V2 API

Domain Risk Analysis

Fast, synchronous-style risk assessment for domains using our hybrid async engine.

Domain Risk Analysis provides a comprehensive security assessment of a domain. Unlike Domain Classification, this endpoint does not support caching and always performs a fresh analysis to ensure the most up-to-date risk signals.

Billing & Transparency

Simple per-request pricing.

$0.0025 Standard Comprehensive domain risk assessment.
Async jobs are automatically refunded if they fail on our end.

1. Request Analysis

POST

Submit a domain for risk analysis. This will trigger a background job and return a job I.D.

curl -X POST "https://api.urlert.com/v2/domain-risk" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"domain": "example.com"}'

2. Polling Results

GET

Poll the status_url provided in Step 1 until the job is complete.

curl -X GET "https://api.urlert.com/v2/domain-risk/jobs/aa1b2c3d-4e5f-6a7b-8c9d-0e1f2a3b4c5d" \
  -H "Authorization: Bearer YOUR_API_KEY"

Example Response

Typical response payload for a malicious domain.

{
  "status": "complete",
  "job_id": "aa1b2c3d-4e5f-6a7b-8c9d-0e1f2a3b4c5d",
  "error": null,
  "result": {
    "request_url": "http://suspicious-bank-login.com",
    "final_assessment": "malicious",
    "threat_type": "Phishing / Credential Theft",
    "confidence_score": 98,
    "executive_summary": "The domain mimics a legitimate financial institution login page. It was registered 2 days ago and is hosted on a high-risk ASN known for phishing campaigns.",
    "recommended_action": "Block",
    "domain_registered_date": "2024-03-18T10:00:00Z",
    "findings": [
      {
        "finding_id": "typosquatting_detected",
        "severity": "critical",
        "description": "Domain name is a typosquat of 'bank-login.com'"
      }
    ]
  }
}

Response Schema

The domain risk object contains the final verdict and detailed findings.

Top-Level Fields

Property Description

Rate Limits

All endpoints are rate limited per organization, per minute.

Operation Limit Description
POST /v2/domain-risk 10/minute Trigger new risk analysis
GET /v2/domain-risk/jobs/{id} 60/minute Poll active jobs