ThreatFusionAI API

Query breached emails, phone exposure, malicious IPs/URLs, file hashes, domains and CVE intelligence over a simple token-authenticated REST API.

Step 1 Authentication

Every request must include your API key in the Authorization header. Keep your key secret — treat it like a password.

Authorization: Token YOUR_API_KEY

Step 2 Base URL

All endpoints are relative to the production base URL.

https://threatfusionai.com/api/

Reference GET Endpoints

All lookups are GET requests with a query parameter.

GET
/api/email-lookup/[email protected]
Breached-email intelligence for an address.
GET
/api/phone-lookup/?query=15551234567
Phone-number exposure data.
GET
/api/banip-lookup/?query=8.8.8.8
Malicious or banned IP records.
GET
/api/hash-lookup/?query=<hash>
File-hash (MD5/SHA1/SHA256) intelligence.
GET
/api/url-lookup/?query=https://example.com
Malicious-URL records.
GET
/api/domain-lookup/?query=example.com
Domain intelligence.
GET
/api/cve-data/?cve=CVE-2024-0001
CVE and vulnerability data.

Example Email Lookup

A complete request with curl:

curl -X GET "https://threatfusionai.com/api/email-lookup/[email protected]" \ -H "Authorization: Token YOUR_API_KEY"

Reference Response Status Codes

200
Success — data returned.
400
Missing or invalid query parameter.
401
Missing or invalid API token.
403
Plan/endpoint access denied, or account frozen.
404
No matching record in our database.
429
Daily request limit exceeded.

Don't have an API key yet?

Request API access