Welcome to the PhishFort Public Blocklist API documentation.

PhishFort curates a public blocklist of detected and reported malicious sites targeting crypto and Web3 users around the globe. Here you can find a number of public endpoints which we hope will allow the community to seemlesly integrate with our system and protect their users.

The PhishFort Public Lists

All this documentation centres around the PhishFort Public Lists, this repo for all lists can be found here (opens in a new tab). The most important aspect of this list repo is the blocklist of malicious threats which can be found here (opens in a new tab). It is periodically updated with new threats in real-time.

The PhishFort Public List is maintained exclusively by PhishFort with additional input from our partners, all threats are reviewed by our panel of analysts before being inserted to prevent accidental listings. The structure of the public-lists repo is further explained in the List Structure section.

Motivation for this API

We noticed a few providers/partners resorted to consuming our GitHub lists through a CDN. Although we acknowledge the best way to access the PhishFort Blocklist speedily would be through a third-party CDN network, we cannot guarantee the integrity of such networks or how periodically their caches are updated. As a result, we developed this API as our own CDN, where we have more control over caching and performance. We highly recommend consuming the list from this API if performance is a concern, or directly from GitHub.

Want more threat intel?

We also offer a Threat Intel API called our Parner Sharing API . Unlike our public lists and lookup API, the partner threat intel sharing API is not public.