The playground

Try any of 817 endpoints — live.

Pick an endpoint, load a working example, tweak the params, and send — no signup to try. Results render the way the data deserves; raw JSON, headers & code are one tab away.

Playground demo key · api.reefapi.com

post/threat-intel/v1/url_check1 credit

Is a URL malicious? Checks the URLHaus malware-URL feed + OpenPhish phishing feed (exact + variants) + its host across ThreatFox/URLHaus-hosts/Feodo/SSLBL + risk flags → verdict.

Working example

Parameters

urlrequired

The full URL to check (http/https). Matched against the URLHaus malware-URL feed AND the OpenPhish phishing feed (exact + http/https + trailing-slash variants), plus its host against every host/IOC feed.

request preview

curl -X POST https://api.reefapi.com/threat-intel/v1/url_check \
  -H "x-api-key: $REEF_KEY" \
  -H "content-type: application/json" \
  -d '{"url":"https://github.com/"}'

Hit Send to run this endpoint live.