The playground

Try any of 817 endpoints — live.

Pick an endpoint, load a working example, tweak the params, and send — no signup to try. Results render the way the data deserves; raw JSON, headers & code are one tab away.

Playground demo key · api.reefapi.com

post/domain-risk/v1/assess1 credit

Full risk report for one domain: a 0-100 risk score + human reasons + risk_level, synthesising age, expiry, parked/for-sale, CT-cert presence, structural flags, brand-impersonation, and mail/DNSSEC legitimacy. The flagship action.

Working example

Parameters

domainrequired

A full domain to evaluate (e.g. example.com, secure-login.io). A bare host, full URL, leading www., or an IDN (münchen.de) are accepted and normalized to its registrable form.

check_parkedoptional

If true (default), also fetch the root page to detect a parked/for-sale landing. Tolerant — a blocked/failed probe never fails the assessment.

include_piioptional

If true, return the full RDAP registrant contact. Default false → personal data dropped (GDPR), organization kept.

request preview

curl -X POST https://api.reefapi.com/domain-risk/v1/assess \
  -H "x-api-key: $REEF_KEY" \
  -H "content-type: application/json" \
  -d '{"domain":"google.com","check_parked":"false"}'

Hit Send to run this endpoint live.