Open data & API
HasTrust publishes its scam-domain blocklist and per-domain trust verdicts as open data. Free for research, blocklists, security tooling and journalism — attribution required (CC BY 4.0, see below).
Scam-domain blocklist
Every domain our assessments currently rate Avoid — the highest-confidence slice of the corpus. Updated continuously as new checks run; responses are cached for 5 minutes. CORS is enabled, so you can call it straight from a browser or extension.
GET https://hastrust.com/api/blocklist{ "domains": ["example-scam.shop", "…"] }Plain JSON, one flat array — trivial to convert to hosts/adblock format.
Trust lookup — single domain
The extension's own endpoint. Returns the cached verdict when we have one (trust score 0–100, label, assessment URL); otherwise an instant domain-age signal plus a link that runs the full check.
GET https://hastrust.com/api/quick?domain=example.comcurl -s 'https://hastrust.com/api/quick?domain=temu.com'License & attribution
All data is licensed CC BY 4.0. Use it in any project, commercial or not — credit “HasTrust” with a link to hastrust.com where the data is shown or documented.
Fair use
Cache responses for at least 5 minutes and fetch server-side for anything high-volume — don't proxy every visitor through the API. Need bulk access, historical snapshots or a different format? Get in touch — we're happy to help researchers.
How verdicts are made
Methodology, signal weights and the fairness floor for new shops are documented on How we score. Assessments are refreshed continuously; the newest ones are in the RSS feed.