#scam

Tell whether a domain is a known crypto phishing or scam site before a wallet or user connects to it — using MetaMask's canonical eth-phishing-detect blocklist, the same list that protects millions of MetaMask users, read keyless and live. It runs the real detection logic: an exact and subdomain match against the blocklist and allowlist, plus a Levenshtein fuzzy match against high-value lookalike targets to catch typosquats like "myetherwaliet.com" or "app-wallet-uniswap.org". Check a domain or URL for a verdict (blocked, allowed, fuzzy or unknown) with the reason, search the 190,000-entry blocklist, or read its stats. The dApp-connection safety layer every wallet, browser extension, Telegram bot and security tool needs to warn users before they sign. Live, lightly cached.

api.oanor.com/phishingcheck-api

Live crypto scam, phishing and dApp-safety checks for the things a user actually clicks or buys — the consumer-protection layer, powered by the public GoPlus Security data, no key, nothing stored. Before you connect a wallet to a website, sign a transaction or mint an NFT, ask whether it is safe. The phishing endpoint checks whether a URL is a known crypto phishing site. The dapp endpoint returns a decentralized app's audit and trust status — its project name, whether it has been audited, whether GoPlus lists it as a trusted project, and the audit firms and dates. The nft endpoint scans an NFT collection contract for risk — whether it is verified or a fake, open-source or a proxy, whether the owner can mint, burn or move tokens without approval, whether the metadata is frozen, plus its item, holder and 24-hour trading-volume figures. Stop phishing sites, fake NFT collections and unaudited dApps before they cost a user their funds. This is the website / dApp / NFT scam-detection cut — distinct from the token-contract-and-wallet security, the historical-exploit database and the price APIs in the catalogue.

api.oanor.com/scamcheck-api