Verify a URL
Use POST /v1/verify/url before visiting, sharing, or acting on a link. Faro runs
deterministic checks first, looks up prior reputation on the domain, and only invokes
the LLM when those tiers are inconclusive.
curl https://api.farofinance.app/v1/verify/url \
-H "Authorization: Bearer $FARO_API_KEY" \
-H "Content-Type: application/json" \
-d '{"value": "http://sbi-kyc-update.xyz/verify"}'
{
"verdict": "red",
"confidence": 0.97,
"reason": "Google Safe Browsing flags this URL as Social Engineering.",
"recommended_action": "block"
}
What Faro calls (v1.1)
Each check runs concurrently; a slow or failing source degrades gracefully — it does not block the rest.
| Source | What it adds | Typical signals |
|---|---|---|
| Google Safe Browsing | Known phishing, malware, and social-engineering URLs | safe_browsing_threat, safe_browsing_clean |
| RDAP | Domain registration age (free, key-less WHOIS successor) | domain_age_days |
| Reputation graph | Prior verdicts and reports on this domain | reputation_reports, reputation_prior_critical |
| LLM (tier 3 only) | Brand impersonation and deceptive intent when tiers 1–2 cannot decide | llm_assessment |
Wrong verdict? Submit a report with kind: false_positive.
See the API reference for the full request and response schema.