BackOSINT Intel

Full Report API

Trust and risk intelligence—where your workflows already run

OSINT Intel turns a public website or public IP address into a clear risk score, human-readable rationale, and structured supporting context. The same full assessments that power our consumer tool, delivered as machine-readable JSON for queues, case systems, and automation.

This is separate from the lightweight Keyword Scan API, which only evaluates our risk keyword catalogue against page content and URLs.

How it works

  • 1. Your system sends a website URL or a public IP—the same inputs as our web analyzer.
  • 2. We produce an enriched assessment: risk level, points, explanation, and relevant public context for that input type.
  • 3. You receive structured JSON—ready to store, trigger rules, or hand to an analyst with the heavy lifting already done.

Pricing

  • €0.08 per successful analysis when we run a fresh assessment (URL or IP)—excluding VAT where it applies.
  • €0.035 per request when the response is served from cache (cached: true in the JSON)—same report payload, no full re-run. Cache entries are valid for 1 month from the last completed analysis.

Volume and annual arrangements are available if you need predictable spend at scale.

Request examples

Body is JSON. By default we return a cached completed report when it is less than 1 month old. Optional force: true bypasses the cache (same as "Refresh report" in the app).

# Website — POST https://osintintel.com/api/analyze
curl -sS -X POST "https://osintintel.com/api/analyze" \
  -H "Content-Type: application/json" \
  -d '{"url":"https://example.com"}'

# IP — POST https://osintintel.com/api/analyze-ip
curl -sS -X POST "https://osintintel.com/api/analyze-ip" \
  -H "Content-Type: application/json" \
  -d '{"ip":"198.51.100.77"}'

Response JSON (website)

Illustrative high-risk example. Field names match the live API; values are dummy data. Your integration should tolerate nulls and optional arrays.

{
  "success": true,
  "cached": false,
  "report": {
    "id": "clxample000website000report000id",
    "domain": "luxe-watches-outlet.com",
    "url": "https://luxe-watches-outlet.com/",
    "status": "COMPLETE",
    "createdAt": "2026-04-12T14:32:00.000Z",
    "updatedAt": "2026-04-12T14:32:21.000Z",
    "domainAge": 11,
    "registrar": "NameCheap, Inc.",
    "registeredAt": "2026-04-01T00:00:00.000Z",
    "expiresAt": "2027-04-01T00:00:00.000Z",
    "waybackFirstSeenAt": null,
    "ipAddress": "198.51.100.77",
    "hostingProvider": "Obscure Host LLC",
    "hostingCountry": "RU",
    "hostingCity": "Moscow",
    "hostingOrg": "AS20473 Obscure Host LLC",
    "asn": "AS20473",
    "sslValid": true,
    "sslIssuer": "Let's Encrypt",
    "sslSubject": "CN=luxe-watches-outlet.com",
    "sslExpiresAt": "2026-07-01T12:00:00.000Z",
    "sslDaysRemaining": 79,
    "businessName": null,
    "registrationNumber": null,
    "registrationLabel": null,
    "vatNumber": null,
    "businessAddress": null,
    "businessPhone": null,
    "businessEmail": null,
    "businessInfoSource": null,
    "pageTitle": "Luxe Watches Outlet — Authentic Designer Watches 90% Off",
    "pageDescription": "Buy authentic replica designer watches with overnight shipping. No customs.",
    "pageKeywords": "replica watches, luxury discount, rolex cheap, no customs",
    "pageLanguage": "en",
    "ecommercePlatform": "WooCommerce",
    "technologies": ["WordPress", "WooCommerce", "Google Analytics"],
    "internalLinks": ["/shop", "/checkout", "/contact"],
    "externalLinks": ["https://pay-secure-gateway.example/tx"],
    "internalLinkCount": 18,
    "externalLinkCount": 4,
    "redirectChain": [
      { "url": "https://luxe-watches-outlet.com/", "status": 200 }
    ],
    "finalUrl": "https://luxe-watches-outlet.com/",
    "socialProfiles": [
      { "platform": "Instagram", "url": "https://www.instagram.com/luxewatchesoutlet", "handle": "luxewatchesoutlet" }
    ],
    "flaggedKeywords": [
      { "keyword": "replica", "category": "Counterfeit & Replica", "context": "...authentic replica designer watches at unbeatable prices..." },
      { "keyword": "no customs", "category": "Smuggling / Import Evasion", "context": "...overnight shipping, no customs fees guaranteed..." }
    ],
    "riskScore": "CRITICAL",
    "riskPoints": 215,
    "riskFactors": [
      { "factor": "Listed: Law enforcement fraud list", "points": 100, "description": "This domain appears on a law enforcement list of known fraudulent trading parties." },
      { "factor": "Listed: URLhaus malware-hosting database", "points": 60, "description": "This domain is listed in URLhaus (abuse.ch) as a known malware distribution host." },
      { "factor": "Domain very new (11 days)", "points": 35, "description": "Domain was registered less than 30 days ago." },
      { "factor": "Hosted in high-risk country", "points": 20, "description": "Server is hosted in a country associated with elevated fraud activity (RU)." }
    ],
    "riskExplanation": "This domain is listed on a law enforcement database of known fraudulent businesses.",
    "policeListMatch": true,
    "domainBlocklistMatch": true,
    "urlhausMalwareMatch": true,
    "trustpilotFound": true,
    "trustpilotRating": 1.3,
    "trustpilotReviews": 41,
    "trustpilotLabel": "Bad",
    "trustpilotUrl": "https://www.trustpilot.com/review/luxe-watches-outlet.com",
    "trustpilotClaimed": false,
    "dropshipperScore": 71,
    "dropshipperLevel": "HIGH",
    "dropshipperSignals": ["AliExpress supplier links in HTML", "Generic product descriptions", "Inconsistent brand naming"],
    "aiImagesDetected": true,
    "aiImageConfidence": "HIGH",
    "aiImageSignals": ["Midjourney-style product photography", "Inconsistent shadows on watch faces"],
    "aiImageCount": 11,
    "errorMessage": null
  }
}

Response JSON (IP)

Illustrative high-risk example with core report fields populated.

{
  "success": true,
  "cached": false,
  "report": {
    "id": "clxample000ipreport000000000id",
    "ip": "198.51.100.77",
    "status": "COMPLETE",
    "createdAt": "2026-04-12T14:35:00.000Z",
    "updatedAt": "2026-04-12T14:35:09.000Z",
    "country": "Russia",
    "countryCode": "RU",
    "region": "MOW",
    "regionName": "Moscow",
    "city": "Moscow",
    "zip": "101000",
    "lat": 55.7558,
    "lon": 37.6173,
    "timezone": "Europe/Moscow",
    "isp": "Obscure Host LLC",
    "org": "Obscure Host LLC",
    "asn": "AS20473",
    "isMobile": false,
    "isProxy": true,
    "isHosting": true,
    "isVpnList": true,
    "isDcList": true,
    "isAbuseList": true,
    "openPorts": [22, 80, 443, 3389, 5900],
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
      "cpe:2.3:a:openssh:openssh:8.9p1:*:*:*:*:*:*:*"
    ],
    "vulns": ["CVE-2023-38408", "CVE-2024-6387"],
    "hostnames": ["vps-198-51-100-77.obscurehost.net"],
    "tags": ["malicious", "vpn", "cloud"],
    "riskScore": "CRITICAL",
    "riskPoints": 145,
    "riskFactors": [
      { "factor": "VPN / Anonymiser blocklist", "points": 50, "description": "IP appears on a community VPN and anonymiser CIDR blocklist." },
      { "factor": "Community abusive-IP blocklist", "points": 45, "description": "IP is listed on a community blocklist for abusive or malicious activity." },
      { "factor": "Shodan tag: malicious", "points": 40, "description": "Shodan InternetDB has tagged this IP as malicious." },
      { "factor": "Known CVEs (2)", "points": 40, "description": "Shodan reports 2 known CVEs associated with services on this IP." },
      { "factor": "High-risk open ports (RDP :3389, VNC :5900)", "points": 15, "description": "Remote-access ports commonly abused in fraud infrastructure are open." }
    ],
    "riskExplanation": "This IP is flagged across multiple community blocklists, carries active CVEs, and exposes remote-access ports typical of compromised or malicious infrastructure.",
    "errorMessage": null
  }
}

Fair use and abuse rules apply, same as the web app. Need higher limits, an SLA, or a tailored rollout? Use the contact below—we'll align on scope and expectations before you commit.

Talk to ussales@osintintel.com