API Reference
Complete endpoint documentation. All examples below.
Quick start
Get your API key
- 1. Create a Latens account (free, no card)
- 2. Visit your account dashboard
- 3. Generate an API key from the "Developers" section
- 4. Include it in the
Authorizationheader of your requests
Example header:
Authorization: Bearer sk_live_abc123xyz789...Endpoints
/v1/threats/recent
Description
Fetch the most recent threat detections. Returns threats detected in the last 24 hours, ordered newest first. No authentication required for public threats feed.
Query parameters
limit offset type Code examples
curl -X GET 'https://api.latens.net/v1/threats/recent?limit=20' \
-H "Authorization: Bearer YOUR_API_KEY"Response schema
{
"data": [
{
"id": "threat_20260411_001",
"timestamp": "2026-04-11T14:32:00Z",
"domain": "phish-paypal-verify.ru",
"type": "phishing",
"confidence": 0.98,
"first_seen": "2026-04-11T12:15:00Z",
"blocked_by": 42847,
"status": "active"
}
],
"pagination": {
"limit": 20,
"offset": 0,
"total": 12847
}
}/v1/threats/feed
Description
Real-time threat feed via Server-Sent Events (SSE). Keep an open connection and receive new threats as they're detected. Extremely useful for SIEM integration and real-time dashboards.
Headers
Authorization: Bearer YOUR_API_KEYCode examples
curl -X GET 'https://api.latens.net/v1/threats/feed' \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Accept: text/event-stream"/v1/threats/ip/{ip}
Description
Look up the reputation of an IP address and get all known malicious domains resolved from it.
Parameters
ip IPv4 or IPv6 address to look up
Code examples
curl -X GET 'https://api.latens.net/v1/threats/ip/185.220.101.45' \
-H "Authorization: Bearer YOUR_API_KEY"Response schema
{
"ip": "185.220.101.45",
"reputation": "dangerous",
"threat_count": 12,
"last_seen": "2026-04-10T22:45:00Z",
"domains": [
{
"domain": "botnet-c2.cc",
"type": "botnet",
"first_seen": "2026-03-15T10:20:00Z"
}
]
}/v1/threats/stats
Description
Get aggregate threat statistics. Useful for dashboards, reports, and trend analysis.
Query parameters
period Code examples
curl -X GET 'https://api.latens.net/v1/threats/stats?period=24h' \
-H "Authorization: Bearer YOUR_API_KEY"Response schema
{
"period": "24h",
"total_threats": 12847,
"by_type": {
"phishing": 5230,
"malware": 3450,
"botnet": 2100,
"exploit": 1067,
"crawler": 1000
},
"unique_ips": 2847,
"blocked_requests": 847291,
"trend": "increasing",
"trend_percent": 2.4
}/blocklist.txt
Description
Plain text blocklist in standard format (one domain per line). No authentication required. Compatible with Pi-hole, dnsdist, DNS sinkhole, and other blocklist-based systems.
Code examples
curl -X GET 'https://api.latens.net/blocklist.txt' \
-o blocklist.txtResponse format (excerpt)
phish-paypal-verify.ru
botnet-c2.cc
cryptominer.net
malware.exploit-kit.cc
trojaned-router-fw.net
fake-apple-id.ru
credential-stealer.ccAuthentication
Authorization header
Include your API key in every request using the Authorization header.
Authorization: Bearer YOUR_API_KEYExample:
Authorization: Bearer sk_live_4eC39HqLyjWDarhtT658W135_26cFWYAPI key formats
- sk_live_ Production API keys (start with sk_live_)
- sk_test_ Test API keys (start with sk_test_). Free for testing.
Keep your API key secret. Don't commit it to version control. Rotate regularly.
Error responses
Bad Request
Invalid parameters or malformed request
Unauthorized
Missing or invalid API key
Too Many Requests
Rate limit exceeded. Check X-RateLimit-Reset header
Server Error
Unexpected server error. Try again later
Example error response:
{
"error": "Unauthorized",
"message": "Invalid API key",
"status": 401
}Rate limiting
Free tier
Pro tier
Rate limit headers
Every response includes rate limit information:
X-RateLimit-Limit Total requests allowed in the periodX-RateLimit-Remaining Requests remaining in the current periodX-RateLimit-Reset Unix timestamp when the limit resetsWebhooks coming soon
Webhook subscriptions will allow you to receive notifications when new threats are detected. Follow our GitHub for updates.