ASA Threat Intelligence API
Access our community-sourced threat database programmatically.
Score URLs, phones, wallets, and platforms in one call.
We're shipping a clean REST API on top of the same threat database that powers getasanow.com — 12k+ user-submitted indicators, OFAC sync, Safe Browsing & VirusTotal pass-through, and live heuristics. Join the waitlist for free credits at launch.
Bearer-token authentication — send your key in the Authorization header.
https://api.getasanow.com/v1 · region-routed, anycast.
Endpoints below are preview — shapes are stable, but the API isn't open yet.
/api/v1/check/urlURL check
Score any URL against ASA's threat database, Safe Browsing, VirusTotal, and live heuristics (typosquat / homoglyph / domain age).
urlFull URL to analyse. Must be http(s).
e.g. https://paypa1-secure.com/login
curl -G "https://api.getasanow.com/v1/check/url?url=https%3A%2F%2Fpaypa1-secure.com%2Flogin" \
-H "Authorization: Bearer $ASA_API_KEY"{
"risk_score": 87,
"is_phishing": true,
"is_typosquat": true,
"typosquat_of": "paypal.com",
"domain_age_days": 3,
"threats": [
"Google Safe Browsing: social engineering"
]
}/api/v1/check/phonePhone check
Reverse-lookup carrier and line type, plus community report history for the number.
numberPhone number in E.164 format.
e.g. +14155551234
curl -G "https://api.getasanow.com/v1/check/phone?number=%2B14155551234" \
-H "Authorization: Bearer $ASA_API_KEY"{
"risk_score": 72,
"carrier": "Google Voice",
"line_type": "voip",
"report_count": 14,
"scam_types": [
"tech_support",
"irs_impersonation"
]
}/api/v1/check/walletWallet check
Cross-reference a crypto wallet against ASA's labelled-address set and OFAC sanctions lists.
addressWallet address. Auto-detects chain from format.
e.g. 0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb1
curl -G "https://api.getasanow.com/v1/check/wallet?address=0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb1" \
-H "Authorization: Bearer $ASA_API_KEY"{
"risk_score": 91,
"blockchain": "ethereum",
"labels": [
"pig_butchering",
"mixer"
],
"report_count": 7,
"sanctions_listed": false
}/api/v1/check/platformPlatform check
Investment-platform / broker due-diligence: registry status, domain age, and clone-site detection.
domainApex or sub-domain to check.
e.g. etoro-investments.app
curl -G "https://api.getasanow.com/v1/check/platform?domain=etoro-investments.app" \
-H "Authorization: Bearer $ASA_API_KEY"{
"trust_score": 8,
"regulatory_status": [
{
"regulator": "FCA",
"status": "UNAUTHORIZED"
}
],
"domain_age_days": 12,
"is_clone": true,
"clone_of": "etoro.com"
}/api/v1/reportSubmit a scam report
Push community intelligence back into the database. Reports feed the same indicators served by /feed.
curl -X POST "https://api.getasanow.com/v1/report" \
-H "Authorization: Bearer $ASA_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"type": "url",
"value": "phishing-site.com",
"category": "phishing",
"description": "Fake PayPal login page captured 2026-04-25 from email phishing campaign."
}'{
"id": "rpt_2c8b9e2a-…",
"status": "accepted",
"indicator_id": "ind_018d3f9c-…",
"duplicate_of": null
}/api/v1/feedThreat indicator feed
Paginated stream of new and updated indicators — perfect for filling SIEM / threat-feed integrations.
limitPage size, 1–500. Defaults to 100.
e.g. 100
categoryFilter by category. Omit for all categories.
e.g. crypto_scam
curl -G "https://api.getasanow.com/v1/feed?limit=100&category=crypto_scam" \
-H "Authorization: Bearer $ASA_API_KEY"{
"indicators": [
{
"id": "ind_…",
"type": "url",
"value": "fake-binance.example",
"risk_score": 88,
"category": "crypto_scam",
"first_seen": "2026-04-23T10:14:00Z",
"report_count": 12
}
],
"total": 3946,
"page": 1
}Pricing preview
Honest tiers, no surprises
These are the rate ceilings we're targeting at launch. Waitlist members get the first 30 days at the next tier up, free.
Free
100 requests / day
- URL, phone, wallet, platform checks
- Threat feed (1-day delay)
- Email support
Starter
10,000 requests / day
- Real-time threat feed
- Submit reports
- 99.9% uptime SLA
- Priority email support
Business
100,000 requests / day
- Webhooks for new indicators
- Bulk endpoints (1k inputs / call)
- Dedicated rate-limit pool
- Slack support
Enterprise
Unlimited / committed
- On-prem feed sync
- Custom indicator categories
- DPA + security review
- Named CSM
Need a quota above 100k/day, on-prem deploy, or a DPA? Get in touch.
Use cases
What teams are planning to build
Real conversations from the waitlist. If yours isn't here, write back when we email — we prioritize accordingly.
Block phishing in real time
Drop ASA's URL check into your link-rewriter or proxy. Stop credential-harvest pages before users see them.
Screen inbound phone numbers
Inline phone lookup in CRMs, voicemail systems, and IVR flows — flag known scam numbers before the call connects.
Verify crypto addresses
Pre-flight every withdrawal and incoming address against labelled mixers, pig-butchering wallets, and OFAC lists.
Embed scam detection in apps
Score user-submitted URLs, profiles, and investment offers from inside your product — protect your users without building a fraud team.
In the meantime
The same checks are live in the web app today — try them, then bring the workflow into your codebase when the API ships.