Overview

Heuristic Phishing Detection is a security-focused API that analyzes suspicious URLs to identify phishing attacks and malicious links. Using advanced heuristic algorithms, the tool examines URL structure, domain characteristics, and behavioral patterns to determine threat likelihood without relying solely on blocklists.

This API is ideal for security teams, email filtering systems, browser extensions, and web applications that need to protect users from phishing campaigns. It provides fast, accurate risk assessment for URLs encountered in emails, messages, search results, and web content, enabling proactive threat prevention before users interact with malicious sites.

Key capabilities include real-time URL analysis, heuristic-based threat detection, and detailed risk scoring. The tool integrates seamlessly into security workflows, SIEM platforms, and automated incident response systems.

Usage

Sample Request

CODEBLOCK0

Sample Response

CODEBLOCK1

Endpoints

POST /check-url

Analyzes a provided URL for phishing characteristics and returns a threat assessment.

Method: INLINECODE0

Path: INLINECODE1

Description: Submits a URL for heuristic analysis to determine phishing risk. The API examines domain structure, SSL certificate patterns, content indicators, and known phishing signatures.

Parameters

Name	Type	Required	Description
INLINECODE2	string	Yes	The complete URL to analyze, including protocol (http:// or https://). Maximum 2048 characters.

Request Body

CODEBLOCK2

Response (200 OK)

Content-Type: INLINECODE3

The response contains phishing detection results with risk indicators:

CODEBLOCK3

Response Fields:

Field	Type	Description
INLINECODE4	string	Echo of the submitted URL
INLINECODE5

Response (422 Validation Error)

Content-Type: INLINECODE10

Returned when request validation fails:

CODEBLOCK4

Pricing

Plan	Calls/Day	Calls/Month	Price
Free	5	50	Free
Developer

20 | 500 | $39/mo | | Professional | 200 | 5,000 | $99/mo | | Enterprise | 100,000 | 1,000,000 | $299/mo |

About

ToolWeb.in — 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.

References

- Kong Route: INLINECODE11
API Docs: INLINECODE12

概述

启发式钓鱼检测是一种专注于安全的API，用于分析可疑URL以识别钓鱼攻击和恶意链接。该工具采用先进的启发式算法，检查URL结构、域名特征和行为模式，在不完全依赖黑名单的情况下判断威胁可能性。

该API非常适合需要保护用户免受钓鱼攻击的安全团队、邮件过滤系统、浏览器扩展和Web应用程序。它能够对电子邮件、消息、搜索结果和网页内容中遇到的URL提供快速准确的风险评估，在用户与恶意网站交互之前实现主动威胁预防。

核心功能包括实时URL分析、基于启发式的威胁检测和详细的风险评分。该工具可无缝集成到安全工作流程、SIEM平台和自动化事件响应系统中。

使用说明

示例请求

json
{
url: https://secure-paypal-verify.com/login
}

示例响应

json
{
url: https://secure-paypal-verify.com/login,
is_phishing: true,
risk_score: 0.92,
threat_indicators: [
homograph_domain,
suspicious_tld,
brand_impersonation
],
confidence: 0.95,
analysis_timestamp: 2024-01-15T10:32:45Z
}

接口端点

POST /check-url

分析提供的URL的钓鱼特征并返回威胁评估结果。

方法： POST

路径： /check-url

描述： 提交URL进行启发式分析以确定钓鱼风险。API会检查域名结构、SSL证书模式、内容指标和已知的钓鱼特征。

参数

名称	类型	必填	描述
url	字符串	是	要分析的完整URL，包含协议（http:// 或 https://）。最大长度2048个字符。

请求体

json
{
url: 字符串
}

响应（200 OK）

内容类型： application/json

响应包含带有风险指标的钓鱼检测结果：

json
{
url: 字符串,
is_phishing: 布尔值,
risk_score: 数字 (0-1),
threat_indicators: [字符串数组],
confidence: 数字 (0-1),
analysis_timestamp: 字符串 (ISO 8601)
}

响应字段：

字段	类型	描述
url	字符串	提交的URL回显
is_phishing

响应（422 验证错误）

内容类型： application/json

当请求验证失败时返回：

json
{
detail: [
{
loc: [body, url],
msg: 字段必填,
type: value_error.missing
}
]
}

定价方案

方案	每日调用次数	每月调用次数	价格
免费版	5	50	免费
开发者版

20 | 500 | $39/月 | | 专业版 | 200 | 5,000 | $99/月 | | 企业版 | 100,000 | 1,000,000 | $299/月 |

关于我们

ToolWeb.in — 200+安全API，CISSP & CISM认证，平台：按次付费、API网关、MCP服务器、OpenClaw、RapidAPI、YouTube。

参考信息

- Kong路由： https://api.mkkpro.com/security/phishing-detection
API文档： https://api.mkkpro.com:8005/docs

Heuristic Phishing Detection启发式钓鱼检测

Heuristic Phishing Detection

Overview

Usage

Sample Request

Sample Response

Endpoints