ImmuniWeb Discovery

For continuous monitoring purposes, we suggest you exploring our award-winning ImmuniWeb® Discovery offering tailored for continuous monitoring with flexible 24/7 notifications.

Commercial API

ImmuniWeb provides a commercial access to the Domain Security Test API with extended limits to the number daily tests. Please get in touch with us to get a personalized quote. Prices start at 1,000 USD per month.

Non-profit, research and academic institutions may request commercial API for free. Please send your API usage requirements to for additional information.

Free API

ImmuniWeb provides you with a free API to test your domain for signs of cybersquatting, typo-squatting and phishing domains that may misuse your trademark, and spoof your brand. To assure high speed of service and availability for everyone, the free API allows 1 request in 3 minutes, 10 requests in total per 24 hours, from one IP address.



In addition, there are different tiers of user, with each providing a different level of usage with the API. If the daily test limit is exceeded the results will be only be available after upgrading to a paid subscription.

License notice: The API is provided for free both for private and commercial purposes. When using the free API, a clearly-visible credit to ImmuniWeb® Community when displaying results is mandatory. Failure to properly do so may trigger a ban and legal consequences.

API Documentation and How-To

Full API Documentation

API Specifications

Field Name Value Protocol HTTP/HTTPS Request Type POST URL https://www.immuniweb.com/radar/api/v1/scan/[ustamp].html - where "ustamp" is an arbitrary UNIX time-stamp (must be an integer). Such construction is done to prevent caching on client side.

POST Data Specification

Field Name Value api_key secret token which you submit alongside with the request domain the domain name to be tested. limit limit the amount of results shown. offset offset if results are limited no_limit 0 or 1 dnsr "on" means that test results will be hidden, "off" means that test results will be displayed in statistics. recheck "false" will use results from cache if the server has been tested within the past 24 hours, "true" will perform a new test without looking at the cache.

Example of Transaction Using CURL

$ curl -XPOST -d 'domain=twitter.com&dnsr=off&a=scan&recheck=false' 'https://www.immuniweb.com/radar/api/v1/scan/1451425590.html'



{"debug":true,"job_id":"2a9e1f1bc92dc0c7a4bde930dff488771eea6d36988208d34163c5496227b8dc","status":"test_started","status_id":1,"message":"Test has started"}



$ curl -XPOST -d 'job_id=2a9e1f1bc92dc0c7a4bde930dff488771eea6d36988208d34163c5496227b8dc' 'https://www.immuniweb.com/radar/api/v1/get_result/1451425590.html'



{"job_id":"2a9e1f1bc92dc0c7a4bde930dff488771eea6d36988208d34163c5496227b8dc","status":"in_progress","status_id":2,"eta":2,"message":"Your test is in progress"}





$ curl -XPOST -d 'domain=twitter.com&dnsr=off&a=scan&recheck=false' 'https://www.immuniweb.com/radar/api/v1/scan/1451425590.html'



{"test_id":"c84936eef26eeb8aaef5ffc43f38ddb91adfd90ac27fb416bd0b21fe2edb1004","status":"test_cached","status_id":3,"message":"Test is cached"}



$ curl -XPOST -d 'id=c84936eef26eeb8aaef5ffc43f38ddb91adfd90ac27fb416bd0b21fe2edb1004' 'https://www.immuniweb.com/radar/api/v1/get_result/1451425590.html'





$ curl -XPOST -d 'domain=0.0.0.0&dnsr=off&a=scan&recheck=false' 'https://www.immuniweb.com/radar/api/v1/scan/1451425590.html'



{"error":"The domain name does not exist","error_id":9}





Example of Server Response