The playground

Try any of 817 endpoints — live.

Pick an endpoint, load a working example, tweak the params, and send — no signup to try. Results render the way the data deserves; raw JSON, headers & code are one tab away.

Playground demo key · api.reefapi.com

post/threat-intel/v1/scan_lookup1 credit

urlscan.io public scan history + per-scan verdict for a domain/IP (server, IP, country, TLS age, page title, malicious-flag). Open source — no key.

Working example

Parameters

domainrequired

Domain (or a URL — its host is used) to pull urlscan.io public scan history + per-scan verdict for. Use search_field to switch the query axis.

search_fieldoptional

Which urlscan axis to query. 'domain' (default) is broadest; 'page' is the landing domain only; 'ip' searches by contacted IP.

limitoptional

Max scan-history records to return (1-100, default 20). Clamped to 100. (1–100)

request preview

curl -X POST https://api.reefapi.com/threat-intel/v1/scan_lookup \
  -H "x-api-key: $REEF_KEY" \
  -H "content-type: application/json" \
  -d '{"domain":"github.com"}'

Hit Send to run this endpoint live.