Developer API

Built for developers.

Real-time threat intelligence, programmatic blocking, and open routing rules. Integrate Latens into your security infrastructure with a simple REST API.

View API docs GitHub organization

Fetch recent threats

Get the latest threat detections across the network

curl -X GET 'https://api.latens.net/v1/threats/recent' \
  -H "Authorization: Bearer YOUR_API_KEY"
Threat Intelligence API

Real-time threat detection

Access our global sensor network. Get new threats within hours of detection.

GET

/v1/threats/recent

Fetch threats detected in the last 24 hours

Parameters

limit Optional. Max 100 results (default: 20)
type Optional. Filter by threat type: phishing, malware, botnet, crawler, exploit

Response

{
  "data": [
    {
      "id": "threat_20260411_001",
      "timestamp": "2026-04-11T14:32:00Z",
      "domain": "phish-paypal-verify.ru",
      "type": "phishing",
      "confidence": 0.98,
      "first_seen": "2026-04-11T12:15:00Z",
      "blocked_by": 42847,
      "status": "active"
    }
  ],
  "pagination": { "limit": 20, "offset": 0, "total": 12847 }
}
GET

/v1/threats/feed

Streaming threat feed (Server-Sent Events)

Auth required

Description

Connect with SSE to receive real-time threat updates as they're detected. This endpoint maintains an open connection and pushes new threats as they arrive.

Example JavaScript client

const eventSource = new EventSource(
  'https://api.latens.net/v1/threats/feed',
  { headers: { 'Authorization': 'Bearer YOUR_API_KEY' } }
);

eventSource.onmessage = (event) => {
  const threat = JSON.parse(event.data);
  console.log('New threat:', threat.domain);
};
GET

/v1/threats/ip/{ip}

IP reputation lookup. Domains resolved from this IP.

Example request

GET /v1/threats/ip/185.220.101.45

Response

{
  "ip": "185.220.101.45",
  "reputation": "dangerous",
  "threat_count": 12,
  "domains": [
    "botnet-c2.cc",
    "cryptominer.net"
  ],
  "last_seen": "2026-04-10T22:45:00Z"
}
GET

/v1/threats/stats

Aggregate threat statistics and trends

Response

{
  "period": "24h",
  "total_threats": 12847,
  "by_type": {
    "phishing": 5230,
    "malware": 3450,
    "botnet": 2100,
    "exploit": 1067
  },
  "unique_ips": 2847,
  "blocked_requests": 847291,
  "trend": "increasing"
}
GET

/blocklist.txt

Plain text blocklist for third-party integration

Description

Returns a newline-separated list of blocked domains. Compatible with DNS filters, pi-hole, and other blocklist consumers. No authentication required.

Example response (excerpt)

phish-paypal-verify.ru
botnet-c2.cc
cryptominer.net
malware.exploit-kit.cc
trojaned-router-fw.net

Authentication

API Key

All endpoints require authentication via API key in the Authorization header.

Authorization: Bearer YOUR_API_KEY

Get your API key from your account dashboard after signing up. Keep it secret.

Rate Limiting

Free tier: 100 req/day
Paid tier: 10,000 req/day
Enterprise: Custom limits

Rate limit headers included in response: X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset.

Error responses

400

Bad Request

Invalid parameters or malformed request

401

Unauthorized

Missing or invalid API key

429

Too Many Requests

Rate limit exceeded. Check X-RateLimit-Reset header

500

Server Error

Unexpected server error. Try again later

Open routing rules

Transparent domain routing

Every routing decision is open source. Audit exactly which sites go where.

Geosite categories

Latens uses geosite domain lists to classify content. Common categories:

  • au — Australian sites (always local)
  • cn — China-restricted content (routed overseas)
  • streaming — Geo-locked streaming services
  • ads — Ad networks (blocked globally)
  • malware — Known malicious domains (blocked)

How to audit rules

All rules are maintained on GitHub. You can inspect, fork, and contribute.

  1. 1. Visit github.com/latens/rules
  2. 2. Review geosite.dat (human-readable YAML)
  3. 3. Search for a domain you care about
  4. 4. File an issue or PR if you disagree with a classification

Request routing changes

Found a domain that's miscategorized? Submit a request.

Email [email protected] with the domain and reason
Or open a GitHub issue at latens/rules
Advanced

Self-hosted router

Run Latens on your own hardware for full network protection.

Zero trust architecture

Encrypted routing, cryptographic verification, decentralized trust model.

Private by default

All traffic stays inside your network. No cloud fallback.

Works offline

Cached rules work without internet. Optional cloud sync.

Getting started

Self-hosted router hardware is available for order. Full documentation and deployment scripts included.

Request information

API pricing

Free

$0 forever

Perfect for personal projects and learning.

  • 100 requests/day
  • Recent threats & stats
  • Community support

Pro

$99 /month

For teams and production deployments.

  • 10,000 requests/day
  • Real-time threat feed (SSE)
  • Priority email support
  • IP reputation lookup

Need higher limits? Contact us for enterprise pricing

Resources

GitHub

Open source routing rules and client SDKs

Full API Reference

Complete endpoint documentation and examples

Support

Email us with questions or integration issues

Ready to integrate?

Start with the free tier. No credit card required.

Sign up for Latens API status