Security Blocklist API

Integrate our comprehensive security threat detection system into your applications

GET https://remindsecure.com/api/v1/security/blocklist

Getting Started

The RemindSecure Security Blocklist API provides real-time access to our database of malicious domains and security threats. This API is RESTful and returns data in JSON format.

No API key is required for public endpoints. Rate limiting applies to prevent abuse.

Try it Now

Authentication

Public Access

Basic access to the API is available without authentication, subject to rate limiting.

You can start using the API immediately for basic queries without any authentication.

Premium Access

For higher rate limits and advanced features, use API key authentication: 

curl -H "Authorization: Bearer YOUR_API_KEY" \
    https://remindsecure.com/api/v1/security/blocklist

API Key Implementation

JavaScript

const response = await fetch(url, {
    headers: {
        'Authorization': 'Bearer YOUR_API_KEY'
    }
});

Python

headers = {
    'Authorization': 'Bearer YOUR_API_KEY'
}
response = requests.get(url, headers=headers)

Premium Features

  • Higher rate limits (10,000 requests/hour)
  • Bulk domain checking (up to 10,000 domains)
  • Real-time webhook notifications
  • Detailed threat intelligence
  • Priority support
  • Custom integration support

API Endpoints

Get All Blocked Domains

GET https://remindsecure.com/api/v1/security/blocklist

Returns a paginated list of all blocked domains.

Query Parameters:

  • page (optional): Page number (default: 1)
  • limit (optional): Results per page (default: 100, max: 1000)
  • category (optional): Filter by threat category

Response Format:

{
    "success": true,
    "metadata": {
        "lastUpdated": "2024-02-01T00:00:00Z",
        "version": "1.0.0"
    },
    "pagination": {
        "total": 1234,
        "page": 1,
        "pages": 13,
        "limit": 100
    },
    "data": [
        {
            "domain": "malicious-example.com",
            "category": "phishing",
            "dateAdded": "2024-01-15T00:00:00Z",
            "risk": "high"
        }
    ]
}

Search Blocked Domains

GET https://remindsecure.com/api/v1/security/blocklist/search/{query}

Search for specific domains in the blocklist.

Response Format:

{
    "success": true,
    "count": 1,
    "data": [
        {
            "domain": "malicious-example.com",
            "category": "phishing",
            "dateAdded": "2024-01-15T00:00:00Z",
            "risk": "high"
        }
    ]
}

Check Single Domain

GET https://remindsecure.com/api/v1/security/blocklist/check/{domain}

Check if a specific domain is in the blocklist.

Response Format:

{
    "success": true,
    "domain": "example.com",
    "isBlocked": true,
    "details": {
        "category": "phishing",
        "dateAdded": "2024-01-15T00:00:00Z",
        "risk": "high"
    }
}

Implementation Examples

JavaScript/Node.js

// Check if a domain is blocked
async function checkDomain(domain) {
    try {
        const response = await fetch(
            `https://remindsecure.com/api/v1/security/blocklist/check/${domain}`
        );
        const data = await response.json();
        
        if (data.success && data.isBlocked) {
            console.log(`Warning: ${domain} is a known threat!`);
            return true;
        }
        return false;
    } catch (error) {
        console.error('Error checking domain:', error);
        return false;
    }
}

Python

import requests

def check_domain(domain):
    try:
        response = requests.get(
            f'https://remindsecure.com/api/v1/security/blocklist/check/{domain}'
        )
        data = response.json()
        
        if data['success'] and data['isBlocked']:
            print(f"Warning: {domain} is a known threat!")
            return True
        return False
    except Exception as e:
        print(f"Error checking domain: {e}")
        return False

PHP

function checkDomain($domain) {
    try {
        $response = file_get_contents(
            "https://remindsecure.com/api/v1/security/blocklist/check/" . urlencode($domain)
        );
        $data = json_decode($response, true);
        
        if ($data['success'] && $data['isBlocked']) {
            echo "Warning: {$domain} is a known threat!";
            return true;
        }
        return false;
    } catch (Exception $e) {
        error_log("Error checking domain: " . $e->getMessage());
        return false;
    }
}

Rate Limiting

To ensure fair usage, the API implements the following rate limits:

  • 100 requests per IP address per 15-minute window
  • Bulk lookups are limited to 1000 domains per request

Exceeding these limits will result in a 429 Too Many Requests response.

Status Codes & Responses

Success Responses

200 OK

Request completed successfully

{
    "success": true,
    "data": {
        "domain": "example.com",
        "isBlocked": false
    }
}

Error Responses

400 Bad Request

Invalid request parameters

{
    "success": false,
    "error": {
        "code": "INVALID_DOMAIN",
        "message": "Invalid domain format"
    }
}

429 Too Many Requests

Rate limit exceeded

{
    "success": false,
    "error": {
        "code": "RATE_LIMIT_EXCEEDED",
        "message": "Rate limit exceeded",
        "retryAfter": 300
    }
}

API Versioning

Our API uses URL versioning to ensure compatibility as we add new features and improvements.

Current Version

https://remindsecure.com/api/v1/...

Always specify the API version in your requests to ensure stability.

Version Support Policy:

  • Major versions are supported for at least 12 months after deprecation notice
  • Minor updates are backward compatible
  • Emergency security updates may be applied to all versions

Testing & Integration

Test Environment

https://test-api.remindsecure.com/v1/security/blocklist

Use our test environment for development and integration testing. The test environment has higher rate limits but may include synthetic data.

Test Domains

Always Blocked

test-malicious.remindsecure.com

Never Blocked

test-safe.remindsecure.com

Test credentials and additional test domains are available upon request.

CORS & Security

CORS Configuration

Our API supports Cross-Origin Resource Sharing (CORS) for secure client-side requests from browsers. 

{
    "allowed_origins": ["*"],
    "allowed_methods": ["GET", "POST", "OPTIONS"],
    "allowed_headers": ["Content-Type", "Authorization"],
    "max_age": 86400
}

Security Headers

Response Headers

  • • X-Content-Type-Options: nosniff
  • • X-Frame-Options: DENY
  • • X-XSS-Protection: 1; mode=block
  • • Strict-Transport-Security: max-age=31536000

SSL/TLS Requirements

  • • TLS 1.2 or higher required
  • • Strong cipher suites only
  • • Certificate transparency required

Webhook Integration

Receive real-time notifications about new threats and updates to the blocklist through webhooks.

Setting Up Webhooks

{
    "webhook_url": "https://your-domain.com/webhook",
    "events": ["new_threat", "threat_update", "threat_removed"],
    "secret": "your_webhook_secret"
}

Example Webhook Payload

{
    "event": "new_threat",
    "timestamp": "2024-02-02T12:00:00Z",
    "data": {
        "domain": "malicious-example.com",
        "threat_type": "phishing",
        "severity": "high",
        "detection_method": "ai_analysis"
    }
}

Always verify webhook signatures to ensure the authenticity of received payloads.

Client Libraries

Python

pip install remindsecure-api
View on GitHub

JavaScript

npm install remindsecure-api
View on GitHub

PHP

composer require remindsecure/api
View on GitHub