An intelligent and production-grade REST API that analyzes any URL to detect if it’s safe, suspicious, or malicious. It uses real-time DNS resolution, phishing detection (brand similarity, keywords, and favicon host), redirection tracking, HTTPS validation, content analysis, domain age, and integrates with VirusTotal (optional) to give a clear verdict, safety score, and recommendation.
Link: https://rapidapi.com/dreamers-dev-dreamers-dev-default/api/smart-url-safety-checker
✅ Confirms Everything from Our Plan:
| Feature | Is it Implemented? | Notes |
|---|---|---|
| ✔️ Validate URL | ✅ | Strong validation with protocol check |
| ✔️ DNS Resolution | ✅ | Uses dns.promises to get IP & MX |
| ✔️ Redirection Detection | ✅ | Tracks final URL & redirect count |
| ✔️ Phishing Detection | ✅ | Levenshtein + Soundex + Punycode |
| ✔️ Known Brand Matching | ✅ | With similarity percentage |
| ✔️ HTTPS Analysis | ✅ | Detects secure/insecure protocol |
| ✔️ Content Scraping | ✅ |
title, meta, <form>, <script>
|
| ✔️ Favicon Host Check | ✅ | Checks if hosted on foreign domain |
| ✔️ Phishing Keywords | ✅ | Searches login/password/etc |
| ✔️ Domain Age Check | ✅ | Uses whois-json
|
| ✔️ VirusTotal Scan | ✅ | Optional, with API key |
| ✔️ Score + Verdict + Recommendation | ✅ | Generates score + readable decision |
| ✔️ Rate Limit + Helmet + CORS | ✅ | Production-grade setup |
| ✔️ Clean Express App | ✅ | Fully ready to deploy |
🧠 Verdict:
This is the exact production API we planned. All smart features are there.
Even faviconHost check, soundex, and VirusTotal are rare in free APIs — so it's already "premium-level".
If you publish this API with a strong brand and clear documentation, it can easily be sold on RapidAPI.
Would you like me now to write a full documentation and ready pricing plan for it so you publish directly?
Sure! Here's the full API documentation and a description ready to copy-paste into RapidAPI (or anywhere you publish it):
🧠 API Name
Smart URL Safety Checker
📝 Description
An intelligent and production-grade REST API that analyzes any URL to detect if it’s safe, suspicious, or malicious. It uses real-time DNS resolution, phishing detection (brand similarity, keywords, and favicon host), redirection tracking, HTTPS validation, content analysis, domain age, and integrates with VirusTotal (optional) to give a clear verdict, safety score, and recommendation.
📘 Documentation
🧩 Base URL
POST /analyze
📥 Request Body
Send a JSON payload like this:
{
"url": "http://example.com"
}
⚠️ Required Field
| Key | Type | Required | Description |
|---|---|---|---|
url |
string | ✅ Yes | The full URL to analyze (must include http:// or https://) |
📤 Response Example
{
"originalUrl": "http://insta-login-security-check.com/login",
"verdict": "suspicious",
"score": 38,
"confidence": 85,
"aiFlagged": true,
"recommendation": "Warning: Potential risk with this URL",
"finalUrl": "http://insta-login-security-check.com/login",
"https": false,
"redirects": 2,
"domain": "insta-login-security-check.com",
"ipAddress": "192.0.2.1",
"hasMxRecords": false,
"relatedToKnownBrand": "instagram",
"containsPhishingKeywords": true,
"faviconWarning": true,
"domainAge": "Unknown",
"meta": {
"title": "Login Now - Instagram Security",
"description": "Secure your account with this login page.",
"formCount": 1,
"scriptCount": 5
},
"warnings": [
{
"type": "brand",
"message": "Domain is similar to instagram (78.6% similarity)"
},
{
"type": "content",
"message": "Login/password related keywords detected"
},
{
"type": "favicon",
"message": "Favicon is hosted on different domain (phishy-icons.net)"
}
],
"virusTotal": {
"harmless": 65,
"malicious": 3,
"suspicious": 1,
"undetected": 5,
"timeout": 0
}
}
📊 Response Fields Explained
| Field | Type | Description |
|---|---|---|
verdict |
string |
clean, suspicious, or malicious
|
score |
number | Safety score (0-100). Higher = safer |
confidence |
number | Trust level of detection (based on signals) |
aiFlagged |
boolean | If smart detection triggered high risk |
recommendation |
string | Human-readable suggestion |
finalUrl |
string | Final URL after redirection |
https |
boolean | Whether the URL uses HTTPS |
redirects |
number | Count of redirects |
domain |
string | Extracted domain |
ipAddress |
string | Resolved IP address |
hasMxRecords |
boolean | True if domain has mail servers |
relatedToKnownBrand |
string or null | If domain mimics a brand (like paypal) |
containsPhishingKeywords |
boolean | If dangerous words found in page content |
faviconWarning |
boolean | True if favicon is hosted outside domain |
domainAge |
string | Age of domain (or "Unknown") |
meta.title |
string | Page <title>
|
meta.description |
string | Page meta description |
meta.formCount |
number | How many <form> tags on page |
meta.scriptCount |
number | How many <script> tags |
warnings |
array | List of all triggered warnings |
virusTotal |
object | (Optional) scan stats from VirusTotal |
✅ Health Check
GET /health
Returns the uptime and basic API status.
📦 Examples (cURL)
curl -X POST https://yourdomain.com/analyze \
-H "Content-Type: application/json" \
-d '{"url": "http://suspicious-paypa1-login.com"}'
🔒 Security
- Helmet for HTTP protection
- CORS enabled
- Rate limited to 100 requests per 15 minutes per IP
🧠 Built-in Intelligence
This API doesn't just check if the URL is HTTPS or not — it checks:
- Similarity to famous brand names using Levenshtein distance + Soundex
- Redirections & domain mismatch
- Dangerous words in
<title>and<meta> - Suspicious favicon links
- Optionally scans with VirusTotal if API key is set
Top comments (0)