In light of COVID-19 precaution measures, we remind that all ImmuniWeb products can be easily configured and safely paid online without any human contact or paperwork.

Total Tests:

Domain Security Test

Free online security tool to test your security
  • Dark Web Exposure Monitoring
  • Phishing Detection and Monitoring
  • Domain Squatting Monitoring
  • Trademark Infringement Monitoring

Free online tool to test domain security

40,033,412 domain names analyzed

0 tests running
  tests today

Latest Tested Domains

ImmuniWeb Discovery

For continuous monitoring purposes, we suggest you exploring our award-winning ImmuniWeb® Discovery offering tailored for continuous monitoring with flexible 24/7 notifications.

Commercial API

ImmuniWeb provides a commercial access to the Domain Security Test API with extended limits to the number daily tests. Please get in touch with us to get a personalized quote. Prices start at 1,000 USD per month.

Non-profit, research and academic institutions may request commercial API for free. Please send your API usage requirements to for additional information.

Free API

ImmuniWeb provides you with a free API to test your domain for signs of cybersquatting, typo-squatting and phishing domains that may misuse your trademark, and spoof your brand. To assure high speed of service and availability for everyone, the free API allows 1 request in 3 minutes, 10 requests in total per 24 hours, from one IP address.

In addition, there are different tiers of user, with each providing a different level of usage with the API. If the daily test limit is exceeded the results will be only be available after upgrading to a paid subscription.

License notice: The API is provided for free both for private and commercial purposes. When using the free API, a clearly-visible credit to ImmuniWeb® Community when displaying results is mandatory. Failure to properly do so may trigger a ban and legal consequences.

API Documentation and How-To

Full API Documentation

API Specifications

Field Name Value
Request Type POST
URL[ustamp].html - where "ustamp" is an arbitrary UNIX time-stamp (must be an integer). Such construction is done to prevent caching on client side.

POST Data Specification

Field Name Value
api_key secret token which you submit alongside with the request
domain the domain name to be tested.
limit limit the amount of results shown.
offset offset if results are limited
no_limit 0 or 1
dnsr "on" means that test results will be hidden, "off" means that test results will be displayed in statistics.
recheck "false" will use results from cache if the server has been tested within the past 24 hours, "true" will perform a new test without looking at the cache.

Example of Transaction Using CURL

# New test (not cached) $ curl -XPOST -d '' ''

{"debug":true,"job_id":"2a9e1f1bc92dc0c7a4bde930dff488771eea6d36988208d34163c5496227b8dc","status":"test_started","status_id":1,"message":"Test has started"}

# You need to keep calling this until test is finished $ curl -XPOST -d 'job_id=2a9e1f1bc92dc0c7a4bde930dff488771eea6d36988208d34163c5496227b8dc' ''

{"job_id":"2a9e1f1bc92dc0c7a4bde930dff488771eea6d36988208d34163c5496227b8dc","status":"in_progress","status_id":2,"eta":2,"message":"Your test is in progress"}

# New test (cached) $ curl -XPOST -d '' ''

{"test_id":"c84936eef26eeb8aaef5ffc43f38ddb91adfd90ac27fb416bd0b21fe2edb1004","status":"test_cached","status_id":3,"message":"Test is cached"}

$ curl -XPOST -d 'id=c84936eef26eeb8aaef5ffc43f38ddb91adfd90ac27fb416bd0b21fe2edb1004' ''

# Example with error $ curl -XPOST -d 'domain=' ''

{"error":"The domain name does not exist","error_id":9}

Example of Server Response


About the Service

Domain Security Test is a free product available online, provided and operated by ImmuniWeb.

Domain Security Test performs the following tests:

  • Dark Web Exposure Monitoring

  • Hacking forums
    Underground market places
    Pastebin and other paste websites
    Social networks
    Telegram chats
    IRC channels
  • Potential Cybersquatting

  • Domains registered in different TLDs and owned by a third party
    Domains imitating domain names or business identity and owned by a third party
  • Potential Typosquatting

  • Domains with typos in body and owned by a third party
    Domains with typos in body and TLD and owned by a third party
  • Potential Phishing

  • Domains that try to visually impersonate your domain or brand and owned by a third party
    Domains that contain phishing content targeting your domain or brand users
    Domains that contain malicious content targeting your domain or brand users
  • Social Networks

  • Testing Twitter
    Testing Facebook
    Testing BitBucket
    Testing Github
    Testing YouTube

Phishing Data Sources

For phishing websites detection we use the following data sources:
Our proprietary network of web honeypots
Our proprietary network of email honeypots
Google Safe Browsing

We are not showing among the results domains owned by the same company or person, or hosted on the same IP or subnetwork than the original domain.
Interactive Live World Map
Date/Time ()
Server location
Dark Web
Social Networks
Click to view full test results
View in fullscreen
Current time:
Latest update:

Newly Registered Domains:

Latest Phishing Alerts:

Trademark Infringement and Misuse: Most Targeted Brands

# Brand Dark Web Phishing Typosquatted Cybersquatted Social Networks Total

Try Other ImmuniWeb® Free Products

Ask a Question