Phishing Analysis API

Parse and analyze raw .eml email content with heuristic-based detection of phishing indicators, header anomalies, and suspicious patterns.

Get an AI-enhanced verdict on a phishing email analysis, combining heuristic results with large language model reasoning.

Enrich extracted IOCs (IPs, domains, URLs, hashes) against multiple threat intelligence providers to assess reputation and known associations.

Perform comprehensive DNS lookups on a domain including MX, SPF, DKIM, DMARC, and NS records to assess legitimacy.

Check an IP address against multiple DNS-based blackhole lists (DNSBLs) to determine if it has been flagged for abuse.

Look up the geolocation of an IP address including country, city, ISP, and ASN to identify suspicious origin locations.

Check URLs against Google Safe Browsing to detect known phishing, malware, and social engineering threats.

Scan a URL with CheckPhish.ai to detect phishing pages, brand impersonation, and other URL-based threats.

Submit a URL to URLScan.io for full page analysis including screenshots, DOM inspection, network requests, and threat verdicts.

Follow and expand shortened or redirected URLs to reveal the full redirect chain and final destination.