Référence Développeur
Enquete sur le phishing Documentation de l'API
Enquete sur le phishing Documentation de l'API: Enquetez sur les domaines de phishing suspectes avec un dossier de preuves complet. Collecte les enregistrements DNS, les donnees WHOIS, les certificats SSL et cree un rapport horodate pour les demandes de retrait.
Enquete sur le phishing
Enquetez sur les domaines de phishing suspectes avec un dossier de preuves complet. Collecte les enregistrements DNS, les donnees WHOIS, les certificats SSL et cree un rapport horodate pour les demandes de retrait.
GET
/v1/recipes/phishing-investigation
Paramètres de Requête
| Paramètre | Type | requis |
|---|---|---|
| suspicious_domain | string | requis |
| legitimate_domain | string | optionnel |
| collect_evidence | boolean | optionnel |
Champs de Réponse
| Champ | Type |
|---|---|
success |
boolean |
data |
object |
data.suspicious_domain |
string |
data.legitimate_domain |
string |
data.verdict |
string |
data.confidence |
number |
data.indicators |
object |
data.indicators.typosquatting |
object |
data.indicators.typosquatting.detected |
boolean |
data.indicators.typosquatting.technique |
string |
data.indicators.domain_age |
object |
data.indicators.domain_age.days |
number |
data.indicators.domain_age.risk |
string |
data.indicators.registration |
object |
data.indicators.registration.privacy_protected |
boolean |
data.indicators.registration.registrar |
string |
data.indicators.registration.created_date |
string |
data.indicators.infrastructure |
object |
data.indicators.infrastructure.ip |
string |
data.indicators.infrastructure.hosting |
string |
data.indicators.infrastructure.geolocation |
string |
data.indicators.ssl |
object |
data.indicators.ssl.valid |
boolean |
data.indicators.ssl.issuer |
string |
data.indicators.ssl.age_days |
number |
data.indicators.reputation |
object |
data.indicators.reputation.blocklisted |
boolean |
data.indicators.reputation.similar_reports |
number |
data.comparison_to_legitimate |
object |
data.comparison_to_legitimate.similarity_score |
number |
data.comparison_to_legitimate.visual_differences[] |
string[] |
data.evidence_package |
object |
data.evidence_package.dns_snapshot |
object |
data.evidence_package.dns_snapshot.A[] |
string[] |
data.evidence_package.whois_snapshot |
object |
data.evidence_package.whois_snapshot.registrar |
string |
data.evidence_package.timestamp |
string |
data.recommended_actions[] |
string[] |
meta |
object |
meta.recipe_name |
string |
meta.credits_used |
number |
meta.credits_saved |
number |
meta.duration_ms |
number |
meta.components_called[] |
string[] |
meta.cached_components[] |
array |
meta.timestamp |
string |
errors[] |
array |
Exemple de Requête
curl -H "X-API-Key: $DOMSCAN_API_KEY" "https://domscan.net/v1/recipes/phishing-investigation?suspicious_domain=examp1e.com&legitimate_domain=example.com&collect_evidence=true"Exemple de Réponse
{
"success": true,
"data": {
"suspicious_domain": "examp1e.com",
"legitimate_domain": "example.com",
"verdict": "confirmed_phishing",
"confidence": 0.93,
"indicators": {
"typosquatting": {
"detected": true,
"technique": "character_swap"
},
"domain_age": {
"days": 3,
"risk": "high"
},
"registration": {
"privacy_protected": true,
"registrar": "Example Registrar",
"created_date": "2026-04-12"
},
"infrastructure": {
"ip": "203.0.113.18",
"hosting": "Suspicious Hosting Ltd.",
"geolocation": "NL"
},
"ssl": {
"valid": true,
"issuer": "Let's Encrypt",
"age_days": 2
},
"reputation": {
"blocklisted": true,
"similar_reports": 4
}
},
"comparison_to_legitimate": {
"similarity_score": 0.97,
"visual_differences": [
"digit-substitution in second label character"
]
},
"evidence_package": {
"dns_snapshot": {
"A": [
"203.0.113.18"
]
},
"whois_snapshot": {
"registrar": "Example Registrar"
},
"timestamp": "2026-04-15T11:24:00Z"
},
"recommended_actions": [
"Report to registrar abuse contact",
"Submit URL to Safe Browsing and internal blocklists"
]
},
"meta": {
"recipe_name": "phishing-investigation",
"credits_used": 10,
"credits_saved": 12,
"duration_ms": 952,
"components_called": [
"whois",
"dns",
"ip",
"reputation",
"health",
"certificates"
],
"cached_components": [],
"timestamp": "2026-04-15T11:24:00Z"
},
"errors": []
}
