "registrar": "Cloudflare, Inc.",
  "creation_date": "2009-02-17T00:00:00",
  "expiration_date": "2033-02-17T00:00:00",
  "updated_date": "2024-01-15T00:00:00",
  "nameservers": ["ns1.cloudflare.com", "ns2.cloudflare.com"],
  "status": ["clientTransferProhibited"],
  "dnssec": true
}
GET /v1/subdomains/{domain} Subdomain enumeration via certificate transparency logs 
{
  "domain": "cloudflare.com",
  "subdomains": [
    "www.cloudflare.com",
    "api.cloudflare.com",
    "dash.cloudflare.com",
    "support.cloudflare.com",
    "blog.cloudflare.com"
  ],
  "total": 5
}
GET /v1/ssl/{domain} SSL/TLS certificate analysis — grade, cipher, expiry, SAN 
{
  "domain": "cloudflare.com",
  "grade": "A",
  "protocol": "TLSv1.3",
  "cipher": "TLS_AES_256_GCM_SHA384",
  "issuer": "Google Trust Services",
  "not_before": "2024-12-01T00:00:00",
  "not_after": "2025-03-01T00:00:00",
  "days_remaining": 89,
  "san": ["cloudflare.com", "*.cloudflare.com"]
}
GET /v1/threat/{domain} URLhaus threat intelligence lookup 
{
  "domain": "example.com",
  "malware_urls": 0,
  "threat_tags": [],
  "threat_status": "clean",
  "summary": "No threats found in URLhaus"
}
GET /v1/ip/{ip} IP intelligence — geolocation, ports, reputation 
{
  "ip": "8.8.8.8",
  "ptr": "dns.google",
  "geo": {
    "country": "US",
    "city": "Mountain View",
    "org": "Google LLC"
  },
  "ports": [53, 443],
  "hostnames": ["dns.google"],
  "reputation": {
    "score": 0,
    "categories": []
  }
}
GET /v1/tech/{domain} Technology fingerprinting — CMS, frameworks, CDN 
{
  "domain": "shopify.com",
  "technologies": [
    {"name": "Cloudflare", "category": "CDN", "confidence": 100},
    {"name": "Ruby on Rails", "category": "Framework", "confidence": 80},
    {"name": "Nginx", "category": "Web Server", "confidence": 90}
  ]
}
GET /v1/asn/{target} ASN lookup — network operator, IP prefixes 
{
  "asn": 13335,
  "holder": "CLOUDFLARENET - Cloudflare, Inc.",
  "prefixes_v4": ["104.16.0.0/20", "172.64.0.0/13"],
  "prefixes_v6": ["2606:4700::/32"],
  "resolved_from": "cloudflare.com"
}
GET /v1/email/mx/{domain} Email security — MX, SPF, DMARC, DKIM, provider detection 
{
  "domain": "google.com",
  "provider": "Google Workspace",
  "mx_records": ["smtp.google.com"],
  "spf": {
    "record": "v=spf1 include:_spf.google.com ~all",
    "valid": true
  },
  "dmarc": {
    "record": "v=DMARC1; p=reject",
    "policy": "reject"
  },
  "grade": "B",
  "score": 80
}
GET /v1/email/disposable/{email} Disposable email provider detection 
{
  "email": "[email protected]",
  "disposable": true,
  "domain": "tempmail.com",
  "risk": "high"
}
GET /v1/phone/{number} Phone number validation — carrier, type, location 
{
  "number": "+14155552671",
  "valid": true,
  "country": "US",
  "region": "California",
  "carrier": "",
  "line_type": "fixed_line_or_mobile",
  "timezone": "America/Los_Angeles"
}
GET /v1/username/{username} Username OSINT — check 16 platforms 
{
  "username": "torvalds",
  "total_found": 7,
  "platforms": [
    {"name": "github", "exists": true, "url": "https://github.com/torvalds"},
    {"name": "reddit", "exists": true, "url": "https://reddit.com/user/torvalds"},
    {"name": "keybase", "exists": true, "url": "https://keybase.io/torvalds"}
  ]
}
GET /v1/archive/{domain} Wayback Machine archive history 
{
  "domain": "example.com",
  "first_snapshot": {
    "date": "1997-01-01",
    "url": "https://web.archive.org/web/19970101/http://example.com"
  },
  "last_snapshot": {
    "date": "2026-04-01",
    "url": "https://web.archive.org/web/20260401/http://example.com"
  },
  "total_snapshots": 125000
}
GET /v1/scan/headers/{domain} Live HTTP security header scan 
{
  "domain": "contrastcyber.com",
  "headers_present": [
    "Strict-Transport-Security",
    "X-Frame-Options",
    "X-Content-Type-Options",
    "Content-Security-Policy",
    "Referrer-Policy",
    "Permissions-Policy"
  ],
  "headers_missing": [],
  "score": 100,
  "grade": "A"
}
CVE Intelligence
GET /v1/cve/{cve_id} CVE details — CVSS, EPSS, KEV, affected products 
{
  "cve_id": "CVE-2024-3094",
  "description": "Malicious code in xz/liblzma 5.6.0-5.6.1",
  "cvss_score": 10.0,
  "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
  "epss": {
    "score": 0.85,
    "percentile": 0.99
  },
  "kev": true,
  "severity": "CRITICAL"
}
GET /v1/exploit/{cve_id} Public exploits and PoC code for a CVE 
{
  "cve_id": "CVE-2024-3094",
  "total_count": 21,
  "exploits": [
    {
      "source": "GitHub Advisory",
      "title": "xz-utils backdoor",
      "url": "https://github.com/advisories/GHSA-rxwq-x6h5-x525",
      "published_date": "2024-03-29"
    }
  ]
}
GET /v1/epss/{cve_id} EPSS exploitation probability score 
{
  "cve_id": "CVE-2024-3094",
  "epss_score": 0.85,
  "percentile": 0.99,
  "date": "2026-04-09"
}
Threat Intelligence
GET /v1/ioc/{indicator} IOC enrichment — ThreatFox, URLhaus, Feodo 
{
  "indicator": "8.8.8.8",
  "type": "ip",
  "found": false,
  "threat_type": null,
  "malware_family": null,
  "tags": [],
  "confidence": null,
  "source": "abuse.ch",
  "references": []
}
GET /v1/hash/{file_hash} File hash malware lookup — MalwareBazaar 
{
  "file_hash": "d41d8cd98f00b204e9800998ecf8427e",
  "found": false,
  "malware_family": null,
  "file_type": null,
  "file_size": null,
  "tags": [],
  "first_seen": null,
  "last_seen": null,
  "signature": null
}
GET /v1/password/{sha1_hash} Password breach check — Have I Been Pwned (k-anonymity) 
{
  "found": true,
  "count": 52256179
}
GET /v1/phishing/{url} Phishing/malware URL check — URLhaus 
{
  "url": "https://example.com/login",
  "found": false,
  "threat_type": "none",
  "status": null,
  "tags": [],
  "date_added": null,
  "source": "URLhaus"
}
Code Security
POST /v1/check/secrets Scan code for hardcoded secrets and API keys 
{
  "total": 3,
  "by_severity": {
    "CRITICAL": 1,
    "HIGH": 2,
    "MEDIUM": 0,
    "LOW": 0
  },
  "findings": [
    {
      "severity": "CRITICAL",
      "type": "AWS Access Key",
      "line_number": 1,
      "matched_text": "EXAMPLE_KEY_NOT_REAL",
      "recommendation": "Remove and rotate this AWS access key immediately"
    }
  ]
}
POST /v1/check/injection Detect SQL/command injection vulnerabilities 
{
  "total": 3,
  "by_severity": {
    "CRITICAL": 0,
    "HIGH": 3,
    "MEDIUM": 0,
    "LOW": 0
  },
  "findings": [
    {
      "severity": "HIGH",
      "type": "SQL Injection",
      "line_number": 1,
      "matched_text": "SELECT * FROM users WHERE id = \" + user_input",
      "recommendation": "Use parameterized queries instead of string concatenation"
    }
  ]
}