The playground

Try any of 817 endpoints — live.

Pick an endpoint, load a working example, tweak the params, and send — no signup to try. Results render the way the data deserves; raw JSON, headers & code are one tab away.

Playground demo key · api.reefapi.com

post/domain-risk/v1/typosquat1 credit

Generate a brand's lookalike domains across 16 permutation families (meets/exceeds dnstwist; incl IDN homoglyph/homograph) then report which are ACTUALLY REGISTERED + their risk — the brand-protection product.

Working example

Parameters

domainrequired

A full domain to evaluate (e.g. example.com, secure-login.io). A bare host, full URL, leading www., or an IDN (münchen.de) are accepted and normalized to its registrable form.

familiesoptional

Which typosquat permutation families to generate (comma-separated or array). Defaults to ALL 16 (meets/exceeds dnstwist): omission, repetition, transposition, replacement, insertion, vowel_swap, homoglyph, bitsquatting, hyphenation, addition, subdomain, tld_swap, combosquat, plural, homophones, various. Unknown names are ignored.

keywordsoptional

Extra dictionary words for the combosquat family (dnstwist --dictionary parity), e.g. your product/campaign terms. Combined with the built-in phishing keyword set.

check_registeredoptional

If true (default), RDAP/DoH-check which generated lookalikes are actually registered (capped at 120 checks). False → return candidates only.

request preview

curl -X POST https://api.reefapi.com/domain-risk/v1/typosquat \
  -H "x-api-key: $REEF_KEY" \
  -H "content-type: application/json" \
  -d '{"domain":"paypal.com","families":"homoglyph,replacement,omission"}'

Hit Send to run this endpoint live.