# Crypto Scam Check API
> Live crypto scam, phishing and dApp-safety checks for the things a user actually clicks or buys — the consumer-protection layer, powered by the public GoPlus Security data, no key, nothing stored. Before you connect a wallet to a website, sign a transaction or mint an NFT, ask whether it is safe. The phishing endpoint checks whether a URL is a known crypto phishing site. The dapp endpoint returns a decentralized app's audit and trust status — its project name, whether it has been audited, whether GoPlus lists it as a trusted project, and the audit firms and dates. The nft endpoint scans an NFT collection contract for risk — whether it is verified or a fake, open-source or a proxy, whether the owner can mint, burn or move tokens without approval, whether the metadata is frozen, plus its item, holder and 24-hour trading-volume figures. Stop phishing sites, fake NFT collections and unaudited dApps before they cost a user their funds. This is the website / dApp / NFT scam-detection cut — distinct from the token-contract-and-wallet security, the historical-exploit database and the price APIs in the catalogue.

## Authentication
All requests require your oanor API key in the `x-oanor-key` header. Get one at https://www.oanor.com/developer/keys.

```bash
curl -H "x-oanor-key: oanor_live_…" "https://api.oanor.com/scamcheck-api/..."
```

## Pricing
- **Free** (Free) — 16,500 calls/Mo, 3 req/s
- **Starter** ($9/Mo) — 195,000 calls/Mo, 10 req/s
- **Pro** ($26/Mo) — 860,000 calls/Mo, 28 req/s
- **Scale** ($58/Mo) — 2,950,000 calls/Mo, 65 req/s

## Endpoints

### Phishing

#### `GET /v1/phishing` — Is a URL a known crypto phishing site

**Parameters:**
- `url` (query, required, string) — URL to check Example: `https://www.uniswap.org`

**Example:**
```bash
curl -H "x-oanor-key: $KEY" \
  "https://api.oanor.com/scamcheck-api/v1/phishing?url=https%3A%2F%2Fwww.uniswap.org"
```

**Response:**
```json
{
    "data": {
        "url": "https://www.uniswap.org",
        "note": "is_phishing true means the URL is flagged as a known crypto phishing site.",
        "source": "GoPlus",
        "is_phishing": false,
        "website_contract_risks": []
    },
    "meta": {
        "timestamp": "2026-06-11T16:46:41.116Z",
        "request_id": "89518a1b-1f28-4c45-b7c2-af0f77f43b3c"
    },
    "status": "ok",
    "message": "Phishing check completed",
    "success": true
}
```

### dApp

#### `GET /v1/dapp` — dApp audit and trust status

**Parameters:**
- `url` (query, required, string) — dApp URL Example: `https://app.uniswap.org`

**Example:**
```bash
curl -H "x-oanor-key: $KEY" \
  "https://api.oanor.com/scamcheck-api/v1/dapp?url=https%3A%2F%2Fapp.uniswap.org"
```

**Response:**
```json
{
    "data": {
        "url": "https://app.uniswap.org/#/swap",
        "note": "Audit and trust status of a decentralized app. in_trust_list true means GoPlus lists it as a known, trusted project.",
        "audits": [
            {
                "date": "2019.01.11",
                "firm": "ConsenSys",
                "link": "https://github.com/ConsenSys/Uniswap-audit-report-2018-12/blob/master/Uniswap-final.md"
            }
        ],
        "source": "GoPlus",
        "is_audited": true,
        "project_name": "Uniswap",
        "in_trust_list": true
    },
    "meta": {
        "timestamp": "2026-06-11T16:46:41.453Z",
        "request_id": "aca208e7-987a-4daa-bb40-0fd11812b8c1"
    },
    "status": "ok",
    "message": "dApp security retrieved successfully",
    "success": true
}
```

### NFT

#### `GET /v1/nft` — NFT collection contract risk scan

**Parameters:**
- `contract` (query, required, string) — NFT contract address Example: `0xBC4CA0EdA7647A8aB7C2061c2E118A18a936f13D`
- `chain` (query, optional, string) — GoPlus chain id (default 1=Ethereum) Example: `1`

**Example:**
```bash
curl -H "x-oanor-key: $KEY" \
  "https://api.oanor.com/scamcheck-api/v1/nft?contract=0xBC4CA0EdA7647A8aB7C2061c2E118A18a936f13D&chain=1"
```

**Response:**
```json
{
    "data": {
        "name": "BoredApeYachtClub",
        "note": "NFT collection contract risk. red_flag true means it is on a malicious list; check privileged_* and metadata_frozen for owner powers.",
        "chain": "1",
        "items": 10000,
        "source": "GoPlus",
        "symbol": "BAYC",
        "holders": 5604,
        "contract": "0xBC4CA0EdA7647A8aB7C2061c2E118A18a936f13D",
        "is_proxy": false,
        "red_flag": null,
        "description": "The Bored Ape Yacht Club is a collection of 10,000 unique Bored Ape NFTs— unique digital collectibles living on the Ethereum blockchain. Your Bored Ape doubles as your Yacht Club membership card, and grants access to members-only benefits, the first of which is access to THE BATHROOM, a collaborative graffiti board. Future areas and perks can be unlocked by the community through roadmap activation. Visit www.BoredApeYachtClub.com for more details.",
        "is_verified": true,
        "total_volume": 2007942.0829,
        "self_destruct": false,
        "is_open_source": true,
        "metadata_frozen": null,
        "privileged_burn": false,
        "traded_volume_24h": 28.51,
        "privileged_minting": null,
        "restricted_approval": false,
        "transfer_without_approval": false
    },
    "meta": {
        "timestamp": "2026-06-11T16:46:41.826Z",
        "request_id": "4e0b8db7-7aa5-4477-9132-693400480fef"
    },
    "status": "ok",
    "message": "NFT security retrieved successfully",
    "su
…(truncated, see openapi.json for full schema)
```

### Meta

#### `GET /v1/meta` — Service metadata

**Example:**
```bash
curl -H "x-oanor-key: $KEY" \
  "https://api.oanor.com/scamcheck-api/v1/meta"
```

**Response:**
```json
{
    "data": {
        "note": "phishing and dapp take url=https://...; nft takes chain (GoPlus id, default 1=Ethereum) and contract=0x.... Booleans come from the upstream's 0/1 flags.",
        "source": "GoPlus Security (api.gopluslabs.io/api/v1, live)",
        "service": "scamcheck-api",
        "endpoints": {
            "GET /v1/nft": "NFT collection contract risk scan (chain=1&contract=0x...).",
            "GET /v1/dapp": "A dApp's audit and trust status (url=https://app.uniswap.org).",
            "GET /v1/meta": "This document.",
            "GET /v1/phishing": "Is a URL a known crypto phishing site (url=https://example.com)."
        },
        "description": "Live crypto scam, phishing and dApp-safety checks for the things a user clicks or buys, from GoPlus Security. The consumer-protection layer: before connecting a wallet, signing a transaction or minting an NFT, check if it is safe. The phishing endpoint checks whether a URL is a known crypto phishing site; the dapp endpoint returns a dApp's audit and trust status (project name, audited, trust list, audit firms/dates); the nft endpoint scans an NFT collection contract for risk (verified vs fake, open-source vs proxy, owner mint/burn/transfer powers, frozen metadata, item/holder/volume figures). Live, no key, nothing stored. The website / dApp / NFT scam-detection cut — distinct from the token-contract-and-wallet security, historical-exploit and price APIs.",
        "upstream_status": "ok"
    },
    "meta":
…(truncated, see openapi.json for full schema)
```


---
Marketplace page: https://www.oanor.com/api/scamcheck-api
OpenAPI spec: https://www.oanor.com/api/scamcheck-api/openapi.json