OSINT Intel

Discover API

Trust and risk intelligence—where your workflows already run

OSINT Intel turns a public website or public IP address into a clear risk score, human-readable rationale, and structured supporting context—so your teams spend less time on manual lookup and more time on decisions. The same assessments that power our consumer tool, delivered as machine-readable JSON for queues, case systems, and automation.

What you get

  • Faster triage — consistent scoring and explanations you can route, review, or escalate without rebuilding research from scratch.
  • Operational fit — one request, one response: ideal for screening pipelines, onboarding checks, and investigation backlogs.
  • Defensible outputs — structured fields and narrative context you can retain alongside the customer or payment record.

How it works

  • 1. Your system sends a website URL or a public IP—the same inputs as our web analyzer.
  • 2. We produce an enriched assessment: risk level, points, explanation, and relevant public context for that input type.
  • 3. You receive structured JSON—ready to store, trigger rules, or hand to an analyst with the heavy lifting already done.

Pricing

€0.08 per successful analysis (excluding VAT where it applies)—whether you analyze a URL or an IP. That keeps the API accessible while covering compute, data sources, and operating costs. Volume and annual arrangements are available if you need predictable spend at scale.

Response shape

Field names match the live API. Website responses bundle domain, security, reputation, and risk-oriented signals; IP responses bundle location, network context, exposure indicators, and risk-oriented signals. Production payloads can include additional fields—examples below are abbreviated.

Website (URL)

POST a JSON body with a url to /api/analyze.

{
  "success": true,
  "cached": false,
  "report": {
    "domain": "example-shop.nl",
    "url": "https://example-shop.nl",
    "status": "COMPLETE",
    "riskScore": "MEDIUM",
    "riskPoints": 38,
    "riskExplanation": "…",
    "domainAge": 420,
    "registrar": "…",
    "ipAddress": "203.0.113.42",
    "hostingCountry": "NL",
    "sslValid": true,
    "sslDaysRemaining": 76,
    "businessName": "Example Shop B.V.",
    "registrationLabel": "KvK",
    "pageTitle": "Example Shop — Home",
    "technologies": ["Shopify", "Cloudflare"],
    "trustpilotRating": 3.9,
    "trustpilotReviews": 842,
    "flaggedKeywords": [{ "keyword": "…", "category": "…", "context": "…" }],
    "riskFactors": [{ "factor": "…", "points": 12, "description": "…" }],
    "policeListMatch": false,
    "domainBlocklistMatch": false
  }
}

IP address

POST a JSON body with an ip to /api/analyze-ip (public IPs only).

{
  "success": true,
  "cached": false,
  "report": {
    "ip": "203.0.113.10",
    "status": "COMPLETE",
    "country": "The Netherlands",
    "countryCode": "NL",
    "city": "Amsterdam",
    "isp": "Example Networks B.V.",
    "org": "Example Hosting",
    "asn": "AS64496",
    "isProxy": false,
    "isHosting": true,
    "isVpnList": false,
    "isDcList": true,
    "isAbuseList": false,
    "openPorts": [80, 443, 22],
    "hostnames": ["srv.example.com"],
    "vulns": ["CVE-2024-…"],
    "tags": ["cloud", "cdn"],
    "riskScore": "MEDIUM",
    "riskPoints": 24,
    "riskFactors": [
      { "factor": "…", "points": 10, "description": "…" }
    ],
    "riskExplanation": "…"
  }
}

Fair use and abuse rules apply, same as the web app. Need higher limits, an SLA, or a tailored rollout? Use the contact below—we'll align on scope and expectations before you commit.

Talk to ussales@osintintel.com

← Back to the analyzer