Domain Malicious

Check if a domain or IP address has been flagged as malicious across multiple threat intelligence feeds, with source attribution.

Credit cost: 1 credit per call

Authorization

ApiKeyAuth

x-api-key<token>

Your API key. Include it in the x-api-key header for every request.

In: header

Query Parameters

query*string

A domain name or IP address to check for malicious activity across multiple threat intelligence sources.

Examples:

197.33.189.70

malicious-domain.com

The API cross-references the input against community-curated threat feeds and returns whether it has been flagged as malicious, along with the specific sources that reported it.

Note: Both IPv4 addresses and domain names are accepted.

Response Body

`application/json`

curl -X GET "https://api.piloterr.com/v2/domain/malicious?query=string"

{
  "sources": [
    {
      "url": "https://raw.githubusercontent.com/duggytuxy/malicious_ip_addresses/main/blacklist_ips_for_fortinet_firewall_ab.txt",
      "name": "Fortinet Firewall AB",
      "type": "ip"
    },
    {
      "url": "https://raw.githubusercontent.com/duggytuxy/malicious_ip_addresses/main/botnets_zombies_scanner_spam_ips.txt",
      "name": "Botnets, Zombies, Scanner, Spam IPs",
      "type": "ip"
    }
  ],
  "malicious": true
}

{
  "error": "Bad Request"
}

{
  "error": "Invalid API Key"
}

{
  "error": "Payment required"
}

{
  "error": "Rate limit exceeded for the API key: quota monthly"
}

{
  "error": "Internal Error"
}

Authorization

Query Parameters

Response Body

200application/json

400application/json

401application/json

402application/json

429application/json

500application/json

Example Check malicious IP address

Example Check clean domain

`application/json`

`application/json`

`application/json`

`application/json`

`application/json`

`application/json`