FORMAT: 1A
HOST: https://neutrinoapi.net/
# Neutrino API
The general-purpose API
## Authentication
This API uses Custom Header for its authentication.
The parameters that are needed to be sent for this type of authentication are as follows:
+ `user-id` - Your user ID
+ `api-key` - One of your API keys
# Group Imaging
## Qr Code [/qr-code]
### QR Code [POST]
Generate a QR code as a PNG image
+ Attributes
+ content (string, required)
The content to encode into the QR code (e.g. a URL or a phone number)
+ Sample: https://www.neutrinoapi.com/signup/
+ width (number, optional) -
The width of the QR code (in px)
+ Default: 256
+ height (number, optional) -
The height of the QR code (in px)
+ Default: 256
+ fg-color (string, optional) -
The QR code foreground color
+ Default: #000000
+ bg-color (string, optional) -
The QR code background color
+ Default: #ffffff
+ Request (application/x-www-form-urlencoded)
+ Response 200 (binary)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Html Render [/html-render]
### HTML Render [POST]
Render HTML content to PDF, JPG or PNG
+ Attributes
+ content (string, required)
The HTML content. This can be either a URL to load from, a file upload (multipart/form-data) or an HTML content string
+ Sample:
TEST DOCUMENT
Hello, this is a test page...
+ format (string, optional) -
Which format to output, available options are: PDF, PNG, JPG
+ Default: PDF
+ page-size (string, optional) -
Set the document page size, can be one of: A0 - A9, B0 - B10, Comm10E, DLE or Letter
+ Default: A4
+ title (string, optional)
The document title
+ margin (number, optional) -
The document margin (in mm)
+ Default: 0
+ margin-left (number, optional) -
The document left margin (in mm)
+ Default: 0
+ margin-right (number, optional) -
The document right margin (in mm)
+ Default: 0
+ margin-top (number, optional) -
The document top margin (in mm)
+ Default: 0
+ margin-bottom (number, optional) -
The document bottom margin (in mm)
+ Default: 0
+ landscape (boolean, optional) -
Set the document to landscape orientation
+ Default: false
+ zoom (number, optional) -
Set the zoom factor when rendering the page (2.0 for double size, 0.5 for half size)
+ Default: 1
+ grayscale (boolean, optional) -
Render the final document in grayscale
+ Default: false
+ css (string, optional)
Inject custom CSS into the HTML. e.g. 'body { background-color: red;}'
+ image-width (number, optional) -
If rendering to an image format (PNG or JPG) use this image width (in pixels)
+ Default: 1024
+ image-height (number, optional)
If rendering to an image format (PNG or JPG) use this image height (in pixels). The default is automatic which dynamically sets the image height based on the content
+ delay (number, optional) -
Number of seconds to wait before rendering the page (can be useful for pages with animations etc)
+ Default: 0
+ page-width (number, optional)
Set the PDF page width explicitly (in mm)
+ page-height (number, optional)
Set the PDF page height explicitly (in mm)
+ timeout (number, optional) -
Timeout in seconds. Give up if still trying to load the HTML content after this number of seconds
+ Default: 300
+ ignore-certificate-errors (boolean, optional) -
Ignore any TLS/SSL certificate errors
+ Default: false
+ header (string, optional)
The header HTML to insert into each page. The following dynamic tags are supported: {date}, {title}, {url}, {pageNumber}, {totalPages}
+ Sample: {pageNumber} of {totalPages} - {date}
+ footer (string, optional)
The footer HTML to insert into each page. The following dynamic tags are supported: {date}, {title}, {url}, {pageNumber}, {totalPages}
+ bg-color (string, optional)
For image rendering set the background color in hexadecimal notation (e.g. #0000ff). For PNG output the special value of 'transparent' can be used to create a transparent PNG
+ Request (application/x-www-form-urlencoded)
+ Response 200 (binary)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Image Watermark [/image-watermark]
### Image Watermark [POST]
Watermark one image with another image
+ Attributes
+ image-url (string, required)
The URL or Base64 encoded Data URL for the source image. You can also upload an image file directly using multipart/form-data
+ Sample: https://www.neutrinoapi.com/img/LOGO.png
+ watermark-url (string, required)
The URL or Base64 encoded Data URL for the watermark image. You can also upload an image file directly using multipart/form-data
+ Sample: https://www.neutrinoapi.com/img/icons/security.png
+ opacity (number, optional) -
The opacity of the watermark (0 to 100)
+ Default: 50
+ Sample: 90
+ format (string, optional) -
The output image format, can be either png or jpg
+ Default: png
+ position (string, optional) -
The position of the watermark image, possible values are:
center, top-left, top-center, top-right, bottom-left, bottom-center, bottom-right
+ Default: center
+ width (number, optional)
If set resize the resulting image to this width (in px)
+ height (number, optional)
If set resize the resulting image to this height (in px)
+ resize-mode (string, optional) -
The resize mode to use, we support 3 main resizing modes: - scale
Resize to within the width and height specified while preserving aspect ratio. In this mode the width or height will be automatically adjusted to fit the aspect ratio - pad
Resize to exactly the width and height specified while preserving aspect ratio and pad any space left over. Any padded space will be filled in with the 'bg-color' value - crop
Resize to exactly the width and height specified while preserving aspect ratio and crop any space which fall outside the area. The cropping window is centered on the original image
+ Default: scale
+ bg-color (string, optional) -
The image background color in hexadecimal notation (e.g. #0000ff). For PNG output the special value of 'transparent' can also be used. For JPG output the default is black (#000000)
+ Default: transparent
+ Request (application/x-www-form-urlencoded)
+ Response 200 (binary)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Image Resize [/image-resize]
### Image Resize [POST]
Resize an image and output as either JPEG or PNG
+ Attributes
+ image-url (string, required)
The URL or Base64 encoded Data URL for the source image. You can also upload an image file directly using multipart/form-data
+ Sample: https://www.neutrinoapi.com/img/LOGO.png
+ width (number, required)
The width to resize to (in px)
+ Sample: 32
+ height (number, optional)
The height to resize to (in px). If you don't set this field then the height will be automatic based on the requested width and image aspect ratio
+ Sample: 32
+ format (string, optional) -
The output image format, can be either png or jpg
+ Default: png
+ resize-mode (string, optional) -
The resize mode to use, we support 3 main resizing modes: - scale
Resize to within the width and height specified while preserving aspect ratio. In this mode the width or height will be automatically adjusted to fit the aspect ratio - pad
Resize to exactly the width and height specified while preserving aspect ratio and pad any space left over. Any padded space will be filled in with the 'bg-color' value - crop
Resize to exactly the width and height specified while preserving aspect ratio and crop any space which fall outside the area. The cropping window is centered on the original image
+ Default: scale
+ bg-color (string, optional) -
The image background color in hexadecimal notation (e.g. #0000ff). For PNG output the special value of 'transparent' can also be used. For JPG output the default is black (#000000)
+ Default: transparent
+ Request (application/x-www-form-urlencoded)
+ Response 200 (binary)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
# Group Telephony
## Phone Playback [/phone-playback]
### Phone Playback [POST]
Make an automated call to any valid phone number and playback an audio message
+ Attributes
+ number (string, required)
The phone number to call. Must be in valid international format
+ Sample: +12106100045
+ audio-url (string, required)
A URL to a valid audio file. Accepted audio formats are: You can use the following MP3 URL for testing:
https://www.neutrinoapi.com/test-files/test1.mp3
+ Sample: https://www.neutrinoapi.com/test-files/test1.mp3
+ limit (number, optional) -
Limit the total number of calls allowed to the supplied phone number, if the limit is reached within the TTL then error code 14 will be returned
+ Default: 3
+ limit-ttl (number, optional) -
Set the TTL in number of days that the 'limit' option will remember a phone number (the default is 1 day and the maximum is 365 days)
+ Default: 1
+ Request (application/x-www-form-urlencoded)
+ Response 200 (application/json)
+ Attributes (Phone Playback Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Verify Security Code [/verify-security-code{?security-code,limit-by}]
### Verify Security Code [GET]
Check if a security code sent via SMS Verify or Phone Verify is valid
+ Parameters
+ security-code (string, required)
The security code to verify
+ Sample: 123456
+ limit-by (string, optional)
If set then enable additional brute-force protection by limiting the number of attempts by the supplied value. This can be set to any unique identifier you would like to limit by, for example a hash of the users email, phone number or IP address. Requests to this API will be ignored after approximately 10 failed verification attempts
+ Response 200 (application/json)
+ Attributes (Verify Security Code Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Hlr Lookup [/hlr-lookup{?number,country-code}]
### HLR Lookup [GET]
Connect to the global mobile cellular network and retrieve the status of a mobile device
+ Parameters
+ number (string, required)
A phone number
+ Sample: +12106100045
+ country-code (string, optional)
ISO 2-letter country code, assume numbers are based in this country.
If not set numbers are assumed to be in international format (with or without the leading + sign)
+ Response 200 (application/json)
+ Attributes (HLR Lookup Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Sms Verify [/sms-verify]
### SMS Verify [POST]
Send a unique security code to any mobile device via SMS
+ Attributes
+ number (string, required)
The phone number to send a verification code to
+ Sample: +12106100045
+ code-length (number, optional) -
The number of digits to use in the security code (must be between 4 and 12)
+ Default: 5
+ security-code (number, optional)
Pass in your own security code. This is useful if you have implemented TOTP or similar 2FA methods. If not set then we will generate a secure random code
+ country-code (string, optional)
ISO 2-letter country code, assume numbers are based in this country.
If not set numbers are assumed to be in international format (with or without the leading + sign)
+ language-code (string, optional) -
The language to send the verification code in, available languages are: - de - German
- en - English
- es - Spanish
- fr - French
- it - Italian
- pt - Portuguese
- ru - Russian
+ Default: en
+ limit (number, optional) -
Limit the total number of SMS allowed to the supplied phone number, if the limit is reached within the TTL then error code 14 will be returned
+ Default: 10
+ limit-ttl (number, optional) -
Set the TTL in number of days that the 'limit' option will remember a phone number (the default is 1 day and the maximum is 365 days)
+ Default: 1
+ brand-name (string, optional)
Set a custom brand or product name in the verification message
+ Request (application/x-www-form-urlencoded)
+ Response 200 (application/json)
+ Attributes (SMS Verify Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Phone Verify [/phone-verify]
### Phone Verify [POST]
Make an automated call to any valid phone number and playback a unique security code
+ Attributes
+ number (string, required)
The phone number to send the verification code to
+ Sample: +12106100045
+ code-length (number, optional) -
The number of digits to use in the security code (between 4 and 12)
+ Default: 6
+ security-code (number, optional)
Pass in your own security code. This is useful if you have implemented TOTP or similar 2FA methods. If not set then we will generate a secure random code
+ playback-delay (number, optional) -
The delay in milliseconds between the playback of each security code
+ Default: 800
+ country-code (string, optional)
ISO 2-letter country code, assume numbers are based in this country.
If not set numbers are assumed to be in international format (with or without the leading + sign)
+ language-code (string, optional) -
The language to playback the verification code in, available languages are: - de - German
- en - English
- es - Spanish
- fr - French
- it - Italian
- pt - Portuguese
- ru - Russian
+ Default: en
+ limit (number, optional) -
Limit the total number of calls allowed to the supplied phone number, if the limit is reached within the TTL then error code 14 will be returned
+ Default: 3
+ limit-ttl (number, optional) -
Set the TTL in number of days that the 'limit' option will remember a phone number (the default is 1 day and the maximum is 365 days)
+ Default: 1
+ Request (application/x-www-form-urlencoded)
+ Response 200 (application/json)
+ Attributes (Phone Verify Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
# Group Data Tools
## Bad Word Filter [/bad-word-filter]
### Bad Word Filter [POST]
Detect bad words, swear words and profanity in a given text
+ Attributes
+ content (string, required)
The content to scan. This can be either a URL to load from, a file upload (multipart/form-data) or an HTML content string
+ Sample: https://en.wikipedia.org/wiki/Profanity
+ censor-character (string, optional)
The character to use to censor out the bad words found
+ catalog (string, optional) -
Which catalog of bad words to use, we currently maintain two bad word catalogs:
- strict - the largest database of bad words which includes profanity, obscenity, sexual, rude, cuss, dirty, swear and objectionable words and phrases. This catalog is suitable for environments of all ages including educational or children's content
- obscene - like the strict catalog but does not include any mild profanities, idiomatic phrases or words which are considered formal terminology. This catalog is suitable for adult environments where certain types of bad words are considered OK
+ Default: strict
+ Request (application/x-www-form-urlencoded)
+ Response 200 (application/json)
+ Attributes (Bad Word Filter Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Ua Lookup [/ua-lookup{?ua,ua-version,ua-platform,ua-platform-version,ua-mobile,device-model,device-brand}]
### UA Lookup [GET]
Parse, validate and get detailed user-agent information from a user agent string or from client hints
+ Parameters
+ ua (string, required)
The user-agent string to lookup. For client hints use the 'UA' header or the JSON data directly from 'navigator.userAgentData.brands' or 'navigator.userAgentData.getHighEntropyValues()'
+ Sample: Mozilla/5.0 (Linux; Android 11; SM-G9980U1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.101 Mobile Safari/537.36
+ ua-version (string, optional)
For client hints this corresponds to the 'UA-Full-Version' header or 'uaFullVersion' from NavigatorUAData
+ ua-platform (string, optional)
For client hints this corresponds to the 'UA-Platform' header or 'platform' from NavigatorUAData
+ ua-platform-version (string, optional)
For client hints this corresponds to the 'UA-Platform-Version' header or 'platformVersion' from NavigatorUAData
+ ua-mobile (string, optional)
For client hints this corresponds to the 'UA-Mobile' header or 'mobile' from NavigatorUAData
+ device-model (string, optional)
For client hints this corresponds to the 'UA-Model' header or 'model' from NavigatorUAData.
You can also use this parameter to lookup a device directly by its model name, model code or hardware code, on android you can get the model name from: https://developer.android.com/reference/android/os/Build.html#MODEL
+ device-brand (string, optional)
This parameter is only used in combination with 'device-model' when doing direct device lookups without any user-agent data. Set this to the brand or manufacturer name, this is required for accurate device detection with ambiguous model names. On android you can get the device brand from: https://developer.android.com/reference/android/os/Build#MANUFACTURER
+ Response 200 (application/json)
+ Attributes (UA Lookup Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Email Validate [/email-validate{?email,fix-typos}]
### Email Validate [GET]
Parse, validate and clean an email address
+ Parameters
+ email (string, required)
An email address
+ Sample: tech@neutrinoapi.com
+ fix-typos (boolean, optional) -
Automatically attempt to fix typos in the address
+ Default: false
+ Response 200 (application/json)
+ Attributes (Email Validate Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Phone Validate [/phone-validate{?number,country-code,ip}]
### Phone Validate [GET]
Parse, validate and get location information about a phone number
+ Parameters
+ number (string, required)
A phone number. This can be in international format (E.164) or local format. If passing local format you must also set either the 'country-code' OR 'ip' options as well
+ Sample: +6495552000
+ country-code (string, optional)
ISO 2-letter country code, assume numbers are based in this country. If not set numbers are assumed to be in international format (with or without the leading + sign)
+ ip (string, optional)
Pass in a users IP address and we will assume numbers are based in the country of the IP address
+ Response 200 (application/json)
+ Attributes (Phone Validate Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
# Group Security and Networking
## Ip Probe [/ip-probe{?ip}]
### IP Probe [GET]
Execute a realtime network probe against an IPv4 or IPv6 address
+ Parameters
+ ip (string, required)
IPv4 or IPv6 address
+ Sample: 194.233.98.38
+ Response 200 (application/json)
+ Attributes (IP Probe Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Ip Blocklist [/ip-blocklist{?ip,vpn-lookup}]
### IP Blocklist [GET]
The IP Blocklist API will detect potentially malicious or dangerous IP addresses
+ Parameters
+ ip (string, required)
An IPv4 or IPv6 address. Accepts standard IP notation (with or without port number), CIDR notation and IPv6 compressed notation. If multiple IPs are passed using comma-separated values the first non-bogon address on the list will be checked
+ Sample: 104.244.72.115
+ vpn-lookup (boolean, optional) -
Include public VPN provider IP addresses.
NOTE: For more advanced VPN detection including the ability to identify private and stealth VPNs use the IP Probe API
+ Default: false
+ Response 200 (application/json)
+ Attributes (IP Blocklist Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Email Verify [/email-verify{?email,fix-typos}]
### Email Verify [GET]
SMTP based email address verification
+ Parameters
+ email (string, required)
An email address
+ Sample: tech@neutrinoapi.com
+ fix-typos (boolean, optional) -
Automatically attempt to fix typos in the address
+ Default: false
+ Response 200 (application/json)
+ Attributes (Email Verify Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Ip Blocklist Download [/ip-blocklist-download{?format,cidr,ip6,category,output-encoding,checksum}]
### IP Blocklist Download [GET]
This API is a direct feed to our IP blocklist data
+ Parameters
+ format (string, optional) -
The data format. Can be either CSV or TXT
+ Default: csv
+ cidr (boolean, optional) -
Output IPs using CIDR notation. This option should be preferred but is off by default for backwards compatibility
+ Default: false
+ ip6 (boolean, optional) -
Output the IPv6 version of the blocklist, the default is to output IPv4 only. Note that this option enables CIDR notation too as this is the only notation currently supported for IPv6
+ Default: false
+ category (string, optional) -
The category of IP addresses to include in the download file, possible values are:
- all - all IPs available on your current plan (excludes VPN providers for any plans lower than Tier 3)
- bot - all IPs hosting a malicious bot or part of a botnet. This is a broad category which includes brute-force crackers
- exploit-bot - all IPs hosting an exploit finding bot or running exploit scanning software
- hijacked - all IPs that are part of a hijacked netblock or a netblock controlled by a criminal organization
- malware - all IPs involved in distributing or running malware
- proxy - all IPs detected as an anonymous web proxy or anonymous HTTP proxy
- spam-bot - all IPs hosting a spam bot, comment spamming or any other spamming type software
- spider - all IPs running a hostile web spider / web crawler
- spyware - all IPs involved in distributing or running spyware
- tor - all IPs that are Tor nodes or running a Tor related service
- vpn - all IPs belonging to public VPN providers (only available for Tier 3 or higher accounts)
+ Default: all
+ output-encoding (string, optional)
Set this option to 'gzip' to have the output file compressed using gzip
+ checksum (boolean, optional) -
Do not download the file but just return the current files MurmurHash3 checksum. You can use this feature to check if the file has changed since a previous check
+ Default: false
+ Response 200 (binary)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Host Reputation [/host-reputation{?host,list-rating,zones}]
### Host Reputation [GET]
Check the reputation of an IP address, domain name or URL against a comprehensive list of blacklists and blocklists
+ Parameters
+ host (string, required)
An IP address, domain name, FQDN or URL.
If you supply a domain/URL it will be checked against the URI DNSBL lists
+ Sample: neutrinoapi.com
+ list-rating (number, optional) -
Only check lists with this rating or better
+ Default: 3
+ zones (string, optional)
Only check these DNSBL zones/hosts. Multiple zones can be supplied as comma-separated values
+ Response 200 (application/json)
+ Attributes (Host Reputation Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Domain Lookup [/domain-lookup{?host,live}]
### Domain Lookup [GET]
Retrieve domain name details and detect potentially malicious or dangerous domains
+ Parameters
+ host (string, required)
A domain name, hostname, FQDN, URL, HTML link or email address to lookup
+ Sample: neutrinoapi.com
+ live (boolean, optional) -
For domains that we have never seen before then perform various live checks and realtime reconnaissance.
NOTE: this option may add additional non-deterministic delay to the request, if you require consistently fast API response times or just want to check our domain blocklists then you can disable this option
+ Default: true
+ Response 200 (application/json)
+ Attributes (Domain Lookup Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
# Group Geolocation
## Geocode Reverse [/geocode-reverse{?latitude,longitude,language-code,zoom}]
### Geocode Reverse [GET]
Convert a geographic coordinate (latitude and longitude) into a real world address
+ Parameters
+ latitude (string, required)
The location latitude in decimal degrees format
+ Sample: -41.2775847
+ longitude (string, required)
The location longitude in decimal degrees format
+ Sample: 174.7775229
+ language-code (string, optional) -
The language to display results in, available languages are: - de, en, es, fr, it, pt, ru
+ Default: en
+ zoom (string, optional) -
The zoom level to respond with:
- address - the most precise address available
- street - the street level
- city - the city level
- state - the state level
- country - the country level
+ Default: address
+ Response 200 (application/json)
+ Attributes (Geocode Reverse Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Ip Info [/ip-info{?ip,reverse-lookup}]
### IP Info [GET]
Get location information about an IP address and do reverse DNS (PTR) lookups
+ Parameters
+ ip (string, required)
IPv4 or IPv6 address
+ Sample: 1.1.1.1
+ reverse-lookup (boolean, optional) -
Do a reverse DNS (PTR) lookup. This option can add extra delay to the request so only use it if you need it
+ Default: false
+ Response 200 (application/json)
+ Attributes (IP Info Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Geocode Address [/geocode-address{?address,house-number,street,city,county,state,postal-code,country-code,language-code,fuzzy-search}]
### Geocode Address [GET]
Geocode an address, partial address or just the name of a place
+ Parameters
+ address (string, optional)
The full address, partial address or name of a place to try and locate. Comma separated address components are preferred.
+ Sample: 1 Molesworth Street, Thorndon, Wellington 6011
+ house-number (string, optional)
The house/building number to locate
+ street (string, optional)
The street/road name to locate
+ city (string, optional)
The city/town name to locate
+ county (string, optional)
The county/region name to locate
+ state (string, optional)
The state name to locate
+ postal-code (string, optional)
The postal code to locate
+ country-code (string, optional)
Limit result to this country (the default is no country bias)
+ language-code (string, optional) -
The language to display results in, available languages are: - de, en, es, fr, it, pt, ru, zh
+ Default: en
+ fuzzy-search (boolean, optional) -
If no matches are found for the given address, start performing a recursive fuzzy search until a geolocation is found. This option is recommended for processing user input or implementing auto-complete. We use a combination of approximate string matching and data cleansing to find possible location matches
+ Default: false
+ Response 200 (application/json)
+ Attributes (Geocode Address Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
# Group Ecommerce
## Bin List Download [/bin-list-download{?include-iso3,include-8digit,include-all,output-encoding}]
### BIN List Download [GET]
Download our entire BIN database for direct use on your own systems
+ Parameters
+ include-iso3 (boolean, optional) -
Include ISO 3-letter country codes and ISO 3-letter currency codes in the data. These will be added to columns 10 and 11 respectively
+ Default: false
+ include-8digit (boolean, optional) -
Include 8-digit and higher BIN codes. This option includes all 6-digit BINs and all 8-digit and higher BINs (including some 9, 10 and 11 digit BINs where available)
+ Default: false
+ include-all (boolean, optional) -
Include all BINs and all available fields in the CSV file (overrides any values set for 'include-iso3' or 'include-8digit')
+ Default: false
+ output-encoding (string, optional)
Set this option to 'gzip' to have the output file compressed using gzip
+ Response 200 (binary)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Convert [/convert{?from-value,from-type,to-type}]
### Convert [GET]
A currency and unit conversion tool
+ Parameters
+ from-value (string, required)
The value to convert from (e.g. 10.95)
+ Sample: 100
+ from-type (string, required)
The type of the value to convert from (e.g. USD)
+ Sample: USD
+ to-type (string, required)
The type to convert to (e.g. EUR)
+ Sample: EUR
+ Response 200 (application/json)
+ Attributes (Convert Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Bin Lookup [/bin-lookup{?bin-number,customer-ip}]
### BIN Lookup [GET]
Perform a BIN (Bank Identification Number) or IIN (Issuer Identification Number) lookup
+ Parameters
+ bin-number (string, required)
The BIN or IIN number. This is the first 6, 8 or 10 digits of a card number, use 8 (or more) digits for the highest level of accuracy
+ Sample: 47192100
+ customer-ip (string, optional)
Pass in the customers IP address and we will return some extra information about them
+ Response 200 (application/json)
+ Attributes (BIN Lookup Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
# Group WWW
## Url Info [/url-info{?url,fetch-content,ignore-certificate-errors,timeout,retry}]
### URL Info [GET]
Parse, analyze and retrieve content from the supplied URL
+ Parameters
+ url (string, required)
The URL to probe
+ Sample: https://www.neutrinoapi.com/
+ fetch-content (boolean, optional) -
If this URL responds with html, text, json or xml then return the response. This option is useful if you want to perform further processing on the URL content (e.g. with the HTML Extract or HTML Clean APIs)
+ Default: false
+ ignore-certificate-errors (boolean, optional) -
Ignore any TLS/SSL certificate errors and load the URL anyway
+ Default: false
+ timeout (number, optional) -
Timeout in seconds. Give up if still trying to load the URL after this number of seconds
+ Default: 60
+ retry (number, optional) -
If the request fails for any reason try again this many times
+ Default: 0
+ Response 200 (application/json)
+ Attributes (URL Info Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Html Clean [/html-clean]
### HTML Clean [POST]
Clean and sanitize untrusted HTML
+ Attributes
+ content (string, required)
The HTML content. This can be either a URL to load from, a file upload (multipart/form-data) or an HTML content string
+ Sample: Some HTML to clean...
+ output-type (string, required)
The level of sanitization, possible values are:
plain-text: reduce the content to plain text only (no HTML tags at all)
simple-text: allow only very basic text formatting tags like b, em, i, strong, u
basic-html: allow advanced text formatting and hyper links
basic-html-with-images: same as basic html but also allows image tags
advanced-html: same as basic html with images but also allows many more common HTML tags like table, ul, dl, pre
+ Sample: plain-text
+ Request (application/x-www-form-urlencoded)
+ Response 200 (binary)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
## Browser Bot [/browser-bot]
### Browser Bot [POST]
Browser bot can extract content, interact with keyboard and mouse events, and execute JavaScript on a website
+ Attributes
+ url (string, required)
The URL to load
+ Sample: https://www.neutrinoapi.com/
+ timeout (number, optional) -
Timeout in seconds. Give up if still trying to load the page after this number of seconds
+ Default: 30
+ delay (number, optional) -
Delay in seconds to wait before capturing any page data, executing selectors or JavaScript
+ Default: 3
+ selector (string, optional)
Extract content from the page DOM using this selector. Commonly known as a CSS selector, you can find a good reference here
+ Sample: .button
+ exec (array[string], optional)
Execute JavaScript on the website. This parameter accepts JavaScript as either a string containing JavaScript or for sending multiple separate statements a JSON array or POST array can also be used. If a statement returns any value it will be returned in the 'exec-results' response. You can also use the following specially defined user interaction functions:
sleep(seconds); Just wait/sleep for the specified number of seconds.
click('selector'); Click on the first element matching the given selector.
focus('selector'); Focus on the first element matching the given selector.
keys('characters'); Send the specified keyboard characters. Use click() or focus() first to send keys to a specific element.
enter(); Send the Enter key.
tab(); Send the Tab key.
+ Sample: [ "click('#button-id')", "sleep(1)", "click('.class')", "keys('1234')", "enter()" ]
+ user-agent (string, optional)
Override the browsers default user-agent string with this one
+ ignore-certificate-errors (boolean, optional) -
Ignore any TLS/SSL certificate errors and load the page anyway
+ Default: false
+ Request (application/x-www-form-urlencoded)
+ Response 200 (application/json)
+ Attributes (Browser Bot Response)
+ Response 400 (application/json)
Your API request has been rejected. Check error code for details
+ Attributes (API Error)
+ Response 403 (application/json)
You have failed to authenticate
+ Attributes (API Error)
+ Response 500 (application/json)
We messed up, sorry! Your request has caused a fatal exception
+ Attributes (API Error)
+ Response 0 (application/json)
We messed up, sorry! Your request has caused an error
+ Attributes (API Error)
# Data Structures
## Phone Playback Response (object)
### Properties
+ `calling` (boolean, required) - True if the call is being made now
+ `number-valid` (boolean, required) - True if this a valid phone number
## SMS Verify Response (object)
### Properties
+ `number-valid` (boolean, required) - True if this a valid phone number
+ `security-code` (string, required) - The security code generated, you can save this code to perform your own verification or you can use the Verify Security Code API
+ `sent` (boolean, required) - True if the SMS has been sent
## UA Lookup Response (object)
### Properties
+ `ua` (string, required) - The user agent string
+ `type` (string, required) - The user agent type, possible values are:
- desktop
- phone
- tablet
- wearable
- tv
- console
- email
- library
- robot
- unknown
+ `name` (string, required) - The client software name
+ `version` (string, required) - The client software full version
+ `version-major` (string, required) - The client software major version
+ `browser-engine` (string, required) - If the client is a web browser which underlying browser engine does it use
+ `browser-release` (string, required) - If the client is a web browser which year was this browser version released
+ `os` (string, required) - The full operating system name
+ `os-family` (string, required) - The operating system family. The major OS families are: Android, Windows, macOS, iOS, Linux
+ `os-version` (string, required) - The operating system full version
+ `os-version-major` (string, required) - The operating system major version
+ `is-mobile` (boolean, required) - Is this a mobile device (e.g. a phone or tablet)
+ `is-webview` (boolean, required) - Is this a WebView / embedded software client
+ `device-brand` (string, required) - The device brand / manufacturer
+ `device-model` (string, required) - The device model
+ `device-model-code` (string, required) - The device model code
+ `device-release` (string, required) - The year when this device model was released
+ `device-price` (number, required) - The average device price on release in USD
+ `device-resolution` (string, required) - The device display resolution in physical pixels (e.g. 720x1280)
+ `device-ppi` (number, required) - The device display PPI (pixels per inch)
+ `device-pixel-ratio` (number, required) - The device display pixel ratio (the ratio of the resolution in physical pixels to the resolution in CSS pixels)
+ `device-width-px` (number, required) - The device display width in CSS 'px'
+ `device-height-px` (number, required) - The device display height in CSS 'px'
## Convert Response (object)
### Properties
+ `valid` (boolean, required) - True if the conversion was successful and produced a valid result
+ `result` (string, required) - The result of the conversion in string format
+ `from-value` (string, required) - The value being converted from
+ `to-type` (string, required) - The type being converted to
+ `from-type` (string, required) - The type of the value being converted from
+ `result-float` (number, required) - The result of the conversion as a floating-point number
+ `from-name` (string, required) - The full name of the type being converted from
+ `from-symbol` (string, required) - The standard UTF-8 symbol used to represent the type being converted from
+ `to-name` (string, required) - The full name of the type being converted to
+ `to-symbol` (string, required) - The standard UTF-8 symbol used to represent the type being converted to
## URL Info Response (object)
### Properties
+ `http-status-message` (number, required) - The HTTP status message assoicated with the status code
+ `server-region` (string, required) - The servers IP geo-location: full region name (if detectable)
+ `query` (string, required) - A key-value map of the URL query paramaters
+ `server-name` (string, required) - The name of the server software hosting this URL
+ `url-port` (number, required) - The URL port
+ `server-country` (string, required) - The servers IP geo-location: full country name
+ `real` (boolean, required) - Is this URL actually serving real content
+ `server-city` (string, required) - The servers IP geo-location: full city name (if detectable)
+ `url-path` (string, required) - The URL path
+ `url` (string, required) - The fully qualified URL. This may be different to the URL requested if http-redirect is true
+ `valid` (boolean, required) - Is this a valid well-formed URL
+ `server-hostname` (string, required) - The servers hostname (PTR record)
+ `load-time` (number, required) - The time taken to load the URL content in seconds
+ `http-ok` (boolean, required) - True if this URL responded with an HTTP OK (200) status
+ `content-size` (number, required) - The size of the URL content in bytes
+ `http-status` (number, required) - The HTTP status code this URL responded with. An HTTP status of 0 indicates a network level issue
+ `server-country-code` (string, required) - The servers IP geo-location: ISO 2-letter country code
+ `content-encoding` (string, required) - The encoding format the URL uses
+ `server-ip` (string, required) - The IP address of the server hosting this URL
+ `url-protocol` (string, required) - The URL protocol, usually http or https
+ `content-type` (string, required) - The content-type this URL serves
+ `http-redirect` (boolean, required) - True if this URL responded with an HTTP redirect
+ `content` (string, required) - The actual content this URL responded with. Only set if the 'fetch-content' option was used
+ `is-timeout` (boolean, required) - True if a timeout occurred while loading the URL. You can set the timeout with the request parameter 'timeout'
+ `title` (string, required) - The document title
+ `language-code` (string, required) - The ISO 2-letter language code of the page. Extracted from either the HTML document or via HTTP headers
+ `is-error` (boolean, required) - True if an error occurred while loading the URL. This includes network errors, TLS errors and timeouts
## HLR Lookup Response (object)
### Properties
+ `number-valid` (boolean, required) - True if this a valid phone number
+ `international-calling-code` (string, required) - The international calling code
+ `mnc` (string, required) - The mobile MNC number (Mobile Network Code)
+ `number-type` (string, required) - The number type, possible values are:
- mobile
- fixed-line
- premium-rate
- toll-free
- voip
- unknown
+ `hlr-valid` (boolean, required) - Was the HLR lookup successful. If true then this is a working and registered cell-phone or mobile device (SMS and phone calls will be delivered)
+ `hlr-status` (string, required) - The HLR lookup status, possible values are:
- ok - the HLR lookup was successful and the device is connected
- absent - the number was once registered but the device has been switched off or out of network range for some time
- unknown - the number is not known by the mobile network
- invalid - the number is not a valid mobile MSISDN number
- fixed-line - the number is a registered fixed-line not mobile
- voip - the number has been detected as a VOIP line
- failed - the HLR lookup has failed, we could not determine the real status of this number
+ `ported-network` (string, required) - The ported to network/carrier name (only set if the number has been ported)
+ `imsi` (string, required) - The mobile IMSI number (International Mobile Subscriber Identity)
+ `mcc` (string, required) - The mobile MCC number (Mobile Country Code)
+ `international-number` (string, required) - The number represented in full international format
+ `local-number` (string, required) - The number represented in local dialing format
+ `country-code` (string, required) - The number location as an ISO 2-letter country code
+ `is-ported` (boolean, required) - Has this number been ported to another network
+ `msin` (string, required) - The mobile MSIN number (Mobile Subscription Identification Number)
+ `location` (string, required) - The number location. Could be a city, region or country depending on the type of number
+ `origin-network` (string, required) - The origin network/carrier name
+ `is-mobile` (boolean, required) - True if this is a mobile number (only true with 100% certainty, if the number type is unknown this value will be false)
+ `is-roaming` (boolean, required) - Is this number currently roaming from its origin country
+ `country` (string, required) - The phone number country
+ `country-code3` (string, required) - The number location as an ISO 3-letter country code
+ `currency-code` (string, required) - ISO 4217 currency code associated with the country
+ `roaming-country-code` (string, required) - If the number is currently roaming, the ISO 2-letter country code of the roaming in country
+ `msc` (string, required) - The mobile MSC number (Mobile Switching Center)
+ `current-network` (string, required) - The currently used network/carrier name
## Timezone (object)
Map containing timezone details
### Properties
+ `id`: `America/New_York` (string, required) - The time zone ID as per the IANA time zone database (tzdata)
+ `name`: `Eastern Daylight Time` (string, required) - The full time zone name
+ `abbr`: `EDT` (string, required) - The time zone abbreviation
+ `date`: `2021-01-01` (string, required) - The current date at the time zone (ISO 8601 format 'YYYY-MM-DD')
+ `time`: `12:30:00.00` (string, required) - The current time at the time zone (ISO 8601 format 'hh:mm:ss.sss')
+ `offset` (string, required) - The UTC offset for the time zone (ISO 8601 format '±hh:mm')
## Blocklist Sensor (object)
### Properties
+ `id` (number, required) - The sensor ID. This is a permanent and unique ID for each sensor
+ `blocklist` (string, required) - The primary blocklist category this sensor belongs to
+ `description` (string, required) - Contains details about the sensor source and what type of malicious activity was detected
## Blacklist (object)
### Properties
+ `is-listed` (boolean, required) - True if the host is currently black-listed
+ `list-host` (string, required) - The hostname of the DNSBL
+ `list-rating` (number, required) - The list rating [1-3] with 1 being the best rating and 3 the lowest rating
+ `list-name` (string, required) - The name of the DNSBL
+ `txt-record` (string, required) - The TXT record returned for this listing (only set if listed)
+ `return-code` (string, required) - The specific return code for this listing (only set if listed)
+ `response-time` (number, required) - The DNSBL server response time in milliseconds
## BIN Lookup Response (object)
### Properties
+ `country` (string, required) - The full country name of the issuer
+ `ip-city` (string, required) - The city of the customers IP (if detectable)
+ `ip-matches-bin` (boolean, required) - True if the customers IP country matches the BIN country
+ `card-type` (string, required) - The card type, will always be one of: DEBIT, CREDIT, CHARGE CARD
+ `card-category` (string, required) - The card category. There are many different card categories the most common card categories are: CLASSIC, BUSINESS, CORPORATE, PLATINUM, PREPAID
+ `ip-country-code` (string, required) - The ISO 2-letter country code of the customers IP
+ `ip-country` (string, required) - The country of the customers IP
+ `issuer` (string, required) - The card issuer
+ `ip-blocklisted` (boolean, required) - True if the customers IP is listed on one of our blocklists, see the IP Blocklist API
+ `valid` (boolean, required) - Is this a valid BIN or IIN number
+ `ip-blocklists` (array[string], required) - An array of strings indicating which blocklists this IP is listed on
+ `issuer-website` (string, required) - The card issuers website
+ `country-code` (string, required) - The ISO 2-letter country code of the issuer
+ `ip-region` (string, required) - The region of the customers IP (if detectable)
+ `card-brand` (string, required) - The card brand (e.g. Visa or Mastercard)
+ `issuer-phone` (string, required) - The card issuers phone number
+ `country-code3` (string, required) - The ISO 3-letter country code of the issuer
+ `currency-code` (string, required) - ISO 4217 currency code associated with the country of the issuer
+ `ip-country-code3` (string, required) - The ISO 3-letter country code of the customers IP
+ `is-commercial` (boolean, required) - Is this a commercial/business use card
+ `is-prepaid` (boolean, required) - Is this a prepaid or prepaid reloadable card
+ `bin-number` (string, required) - The BIN or IIN number
## Phone Verify Response (object)
### Properties
+ `number-valid` (boolean, required) - True if this a valid phone number
+ `calling` (boolean, required) - True if the call is being made now
+ `security-code` (string, required) - The security code generated, you can save this code to perform your own verification or you can use the Verify Security Code API
## Email Verify Response (object)
### Properties
+ `valid` (boolean, required) - Is this a valid email address. To be valid an email must have: correct syntax, a registered and active domain name, correct DNS records and operational MX servers
+ `verified` (boolean, required) - True if this email address has passed SMTP username verification. Check the 'smtp-status' and 'domain-status' fields for specific verification details
+ `email` (string, required) - The complete email address. If you enabled the 'fix-typos' option then this will be the corrected address
+ `typos-fixed` (boolean, required) - True if any typos have been fixed. The 'fix-typos' option must be enabled for this to work
+ `syntax-error` (boolean, required) - True if this address has any syntax errors or is not in RFC compliant formatting
+ `domain-error` (boolean, required) - True if this address has any domain name or DNS related errors. Check the 'domain-status' field for the detailed error reason
+ `domain` (string, required) - The domain name of this email address
+ `provider` (string, required) - The domain name of the email hosting provider
+ `is-freemail` (boolean, required) - True if this address is from a free email provider
+ `is-disposable` (boolean, required) - True if this address is a disposable, temporary or darknet related email address
+ `is-personal` (boolean, required) - True if this address likely belongs to a person. False if this is a role based address, e.g. admin@, help@, office@, etc.
+ `smtp-status` (string, required) - The SMTP username verification status for this address:
- ok - verification was successful, this is a real username that can receive mail
- absent - this username or domain is not registered with the email service provider
- invalid - not a valid email address, check the 'domain-status' field for specific details
- unresponsive - the mail servers for this domain have repeatedly timed-out or refused multiple connection attempts
- unknown - sorry, we could not reliably determine the status of this username
+ `smtp-response` (string, required) - The raw SMTP response message received during verification
+ `is-catch-all` (boolean, required) - True if this email domain has a catch-all policy. A catch-all domain will accept mail for any username so therefor the 'smtp-status' will always be 'ok'
+ `is-deferred` (boolean, required) - True if the mail server responded with a temporary failure (either a 4xx response code or unresponsive server). You can retry this address later, we recommend waiting at least 15 minutes before retrying
+ `mx-ip` (string, required) - The first resolved IP address of the primary MX server, may be empty if there are domain errors present
+ `domain-status` (string, required) - The email domain status, possible values are:
- ok - the domain is in working order and can receive email
- invalid - the domain is not a conformant hostname. May contain invalid syntax or characters
- no-service - the domain owner has indicated there is no mail service on the domain (also known as the 'Null MX')
- no-mail - the domain has no valid MX records so cannot receive email
- mx-invalid - MX records contain invalid or non-conformant hostname values
- mx-bogon - MX records point to bogon IP addresses
- resolv-error - MX records do not resolve to any valid IP addresses
## Location (object)
### Properties
+ `country` (string, required) - The country of the location
+ `address` (string, required) - The complete address using comma-separated values
+ `city` (string, required) - The city of the location
+ `country-code` (string, required) - The ISO 2-letter country code of the location
+ `country-code3` (string, required) - The ISO 3-letter country code of the location
+ `latitude` (number, required) - The location latitude
+ `postal-code` (string, required) - The postal code for the location
+ `longitude` (number, required) - The location longitude
+ `state` (string, required) - The state of the location
+ `address-components` (string, required) - The components which make up the address such as road, city, state, etc
+ `currency-code` (string, required) - ISO 4217 currency code associated with the country
+ `location-type` (string, required) - The detected location type ordered roughly from most to least precise, possible values are:
- address - indicates a precise street address
- street - accurate to the street level but may not point to the exact location of the house/building number
- city - accurate to the city level, this includes villages, towns, suburbs, etc
- postal-code - indicates a postal code area (no house or street information present)
- railway - location is part of a rail network such as a station or railway track
- natural - indicates a natural feature, for example a mountain peak or a waterway
- island - location is an island or archipelago
- administrative - indicates an administrative boundary such as a country, state or province
+ `location-tags` (array[string], required) - Array of strings containing any location tags associated with the address. Tags are additional pieces of metadata about a specific location, there are thousands of different tags. Some examples of tags: shop, office, cafe, bank, pub
+ `timezone` (Timezone, required) - Map containing timezone details for the location
+ `region-code` (string, required) - The ISO 3166-2 region code for the location
+ `postal-address` (string, required) - The formatted address using local standards suitable for printing on an envelope
## IP Probe Response (object)
### Properties
+ `valid` (boolean, required) - True if this is a valid IPv4 or IPv6 address
+ `country` (string, required) - Full country name
+ `provider-type` (string, required) - The detected provider type, possible values are:
- isp - IP belongs to an internet service provider. This includes both mobile, home and business internet providers
- hosting - IP belongs to a hosting company. This includes website hosting, cloud computing platforms and colocation facilities
- vpn - IP belongs to a VPN provider
- proxy - IP belongs to a proxy service. This includes HTTP/SOCKS proxies and browser based proxies
- university - IP belongs to a university/college/campus
- government - IP belongs to a government department. This includes military facilities
- commercial - IP belongs to a commercial entity such as a corporate headquarters or company office
- unknown - could not identify the provider type
+ `country-code` (string, required) - ISO 2-letter country code
+ `hostname` (string, required) - The IPs full hostname (PTR)
+ `provider-domain` (string, required) - The domain name of the provider
+ `city` (string, required) - Full city name (if detectable)
+ `provider-website` (string, required) - The website URL for the provider
+ `ip` (string, required) - The IP address
+ `region` (string, required) - Full region name (if detectable)
+ `provider-description` (string, required) - A description of the provider (usually extracted from the providers website)
+ `continent-code` (string, required) - ISO 2-letter continent code
+ `is-hosting` (boolean, required) - True if this IP belongs to a hosting company. Note that this can still be true even if the provider type is VPN/proxy, this occurs in the case that the IP is detected as both types
+ `is-isp` (boolean, required) - True if this IP belongs to an internet service provider. Note that this can still be true even if the provider type is VPN/proxy, this occurs in the case that the IP is detected as both types
+ `country-code3` (string, required) - ISO 3-letter country code
+ `currency-code` (string, required) - ISO 4217 currency code associated with the country
+ `is-vpn` (boolean, required) - True if this IP ia a VPN
+ `is-proxy` (boolean, required) - True if this IP ia a proxy
+ `asn` (string, required) - The autonomous system (AS) number
+ `as-cidr` (string, required) - The autonomous system (AS) CIDR range
+ `as-country-code` (string, required) - The autonomous system (AS) ISO 2-letter country code
+ `as-country-code3` (string, required) - The autonomous system (AS) ISO 3-letter country code
+ `as-domains` (array[string], required) - Array of all the domains associated with the autonomous system (AS)
+ `as-description` (string, required) - The autonomous system (AS) description / company name
+ `as-age` (number, required) - The age of the autonomous system (AS) in number of years since registration
+ `host-domain` (string, required) - The IPs host domain
+ `vpn-domain` (string, required) - The domain of the VPN provider (may be empty if the VPN domain is not detectable)
+ `is-v6` (boolean, required) - True if this is a IPv6 address. False if IPv4
+ `is-v4-mapped` (boolean, required) - True if this is a IPv4 mapped IPv6 address
+ `is-bogon` (boolean, required) - True if this is a bogon IP address such as a private network, local network or reserved address
+ `region-code` (string, required) - ISO 3166-2 region code (if detectable)
## Email Validate Response (object)
### Properties
+ `valid` (boolean, required) - Is this a valid email address. To be valid an email must have: correct syntax, a registered and active domain name, correct DNS records and operational MX servers
+ `syntax-error` (boolean, required) - True if this address has any syntax errors or is not in RFC compliant formatting
+ `domain` (string, required) - The domain name of this email address
+ `domain-error` (boolean, required) - True if this address has any domain name or DNS related errors. Check the 'domain-status' field for the detailed error reason
+ `is-freemail` (boolean, required) - True if this address is from a free email provider
+ `email` (string, required) - The complete email address. If you enabled the 'fix-typos' option then this will be the corrected address
+ `is-disposable` (boolean, required) - True if this address is a disposable, temporary or darknet related email address
+ `typos-fixed` (boolean, required) - True if any typos have been fixed. The 'fix-typos' option must be enabled for this to work
+ `is-personal` (boolean, required) - True if this address likely belongs to a person. False if this is a role based address, e.g. admin@, help@, office@, etc.
+ `provider` (string, required) - The domain name of the email hosting provider
+ `mx-ip` (string, required) - The first resolved IP address of the primary MX server, may be empty if there are domain errors present
+ `domain-status` (string, required) - The email domain status, possible values are:
- ok - the domain is in working order and can receive email
- invalid - the domain is not a conformant hostname. May contain invalid syntax or characters
- no-service - the domain owner has indicated there is no mail service on the domain (also known as the 'Null MX')
- no-mail - the domain has no valid MX records so cannot receive email
- mx-invalid - MX records contain invalid or non-conformant hostname values
- mx-bogon - MX records point to bogon IP addresses
- resolv-error - MX records do not resolve to any valid IP addresses
## IP Blocklist Response (object)
### Properties
+ `ip` (string, required) - The IP address
+ `is-bot` (boolean, required) - IP is hosting a malicious bot or is part of a botnet. This is a broad category which includes brute-force crackers
+ `is-exploit-bot` (boolean, required) - IP is hosting an exploit finding bot or is running exploit scanning software
+ `is-malware` (boolean, required) - IP is involved in distributing or is running malware
+ `is-spider` (boolean, required) - IP is running a hostile web spider / web crawler
+ `is-dshield` (boolean, required) - IP has been flagged as a significant attack source by DShield (dshield.org)
+ `list-count` (number, required) - The number of blocklists the IP is listed on
+ `is-proxy` (boolean, required) - IP has been detected as an anonymous web proxy or anonymous HTTP proxy
+ `is-hijacked` (boolean, required) - IP is part of a hijacked netblock or a netblock controlled by a criminal organization
+ `is-tor` (boolean, required) - IP is a Tor node or running a Tor related service
+ `is-spyware` (boolean, required) - IP is involved in distributing or is running spyware
+ `is-spam-bot` (boolean, required) - IP address is hosting a spam bot, comment spamming or any other spamming type software
+ `is-listed` (boolean, required) - Is this IP on a blocklist
+ `is-vpn` (boolean, required) - IP belongs to a public VPN provider (only set if the 'vpn-lookup' option is enabled)
+ `last-seen` (number, required) - The unix time when this IP was last seen on any blocklist. IPs are automatically removed after 7 days therefor this value will never be older than 7 days
+ `blocklists` (array[string], required) - An array of strings indicating which blocklist categories this IP is listed on
+ `sensors` (array[Blocklist Sensor], required) - An array of objects containing details on which specific sensors detected the IP
+ `cidr` (string, required) - The CIDR address for this listing (only set if the IP is listed)
## API Error (object)
### Properties
+ `api-error` (number, required) - API error code. If set and > 0 then an API error has occurred your request could not be completed
+ `api-error-msg` (string, required) - API error message
## Geocode Address Response (object)
### Properties
+ `found` (number, required) - The number of possible matching locations found
+ `locations` (array[Location], required) - Array of matching location objects
## Geocode Reverse Response (object)
### Properties
+ `country` (string, required) - The country of the location
+ `found` (boolean, required) - True if these coordinates map to a real location
+ `address` (string, required) - The complete address using comma-separated values
+ `city` (string, required) - The city of the location
+ `country-code` (string, required) - The ISO 2-letter country code of the location
+ `postal-code` (string, required) - The postal code for the location
+ `state` (string, required) - The state of the location
+ `address-components` (string, required) - The components which make up the address such as road, city, state, etc
+ `country-code3` (string, required) - The ISO 3-letter country code of the location
+ `currency-code` (string, required) - ISO 4217 currency code associated with the country
+ `location-type` (string, required) - The detected location type ordered roughly from most to least precise, possible values are:
- address - indicates a precise street address
- street - accurate to the street level but may not point to the exact location of the house/building number
- city - accurate to the city level, this includes villages, towns, suburbs, etc
- postal-code - indicates a postal code area (no house or street information present)
- railway - location is part of a rail network such as a station or railway track
- natural - indicates a natural feature, for example a mountain peak or a waterway
- island - location is an island or archipelago
- administrative - indicates an administrative boundary such as a country, state or province
+ `location-tags` (array[string], required) - Array of strings containing any location tags associated with the address. Tags are additional pieces of metadata about a specific location, there are thousands of different tags. Some examples of tags: shop, office, cafe, bank, pub
+ `latitude` (number, required) - The location latitude
+ `longitude` (number, required) - The location longitude
+ `timezone` (Timezone, required) - Map containing timezone details for the location
+ `region-code` (string, required) - The ISO 3166-2 region code for the location
+ `postal-address` (string, required) - The formatted address using local standards suitable for printing on an envelope
## Phone Validate Response (object)
### Properties
+ `valid` (boolean, required) - Is this a valid phone number
+ `international-calling-code` (string, required) - The international calling code
+ `country-code` (string, required) - The phone number country as an ISO 2-letter country code
+ `location` (string, required) - The phone number location. Could be the city, region or country depending on the type of number
+ `is-mobile` (boolean, required) - True if this is a mobile number. If the number type is unknown this value will be false
+ `type` (string, required) - The number type based on the number prefix.
Possible values are:
- mobile
- fixed-line
- premium-rate
- toll-free
- voip
- unknown (use HLR lookup)
+ `international-number` (string, required) - The number represented in full international format (E.164)
+ `local-number` (string, required) - The number represented in local dialing format
+ `country` (string, required) - The phone number country
+ `country-code3` (string, required) - The phone number country as an ISO 3-letter country code
+ `currency-code` (string, required) - ISO 4217 currency code associated with the country
+ `prefix-network` (string, required) - The network/carrier who owns the prefix (this only works for some countries, use HLR lookup for global network detection)
## Host Reputation Response (object)
### Properties
+ `is-listed` (boolean, required) - Is this host blacklisted
+ `lists` (array[Blacklist], required) - Array of objects for each DNSBL checked
+ `list-count` (number, required) - The number of DNSBLs the host is listed on
+ `host` (string, required) - The IP address or host name
## IP Info Response (object)
### Properties
+ `valid` (boolean, required) - True if this is a valid IPv4 or IPv6 address
+ `country` (string, required) - Full country name
+ `hostname` (string, required) - The IPs full hostname (only set if reverse-lookup has been used)
+ `city` (string, required) - Name of the city (if detectable)
+ `country-code` (string, required) - ISO 2-letter country code
+ `latitude` (number, required) - Location latitude
+ `region` (string, required) - Name of the region (if detectable)
+ `longitude` (number, required) - Location longitude
+ `continent-code` (string, required) - ISO 2-letter continent code
+ `ip` (string, required) - An IPv4 or IPv6 address. Accepts standard IP notation and also CIDR notation.
+ `country-code3` (string, required) - ISO 3-letter country code
+ `currency-code` (string, required) - ISO 4217 currency code associated with the country
+ `host-domain` (string, required) - The IPs host domain (only set if reverse-lookup has been used)
+ `timezone` (Timezone, required) - Map containing timezone details for the location
+ `is-v6` (boolean, required) - True if this is a IPv6 address. False if IPv4
+ `is-v4-mapped` (boolean, required) - True if this is a IPv4 mapped IPv6 address
+ `is-bogon` (boolean, required) - True if this is a bogon IP address such as a private network, local network or reserved address
+ `region-code` (string, required) - ISO 3166-2 region code (if detectable)
## Bad Word Filter Response (object)
### Properties
+ `bad-words-list` (array[string], required) - An array of the bad words found
+ `bad-words-total` (number, required) - Total number of bad words detected
+ `censored-content` (string, required) - The censored content (only set if censor-character has been set)
+ `is-bad` (boolean, required) - Does the text contain bad words
## Browser Bot Response (object)
### Properties
+ `url` (string, required) - The page URL
+ `content` (string, required) - The complete raw, decompressed and decoded page content. Usually will be either HTML, JSON or XML
+ `mime-type` (string, required) - The document MIME type
+ `title` (string, required) - The document title
+ `is-error` (boolean, required) - True if an error has occurred loading the page. Check the 'error-message' field for details
+ `is-timeout` (boolean, required) - True if a timeout occurred while loading the page. You can set the timeout with the request parameter 'timeout'
+ `error-message` (string, required) - Contains the error message if an error has occurred ('is-error' will be true)
+ `http-status-code` (number, required) - The HTTP status code the URL returned
+ `http-status-message` (string, required) - The HTTP status message the URL returned
+ `is-http-ok` (boolean, required) - True if the HTTP status is OK (200)
+ `is-http-redirect` (boolean, required) - True if the URL responded with an HTTP redirect
+ `http-redirect-url` (string, required) - The redirected URL if the URL responded with an HTTP redirect
+ `server-ip` (string, required) - The HTTP servers IP address
+ `load-time` (number, required) - The number of seconds taken to load the page (from initial request until DOM ready)
+ `response-headers` (string, required) - Map containing all the HTTP response headers the URL responded with
+ `is-secure` (boolean, required) - True if the page is secured using TLS/SSL
+ `security-details` (string, required) - Map containing details of the TLS/SSL setup
+ `elements` (array[string], required) - Array containing all the elements matching the supplied selector.
Each element object will contain the text content, HTML content and all current element attributes
+ `exec-results` (array[string], required) - If you executed any JavaScript this array holds the results as objects
+ `language-code` (string, required) - The ISO 2-letter language code of the page. Extracted from either the HTML document or via HTTP headers
## Verify Security Code Response (object)
### Properties
+ `verified` (boolean, required) - True if the code is valid
## Domain Lookup Response (object)
### Properties
+ `domain` (string, required) - The primary domain name excluding any subdomains. This is also referred to as the second-level domain (SLD)
+ `is-malicious` (boolean, required) - Consider this domain malicious as it is currently listed on at least 1 blocklist
+ `blocklists` (array[string], required) - An array of strings indicating which blocklist categories this domain is listed on. Current categories are: phishing, malware, spam, anonymizer, nefarious
+ `sensors` (array[Blocklist Sensor], required) - An array of objects containing details on which specific blocklist sensors have detected this domain
+ `valid` (boolean, required) - True if a valid domain was found. For a domain to be considered valid it must be registered and have valid DNS NS records
+ `fqdn` (string, required) - The fully qualified domain name (FQDN)
+ `is-subdomain` (boolean, required) - Is the FQDN a subdomain of the primary domain
+ `tld` (string, required) - The top-level domain (TLD)
+ `tld-cc` (string, required) - For a country code top-level domain (ccTLD) this will contain the associated ISO 2-letter country code
+ `rank` (number, required) - The domains estimated global traffic rank with the highest rank being 1. A value of 0 indicates the domain is currently ranked outside of the top 1M of domains
+ `is-gov` (boolean, required) - Is this domain under a government or military TLD
+ `is-opennic` (boolean, required) - Is this domain under an OpenNIC TLD
+ `is-pending` (boolean, required) - True if this domain is unseen and is currently being processed in the background. This field only matters when the 'live' lookup setting has been explicitly disabled and indicates that not all domain data my be present yet
+ `is-adult` (boolean, required) - This domain is hosting adult content such as porn, webcams, escorts, etc
+ `registered-date` (string, required) - The ISO date this domain was registered or first seen on the internet. An empty value indicates we could not reliably determine the date
+ `age` (number, required) - The number of days since the domain was registered. A domain age of under 90 days is generally considered to be potentially risky. A value of 0 indicates no registration date was found for this domain
+ `registrar-name` (string, required) - The name of the domain registrar owning this domain
+ `registrar-id` (number, required) - The IANA registrar ID (0 if no registrar ID was found)
+ `dns-provider` (string, required) - The primary domain of the DNS provider for this domain
+ `mail-provider` (string, required) - The primary domain of the email provider for this domain. An empty value indicates the domain has no valid MX records