API Documentation

Integrate RiskScope threat intelligence into your applications

Quick Start

Make your first API request in seconds:

# Check a domain for threats

curl -X GET "https://riskscope.actvli.com/api/v1/lookup?domain=example.com" \

-H "x-api-key: YOUR_API_KEY"

Authentication

All API requests require an API key passed in the x-api-key header.

Header: x-api-key: rs_live_xxxxxxxxxxxxx

Get your API key from the pricing page.

Endpoints

GET/api/v1/lookupAll tiers

Look up risk information for a single domain.

Query Parameters

domainDomain to check, e.g. example.com

urlFull URL — domain is extracted automatically

Response

{
  "entity_type": "website",
  "identifier": "example.com",
  "risk_score": 25,
  "risk_level": "medium",
  "confidence": 0.72,
  "sources_checked": 14,
  "checked_at": "2026-03-22T10:00:00Z",
  "signals": [              // Pro and above only
    {
      "type": "new_domain_warning",
      "dimension": "technical",
      "severity": 5,
      "description": "Domain is 45 days old. New domains are more commonly associated with scams."
    }
  ]
}

POST/api/v1/bulkPro and above

Check up to 50 domains in a single request. Each domain counts as one lookup toward your monthly quota.

Request Body

{
  "domains": ["example.com", "anotherdomain.org", "suspicious-shop.net"]
}

cURL Example

curl -X POST "https://riskscope.actvli.com/api/v1/bulk" \
  -H "x-api-key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"domains":["example.com","suspicious-shop.net"]}'

Response

{
  "results": [
    {
      "identifier": "example.com",
      "risk_score": 12,
      "risk_level": "low",
      "confidence": 0.85,
      "sources_checked": 14,
      "checked_at": "2026-03-22T10:00:00Z"
    },
    {
      "identifier": "suspicious-shop.net",
      "risk_score": 78,
      "risk_level": "critical",
      "confidence": 0.94,
      "sources_checked": 14,
      "checked_at": "2026-03-22T10:00:01Z",
      "signals": [
        {
          "type": "listed_in_threat_database",
          "dimension": "reputation",
          "severity": 9,
          "description": "Domain found in URLhaus malware database."
        }
      ]
    }
  ],
  "total": 2,
  "lookups_used": 2
}

Maximum 50 domains per request. Domains beyond the limit are ignored. Returns a 403 if called with a Free tier key.

Rate Limits

Tier	Requests/min	Lookups/month
Free	10	100
Pro	100	10,000
Business	500	100,000
Enterprise	Custom	Unlimited

Error Codes

Status	Code	Meaning
400	Bad Request	Missing or invalid `domain` parameter
401	Unauthorized	Missing or invalid `x-api-key` header
403	Forbidden	Feature not available on your tier (e.g. bulk on Free)
429	Rate Limited	Per-minute or monthly quota exceeded. Check `X-RateLimit-Remaining` and `X-RateLimit-Reset` headers
500	Server Error	Transient error — retry with exponential backoff

Get Your API Key