API Documentation

Comprehensive guides and API references for integrating AntiBait's email threat detection into your applications.

Analyze URLs

Scan URLs from emails for malicious content, phishing sites, and reputation issues.

API Endpoint

POST
POST/api/analysis/urls

Request Body

{
  "urls": [
    "https://example.com",
    "https://another.com"
  ]
}

Array of full URLs to analyze.

Response

[
  {
    "url": string,
    "legitimate": boolean
  }
]

Array of results for each URL.

Example Request

Request

POST /api/analysis/urls
Content-Type: application/json
Authorization: Bearer YOUR_API_KEY

{
  "urls": [
    "https://example.com",
    "https://trusted-site.com/page"
  ]
}

Response

[
  {
    "url": "https://example.com",
    "legitimate": true
  },
  {
    "url": "https://trusted-site.com/page",
    "legitimate": true
  }
]

// Both URLs are recognized as legitimate domains

URL Security Checks

Blacklist Check

Verification against known malicious URL databases

URL Shorteners

Detection and expansion of shortened URLs

Domain Reputation

Analysis of domain age and trustworthiness

Suspicious Patterns

Detection of obfuscation and lookalike domains

SSL Certificate

Validation of HTTPS and certificate legitimacy

Content Analysis

Scanning of destination page content

Common URL Threats Detected

Phishing Sites

Fake login pages impersonating legitimate services

Malware Distribution

Sites hosting or triggering malicious downloads

Typosquatting

Domains with intentional misspellings of popular brands

URL Obfuscation

Hidden or encoded malicious URLs

Response Fields

Returns an array of objects, one for each URL provided in the request.

urlstring

The URL that was analyzed (exactly as provided in the request)

legitimateboolean

Indicates whether the root domain is recognized as a legitimate, trusted domain.

  • true: Domain is in the legitimate domains whitelist
  • false: Domain is not recognized or potentially suspicious

Note: This endpoint extracts the root domain from each URL and checks it against a curated whitelist of known legitimate domains. URLs not in the whitelist should be treated with caution, though they may not necessarily be malicious.

Best Practices
  • Include all URLs found in the email, even if they appear legitimate
  • Don't manually visit suspicious URLs before analysis
  • URL analysis is most effective when combined with body and header checks
  • Consider rate limits when analyzing emails with many URLs

Need help integrating our API? Our support team is here to assist you.

Contact View FAQ Manage API Keys