Phish Scanner API

Phish Scanner API

Scan before you click! Identify Phishy Links in Real-time with Machine Learning ...

API description

About the API:

Fight back against Phish!

The Phish Scanner API can identify phishy or spammy URLs. Unlike traditional blacklist services, the Phish Scanner API uses Machine Learning to spot phish, so even the freshest-phish aren't safe!

What this API receives and outputs:

Submit any URL (e.g. to the API and receive a robust JSON feature set containing Screenshots, TLS/SSL certificates, WHOIS queries, HTML and DOM content, HTTP captures, and DNS information, and Phish Score for the given URL.

Additional options can be added to the Request such as timeouts, browser options, or even the desired response features. Check the documentation for more information.

Common uses cases for the API:

Cybersecurity Professionals and Enthusiasts alike can use this API to enrich existing domain monitoring and anti-phishing workflows or to build exciting OSINT security tools! Besides, assigning a Phish Score to any URL submission, the API also returns a detailed feature set that users can leverage to build informative dashboards or intelligent applications on each Phish's characteristics.

API Documentation


Queues the given URL to be scanned. Returns immediately with the UUID that can be used for requesting the Report with the endpoints "/report/{uuid}" or "/report/{uuid}/features". **This is the preferred method for doing bulk url scans.**

Submit Async Phish Scan - Endpoint Features
Object Description
Request Body [Required] Json

Retrieves the entire Scanner Report via the universally unique identifier (UUID). Returns status 404 if the report does not exist (or if the asynchronous scan hasn't yet been completed). Returns status 400 if the scan attempt failed (applies to asynchronous submissions only).

UUID parameter: insert the UUID of the report. Ex: DC6uMEoSxwnMycu6geAjjg


Retrieve the Scanner Report via the universally unique identifier (UUID). Accepts query parameters that can be used to specify which features to include in the response. Returns status 404 if the report does not exist (or if the asynchronous scan hasn't yet completed). Returns status 400 if the scan attempt failed (applies to asynchronous submissions only).


UUID parameter: insert The UUID of the Report. Ex: dCSQsZZD4s3hWmwJUALcvs


Scans the given URL.

NOTE: The POST request blocks until the scan is completed or an error has occurred.

Submit Phish Scan - Endpoint Features
Object Description
Request Body [Required] Json

API Access Key & Authentication

After signing up, every developer is assigned a personal API access key, a unique combination of letters and digits provided to access to our API endpoint. To authenticate with the Phish Scanner API REST API, simply include your bearer token in the Authorization header.


Header Description
Authorization [Required] Should be Bearer access_key. See "Your API Access Key" above when you are subscribed.

Simple Transparent Pricing

No long term commitments. One click upgrade/downgrade or cancellation. No questions asked.

$0.00 / Mo

  • 500 Requests / Month
$24.99 / Mo

  • 10,000,000 Requests / Month
🚀 Enterprise
Custom quote

Need more? We offer unlimited API calls, Request Quote

Zyla API Hub is, in other words, an API MarketPlace. An all-in-one solution for your developing needs. You will be accessing our extended list of APIs with only your user. Also, you won't need to worry about storing API keys, only one API key for all our products is needed.

Prices are listed in USD. We accept all major debit and credit cards. Our payment system uses the latest security technology and is powered by Stripe, one of the world’s most reliable payment companies. If you have any trouble with paying by card, just contact us at [email protected]

Sometimes depending on the bank's fraud protection settings, a bank will decline the validation charge we make when we attempt to be sure a card is valid. We recommend first contacting your bank to see if they are blocking our charges. If more help is needed, please contact [email protected] and our team will investigate further

Prices are based on a recurring monthly subscription depending on the plan selected — plus overage fees applied when a developer exceeds a plan’s quota limits. In this example, you'll see the base plan amount as well as a quota limit of API requests. Be sure to notice the overage fee because you will be charged for each additional request.

Zyla API Hub works on a recurring monthly subscription system. Your billing cycle will start the day you purchase one of the paid plans, and it will renew the same day of the next month. So be aware to cancel your subscription beforehand if you want to avoid future charges.

Just go to the pricing page of that API and select the plan that you want to upgrade to. You will only be charged the full amount of that plan, but you will be enjoying the features that the plan offers right away.

Yes, absolutely. If you want to cancel your plan, simply go to your account and cancel on the Billing page. Upgrades, downgrades, and cancellations are immediate.

You can contact us through our chat channel to receive immediate assistance. We are always online from 9 am to 6 pm (GMT+1). If you reach us after that time, we will be in contact when we are back. Also you can contact us via email to [email protected]

API Provider:

Useful links: