If you are visiting this page, it means you found our nameserver which is responsible for domain blocking. So here is how to use URLAbuse name-servers to check if the domain is blocklisted or not.
Enter your domain name:
Nameserver address: dbl.urlabuse.com
if you have a malicious (or suspicious) domain name (or fully-qualified domain name) and you want to check if it's blocklisted or not, you can ask this nameserver.
All you have to do is to prepend your domain name to our nameserver address and send a DNS query to our server. For example let's say you want to know if malware.wicar.org is malicious or not. Here is how to do it
dig A malware.wicar.org.dbl.urlabuse.com @dbl.urlabuse.com
and the output will be:
; <<>> DiG 9.18.28-0ubuntu0.24.04.1-Ubuntu <<>> A malware.wicar.org.dbl.urlabuse.com @dbl.urlabuse.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17207
;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;malware.wicar.org.dbl.urlabuse.com. IN A
;; ANSWER SECTION:
malware.wicar.org.dbl.urlabuse.com. 300 IN A 127.0.0.2
;; Query time: 0 msec
;; SERVER: dbl.urlabuse.com#53 (UDP)
;; WHEN: Sat Sep 21 13:19:47 CEST 2024
;; MSG SIZE rcvd: 79
As you can see, if the domain is blacklisted in our DB, then we return an A record with the value of 127.0.0.2. Otherwise, the answer will be NXDomain.
If you are a email service provider or an organization who wants to detect malicious domain names which delivers phishing and malware content, then this is the right service for you.
You can also use our API endpoint in case you don't want to use DNS. Here is the URL to our API https://dbl.urlabuse.com/lookup. The only parameter it accepts is the rd which is the domain name or fully-qualified domain name you want to query. Here is an example in Python:
# let's query 'malware.wicar.org'
import requests, json
url = "https://dbl.urlabuse.com/lookup"
r = requests.get(url, params={"rd": "malware.wicar.org"}, timeout=3)
print(json.loads(r.text))
r.close()
Or using cURL:
curl -q "https://dbl.urlabuse.com/lookup?rd=malware.wicar.org"
please make sure you are not sending excessive number of queries to our server. Currently the service does
not
have any rate-limit but any attempt to D[D]oS the nameserver will result in permanent ban
of
the IP address.
Send whatever number of queries you want. Just don't play stupid.