Fetch info for a domain GET
WARNING
v2 API is still in beta, there may be breaking changes at any time. It is recommended you keep updated with the #v2-api-betaopen in new window channel in Discord for updates and announcements.
Returns information we have about a phishing domain. Responses are in JSON format.
🔒 Auth Token: Required
🔑 API Permission Required: API.READ
The URL for this endpoint is:
https://api.phisherman.gg/v2/domains/info/<domain>
Required Parameters
| Name | Type | Description |
|---|---|---|
domain | string | The fully qualified domain name you wish to query |
Example Request
curl -L -X GET "https://api.phisherman.gg/v2/domains/info/internetbadguys.com" \
-H "Authorization: Bearer <API-KEY>"
1
2
2
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer <API-KEY>");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://api.phisherman.gg/v2/domains/info/internetbadguys.com", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
1
2
3
4
5
6
7
8
9
10
11
12
13
2
3
4
5
6
7
8
9
10
11
12
13
import http.client
conn = http.client.HTTPSConnection("api.phisherman.gg")
payload = ''
headers = {
'Authorization': 'Bearer <API-KEY>'
}
conn.request("GET", "/v2/domains/info/internetbadguys.com", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
1
2
3
4
5
6
7
8
9
10
11
2
3
4
5
6
7
8
9
10
11
Example Response
{
"internetbadguys.com": {
"status": "ONLINE",
"created": "2021-10-31T14:39:24.000Z",
"lastChecked": "2021-10-31T14:39:29.000Z",
"verifiedPhish": false,
"classification": "suspicious",
"firstSeen": "2021-11-26T01:14:42.000Z",
"lastSeen": "2021-12-27T16:40:15.000Z",
"targetedBrand": "Other",
"phishCaught": 6,
"details": {
"phishTankId": "",
"urlScanId": "50c3429b-ee4d-452c-bad9-b4d5faaaffac",
"websiteScreenshot": "https://urlscan.io/screenshots/50c3429b-ee4d-452c-bad9-b4d5faaaffac.png",
"ip_address": "146.112.255.155",
"asn": {
"asn": "AS36692",
"asn_name": "OPENDNS",
"route": "146.112.255.0/24"
},
"registry": "arin",
"country": {
"code": "US",
"name": "United States"
}
}
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
Response Details
| Name | Type | Description |
|---|---|---|
status | string | The status of this website. (mostly for future use) |
lastChecked | timestamp | The timestamp (in UTC) when this domain was last checked as being online |
verifiedPhish | boolean | Wether this domain is verified as a phishing website |
classification | string | The classification for this domain |
created | timestamp | The timestamp (in UTC) when this was added to our database |
firstSeen | timestamp | The timestamp (in UTC) when this domain was first reported as seen |
lastSeen | timestamp | The timestamp (in UTC) when this domain was last reported as seen |
targetedBrand | string | What brand or company this phish is aimed at |
phishCaught | integer | The number of times this phish has been reported back to Phisherman as being caught |
phishTankId | integer | The PhishTankopen in new window ID for this domain, if applicable |
urlScanId | string | The URLScan.ioopen in new window UUID for this domain, if applicable |
websiteScreenshot | string | URL to a screenshot of this website, provided by either PhishTankopen in new window or URLScan.ioopen in new window |
ip_address | string | The IP address of this website |
asn: asn | string | The ASN (Autonomous System Numbers) for this domain |
asn: name | string | The human readable name for this ASN (Autonomous System Number) |
asn: route | string | The CIDR block for this domain |
route | string | The CIDR Block for this website |
registry | string | The regional internet registry for this domain |
country: code | string | The ISO code for the country this domain is hosted in |
country: name | string | The country this domain is hosted in |