Identify malicious domains.
Protect your users.

A comprehensive, real-time API for detecting malicious domains. Trusted by developers worldwide to block phishing, malware, and abuse.

Loading...
Monitored Domains Total domains being tracked in our database, including those flagged for deletion but still being monitored
Loading...
Active Domains Domains currently flagged as malicious and actively blocked by our API
99.9%
Uptime
< 50ms
Response Time
Try API Live Download List

Why choose dangerous.domains?

Lightning Fast

Global CDN ensures sub-50ms response times worldwide. Built on Cloudflare Workers for maximum performance.

🔄

Always Updated

Continuous automated validation with real-time DNS monitoring ensures our database stays current and accurate.

🛡️

Highly Accurate

Advanced threat intelligence feeds and multi-source validation reduces false positives to near zero.

📊

Multiple Formats

JSON, TXT, YAML, hosts file - get your data in the format that works best for your application.

🔒

Privacy First

No logging of queries or domain lookups. Your users' privacy is our priority.

💎

100% Free

No API keys, no hidden costs, generous rate limits. Use it however you need, forever.

Test the API

Try our API right here in your browser. Enter any domain to see instant results.

Try these examples:
Endpoint: GET /api/v1/[domain] 
// Enter a domain above to see the API response

Download Options

📄

Plain Text

One domain per line, perfect for scripts and simple integrations.

Download TXT Loading...
🔧

JSON Array

Structured data format, ideal for web applications and APIs.

Download JSON Loading...
⚙️

Hosts File

Ready-to-use format for blocking at the OS level.

Download Hosts Loading...

API Documentation

Check Domain

GET /api/v1/example.com

Check if a specific domain is marked as malicious.

Response Format

{"success": true, "isMalicious": false}

Simple JSON response with boolean isMalicious flag.

Full List

GET /list.json

Download the complete domain list in JSON format.

Full API Documentation

Frequently Asked Questions

What defines a malicious domain?

Malicious domains include those used for phishing, malware distribution, command and control (C2) servers, spam, and other abusive activities. We aggregate data from multiple threat intelligence sources and validate through DNS checks.

How often is the database updated?

Our database is updated continuously from multiple sources and validated through DNS checks. Domains are automatically re-validated periodically to ensure accuracy as malicious infrastructure changes.

How do I report a false positive?

If you believe your domain has been incorrectly flagged, please report it and we'll investigate within 24-48 hours.

Can I use this with my hosts file?

Yes! We provide a hosts file format at /hosts that you can download and use with your operating system's hosts file to block malicious domains at the network level. Domains are prefixed with 0.0.0.0 for blocking.

What rate limits apply?

Our API is designed to be free and open with generous rate limits. For most use cases, you won't hit any limits. If you need higher throughput, consider downloading the list and checking locally.

How can I contribute to the project?

We welcome contributions! You can submit new malicious domains through our issue tracker. The project is open source and contributions are appreciated.