The Dymo API Database is the largest database of fraud (including malware) in the world. Served via API, you can consult information on any type of data you need at any time.
What data does the Dymo API Database contain?
All data processed by Dymo API is sourced from public information or legitimate security intelligence feeds. We do not provide raw datasets, and we do not allow bulk access to our underlying data.
Our platform operates exclusively on a query-based model, returning only relevant security signals derived from the submitted input. Data processing is conducted solely for fraud prevention, risk analysis, and security purposes.
As stated in our Privacy Policy and in accordance with applicable laws, Dymo will provide required data from Dymo API DB and, where legally applicable, from customer-related records, exclusively upon receipt of a valid request from a competent governmental authority with the appropriate legal authorization. Such disclosures are made strictly for the purposes of fraud prevention, criminal investigation, and enforcement of applicable laws, and only when legally required.
Used for detecting fraud, disposable emails, phishing, malware, and SPAM.
There are multiple competitors that perform this same action and store this data.
Used to identify malicious subdomains without affecting free or paid subdomain providers.
There are multiple competitors that perform this same action and store this data.
Used to block malicious subdomains from free or paid subdomain providers.
There are multiple competitors that perform this same action and store this data.
Used to avoid false positives, detect valuable leads, among other uses.
There are multiple competitors that perform this same action and store this data.
Used to provide companies with student detection and to offer discounts to these users, facilitating their identification.
There are multiple competitors that perform this same action and store this data.
Generally used for phishing detection and parental control of minors.
There are multiple competitors that perform this same action and store this data.
Used to inform users whether the domain or subdomain has been compromised, also used in the Dymo Browser Extension to warn users to be careful with the data they provide on such sites.
There are multiple competitors that perform this same action and store this data.
Used to detect SPAM emails, risk scores, and other uses.
There are multiple competitors that perform this same action and store this data.
Used to detect multi-account detection evasion, and also to evade SPAM.
There are multiple competitors that perform this same action and store this data.
Used for fraud detection and user prevention.
There are multiple competitors that perform this same action and store this data.
Used in conjunction with an intelligent algorithm to detect potentially malicious URLs.
There are multiple competitors that perform this same action and store this data.
Used in conjunction with an intelligent algorithm to detect potentially malicious URLs.
There are multiple competitors that perform this same action and store this data.
Used so that ONLY those who know the compromised Webhook URL can check whether it has been compromised and thus delete it and replace it with a new one in order to prevent anyone else from using it.
There are multiple competitors that perform this same action and store this data.
Used to report platforms that provide these webhooks to users so that they can be removed or blocked.
There are multiple competitors that perform this same action and store this data.
Used for detecting phishing and other types of fraud.
There are multiple competitors that perform this same action and store this data.
Used for phishing detection, multi-account detection, and other types of fraud.
There are multiple competitors that perform this same action and store this data.
Used to provide companies with student detection and to offer discounts to these users, facilitating their identification.
There are multiple competitors that perform this same action and store this data.
Used for detecting phishing and other types of fraud.
There are multiple competitors that perform this same action and store this data.
Used for detecting phishing and other types of fraud.
There are multiple competitors that perform this same action and store this data.
Used to detect multiple accounts that violate the policies/regulations of the platforms used and are used for illegitimate purposes.
There are multiple competitors that perform this same action and store this data.
Used to warn the user that their email has been leaked/pwned.
There are multiple competitors that perform this same action and store this data.
Used for the early detection of leaked/pwned emails and to prevent email spam.
There are multiple competitors that perform this same action and store this data.
Used for the early detection of leaked/pwned emails and to prevent email spam.
There are multiple competitors that perform this same action and store this data.
Used to detect multi-account detection evasion, and also to evade SPAM.
There are multiple competitors that perform this same action and store this data.
Used to warn about vulnerability scans and maintain security on platforms.
There are multiple competitors that perform this same action and store this data.
Used to warn about vulnerability scans and maintain security on platforms.
There are multiple competitors that perform this same action and store this data.
Used to provide information on known vulnerabilities and also detect malicious and compromised packages/libraries/dependencies.
There are multiple competitors that perform this same action and store this data.
Used so that ONLY the person who knows the API Key can check if it has been leaked in order to delete and replace it as soon as possible.
There are multiple competitors that perform this same action and store this data.
Used to warn platforms that provide these API keys that they are being used for fraud.
There are multiple competitors that perform this same action and store this data.
Used to detect malicious users in platform registers.
There are multiple competitors that perform this same action and store this data.
Used to detect malicious users in platform registers.
There are multiple competitors that perform this same action and store this data.
Used to detect suspicious users in platform registers.
There are multiple competitors that perform this same action and store this data.
Used to report malicious users on platforms.
There are multiple competitors that perform this same action and store this data.
Used to report compromised users on platforms.
There are multiple competitors that perform this same action and store this data.
Used for phishing detection and other uses with malicious cryptocurrency wallets.
There are multiple competitors that perform this same action and store this data.
Used to parse data and validate it.
There are multiple competitors that perform this same action and store this data.
Used by our algorithm for fraud detection.
There are multiple competitors that perform this same action and store this data.
Used by our algorithm to avoid false positives and reputation categorization.
There are multiple competitors that perform this same action and store this data.
Used for detecting fraud and phishing, C2, etc.
There are multiple competitors that perform this same action and store this data.
Used to inform users whether the IP has been compromised, also used in the Dymo Browser Extension to warn users to be careful with the data they provide on such sites.
There are multiple competitors that perform this same action and store this data.
Used for typical IP geolocation used on millions of websites worldwide.
There are multiple competitors that perform this same action and store this data.
Used for VPN/proxy detection.
There are multiple competitors that perform this same action and store this data.
Used to facilitate the detection of invalid cards in payment gateways.
There are multiple competitors that perform this same action and store this data.
Used to detect other types of User-Agents, such as unauthorized pentesting tool scans.
There are multiple competitors that perform this same action and store this data.
Used to facilitate the detection of invalid cards in payment gateways.
There are multiple competitors that perform this same action and store this data.
Used for fraud and SPAM detection.
There are multiple competitors that perform this same action and store this data.
Used for detecting fraud, SPAM, and multiple accounts.
There are multiple competitors that perform this same action and store this data.
Used for fraud and SPAM detection.
There are multiple competitors that perform this same action and store this data.
Used for the early detection of leaked/pwned emails and to prevent email spam.
There are multiple competitors that perform this same action and store this data.
Used to associate financial data with a banking institution (public data by institution).
There are multiple competitors that perform this same action and store this data.
Used to report malicious transactions involving these IBANs to financial institutions.
There are multiple competitors that perform this same action and store this data.
Used to facilitate the detection of invalid cards in payment gateways.
There are multiple competitors that perform this same action and store this data.
Used so that ONLY the person who knows the credit card can check if it has been compromised and cancel it immediately.
There are multiple competitors that perform this same action and store this data.
Used to detect single-use cards to prevent subscription renewal and greater anonymity in fraudulent use.
There are multiple competitors that perform this same action and store this data.
Used to notify payment gateways of fraud detection and malicious transactions.
There are multiple competitors that perform this same action and store this data.
Used to detect weak passwords and warn the user.
There are multiple competitors that perform this same action and store this data.
Used to detect weak passwords and warn the user.
There are multiple competitors that perform this same action and store this data.
Used to detect weak passwords and warn the user.
There are multiple competitors that perform this same action and store this data.
Used for detecting hateful content.
There are multiple competitors that perform this same action and store this data.
The Algorithm
Dymo API does not work exclusively with data from the Dymo API Database; it is necessary to use an algorithm that is capable of predicting fraud and other data, thanks to information from the Dymo API Database.
It is estimated that our algorithm can detect up to x3 as much fraudulent data that is not even in the database, based on known data.
Our algorithm is made up of more than 1K local intelligent systems (NOT artificial intelligence), capable of detecting information, sanitizing data, and other functionalities.
Data Acquisition System
Like all fraud detection systems, Dymo API has a complex algorithm, mentioned above, capable of detecting fraud, complemented by a scraper (simplified: internet search bot) that analyzes the entire internet in search of fraudulent/malicious data. This data goes through a validation algorithm and, if the algorithm considers it appropriate, it will be added to the Dymo API Database.
In addition to this, Dymo receives daily reports from the community and partners.
Furthermore, Dymo automatically creates traps for scammers and fraudsters in order to detect and store them for subsequent blocking and reporting.
FAQ about the database
Is the database open source? No, Dymo API DB is not open source, but you can view the information via Dymo API.
Can I get direct access to the database through a license or purchase the database? No, our database is not for sale, nor do we provide access to it.
Is the data shared with third parties? Not in raw form; anyone who knows the data they are going to consult will be able to see information about that data (except for sensitive data that could put the author at risk).
Does Dymo API store the data provided during my query? No, Dymo will ONLY store the data if it is NOT already in the database and if the data is marked as FRAUDULENT by our algorithm. Otherwise, it will NOT be stored, which is the case in most instances.
Is all this data available in the Dymo API? No, there is data that is not yet available for consultation in the API because that database is still growing or cannot be integrated for security reasons.
How can I correct information? You can report a data correction here.
How can I report new data? You can report a data correction here.
Can I obtain all fraudulent data related to my brand? Yes, you can contact our team and purchase the fraudulent/leaked data belonging to your brand, such as malicious subdomains if you are a subdomain provider (such as a hosting provider), in order to block them. Or, for example, to identify malicious domains that impersonate you in order to scam your customers. However, no data will be provided that cannot be verified as being under your control for privacy reasons.
Can I get more information about the algorithm and/or the Dymo API Database? No, only internal staff, investors, and government entities with the necessary legal permissions will be able to access more information than is available here and in our policies.
What is this data typically used for? You can check out the main use cases for Dymo API here.