Takedowns Management API

The Takedown Management API provides comprehensive API endpoints for managing takedown requests across different threat types and platforms. This API enables users to create, monitor, and manage takedown requests for malicious content and domains.

Authentication

Check the authentication page to see the available options.

Access and authentication

Takedowns API Base URL

The base URL for the takedown API is https://takedown.bfore.ai/api

Takedown Listing

Retrieves a paginated list of takedown requests

get

Query parameters

sincestring · date-timeOptional

untilstring · date-timeOptional

brand_idinteger[]Optional

Filter by one or more brand IDs

company_idsinteger[]Optional

attack_urlstringOptional

brand_namestringOptional

sortall ofOptionalDefault: created

string · enumOptional

An enumeration.

Possible values:

orderall ofOptionalDefault: descending

string · enumOptional

An enumeration.

Possible values:

pageinteger · min: 1OptionalDefault: 1

sizeinteger · min: 1 · max: 100OptionalDefault: 50

Header parameters

X-AuthorizationstringOptional

Responses

200

Successful Response

application/json

422

Validation Error

application/json

get

/v2/takedown/list

GET /v2/takedown/list HTTP/1.1
Accept: */*

{
  "items": [
    {
      "id": "text",
      "created": "2026-01-29T09:50:05.264Z",
      "attack_url": "https://example.com",
      "value": {
        "type": "text",
        "value": "text"
      },
      "brand_name": "text",
      "user_id": "text",
      "description": "text",
      "company_id": 1,
      "status_id": 1,
      "status_name": "text",
      "updated_at": "2026-01-29T09:50:05.264Z",
      "brand_id": 1,
      "attack_id": 1,
      "takedown_type": "text",
      "cancellation_reason": "text",
      "platform": "text",
      "threat_type": "text",
      "rejection_reason": "text",
      "rejection_description": "text"
    }
  ],
  "total": 1,
  "page": 1,
  "size": 1,
  "pages": 1
}

Get Takedown Requests By Id

get

Fetches the details of a takedown request using the provided takedown ID

Path parameters

takedown_idstringRequired

Header parameters

X-AuthorizationstringOptional

Responses

200

Successful Response

application/json

422

Validation Error

application/json

get

/v2/takedown/{takedown_id}

GET /v2/takedown/{takedown_id} HTTP/1.1
Accept: */*

{
  "id": "text",
  "created": "2026-01-29T09:50:05.264Z",
  "attack_url": "https://example.com",
  "value": {
    "type": "text",
    "value": "text"
  },
  "brand_name": "text",
  "user_id": "text",
  "description": "text",
  "company_id": 1,
  "status_id": 1,
  "status_name": "text",
  "updated_at": "2026-01-29T09:50:05.264Z",
  "brand_id": 1,
  "attack_id": 1,
  "takedown_type": "text",
  "cancellation_reason": "text",
  "platform": "text",
  "threat_type": "text",
  "rejection_reason": "text",
  "rejection_description": "text"
}

Takedown Creation

Start a takedown from a confirmed attack

Takedowns are automatically initiated when your PreCrime configuration is enabled for automatic takedown processing. For manual takedown management, confirmed attacks information can be retrieved using the /v2/takedown/attacks endpoint.

Confirmed attacks are already undergoing disruption through our Network Disruption Partners and are ready for complete takedown processing. Only attacks with confirmed status are eligible for takedown initiation. This endpoint automatically filters requests to include only confirmed attacks.

Get Attacks

get

Query parameters

fromstring · date-timeRequired

untilstring · date-timeRequired

company_idsinteger[]Optional

attack_namestringOptional

sortall ofOptionalDefault: updated_at

string · enumOptional

An enumeration.

Possible values:

orderall ofOptionalDefault: descending

string · enumOptional

An enumeration.

Possible values:

pageinteger · min: 1OptionalDefault: 1

sizeinteger · min: 1 · max: 100OptionalDefault: 50

brand_idinteger[]Optional

Filter by one or more brand IDs

protected_asset_idinteger[]Optional

Filter by one or more brand IDs

Header parameters

X-AuthorizationstringOptional

Responses

200

Successful Response

application/json

422

Validation Error

application/json

get

/v2/takedown/attacks

GET /v2/takedown/attacks?from=2026-01-29T09%3A50%3A05.264Z&until=2026-01-29T09%3A50%3A05.264Z HTTP/1.1
Accept: */*

{
  "items": [
    {
      "company_id": 1,
      "protected_asset_id": 1,
      "protected_asset_name": "text",
      "attack_id": 1,
      "attack_name": "text",
      "value": {
        "type": "text",
        "value": "text"
      },
      "detection_date": "2026-01-29T09:50:05.264Z",
      "identification_status": {
        "value": "text",
        "updated_at": "2026-01-29T09:50:05.264Z"
      },
      "score": {
        "value": 1,
        "updated_at": "2026-01-29T09:50:05.264Z"
      },
      "asset_type": "domain",
      "takedown": {
        "id": "text",
        "created": "2026-01-29T09:50:05.264Z",
        "updated_at": "2026-01-29T09:50:05.264Z",
        "status": "text",
        "status_id": 1,
        "status_updated_at": "2026-01-29T09:50:05.264Z"
      }
    }
  ],
  "total": 1,
  "page": 1,
  "size": 1,
  "pages": 1,
  "warning": "text"
}

Accept a confirmed attack takedown

post

Accept a takedown for an attack that has been flagged as confirmed by BforeAI.

Header parameters

X-AuthorizationstringOptional

Body

attack_idintegerRequired

brand_idintegerRequired

Responses

200

Takedown successfully initiated

application/json

404

Not Found - Threat ID not found or no company assigned

422

Validation Error

application/json

post

/v2/takedown/accept

POST /v2/takedown/accept HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 28

{
  "attack_id": 1,
  "brand_id": 1
}

{
  "id": "text",
  "created": "2026-01-29T09:50:05.264Z",
  "attack_url": "https://example.com",
  "value": {
    "type": "text",
    "value": "text"
  },
  "brand_name": "text",
  "user_id": "text",
  "description": "text",
  "company_id": 1,
  "status_id": 1,
  "status_name": "text",
  "updated_at": "2026-01-29T09:50:05.264Z",
  "brand_id": 1,
  "attack_id": 1,
  "takedown_type": "text",
  "cancellation_reason": "text",
  "platform": "text",
  "threat_type": "text",
  "rejection_reason": "text",
  "rejection_description": "text"
}

Request a an infrastructure takedown

Request a takedown for a potential false negative

post

Request a takedown for a domain not yet identified as malicious. If the domain was already detected, a 202 Accepted response will be returned with a message.

Header parameters

X-AuthorizationstringOptional

Body

urlstring · uri · min: 1 · max: 2083Required

brand_idintegerRequired

commentstringRequired

Responses

200

Takedown successfully initiated

application/json

202

Takedown accepted but attack was already detected

application/json

400

Bad Request - e.g., brand is not active

404

Not Found - e.g., brand ID does not exist

422

Validation Error

application/json

post

/v2/takedown/request

POST /v2/takedown/request HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 59

{
  "url": "https://example.com",
  "brand_id": 1,
  "comment": "text"
}

{
  "id": "text",
  "created": "2026-01-29T09:50:05.264Z",
  "attack_url": "https://example.com",
  "value": {
    "type": "text",
    "value": "text"
  },
  "brand_name": "text",
  "user_id": "text",
  "description": "text",
  "company_id": 1,
  "status_id": 1,
  "status_name": "text",
  "updated_at": "2026-01-29T09:50:05.264Z",
  "brand_id": 1,
  "attack_id": 1,
  "takedown_type": "text",
  "cancellation_reason": "text",
  "platform": "text",
  "threat_type": "text",
  "rejection_reason": "text",
  "rejection_description": "text"
}

post

Submit a takedown request for a social media threat. Takedowns created via this endpoint will be assigned a 'pending' status by default.

Header parameters

X-AuthorizationstringOptional

Body

threat_typestring · enumRequired

An enumeration.

Possible values:

platformstring · enumRequired

An enumeration.

Possible values:

malicious_urlstring · uri · min: 1 · max: 2083Required

brand_idintegerRequired

commentstringRequired

Responses

200

Takedown successfully initiated

application/json

400

Bad Request - e.g., brand is not active

404

Not Found - e.g., brand ID does not exist

422

Validation Error

application/json

post

/v2/takedown/social-media

POST /v2/takedown/social-media HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 121

{
  "threat_type": "Impersonation",
  "platform": "Facebook",
  "malicious_url": "https://example.com",
  "brand_id": 1,
  "comment": "text"
}

{
  "id": "text",
  "created": "2026-01-29T09:50:05.264Z",
  "attack_url": "https://example.com",
  "value": {
    "type": "text",
    "value": "text"
  },
  "brand_name": "text",
  "user_id": "text",
  "description": "text",
  "company_id": 1,
  "status_id": 1,
  "status_name": "text",
  "updated_at": "2026-01-29T09:50:05.264Z",
  "brand_id": 1,
  "attack_id": 1,
  "takedown_type": "text",
  "cancellation_reason": "text",
  "platform": "text",
  "threat_type": "text",
  "rejection_reason": "text",
  "rejection_description": "text"
}

Takedown Cancelation

Cancel an existing takedown request by providing the takedown ID and a valid cancellation reason. Please note that cancellation success depends on the current status of the takedown process and the involvement of third-party entities. While we will attempt to process all cancellation requests, completion cannot be guaranteed due to external dependencies and process constraints.

Cancel a submitted takedown request

post

Path parameters

takedown_idstringRequired

Header parameters

X-AuthorizationstringOptional

Body

cancel_reason_idintegerRequired

descriptionstringOptional

Responses

200

Successful Response

application/json

422

Validation Error

application/json

post

/v2/takedown/{takedown_id}/cancel

POST /v2/takedown/{takedown_id}/cancel HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 43

{
  "cancel_reason_id": 1,
  "description": "text"
}

{
  "message": "text",
  "takedown_id": "text",
  "new_status": "text",
  "description": "text",
  "rejection_reason": "text"
}

Reference Data and Configuration

Here you can find utility endpoints that provide the configuration options used in the rest of the API requests.

Get All Statuses

get

Query parameters

takedown_typestringOptional

Filter by takedown type

Header parameters

X-AuthorizationstringOptional

Responses

200

Successful Response

application/json

422

Validation Error

application/json

get

/v2/takedown/statuses

GET /v2/takedown/statuses HTTP/1.1
Accept: */*

[
  {
    "id": 1,
    "name": "text",
    "description": "text"
  }
]

Get Takedown Types V2

get

Header parameters

X-AuthorizationstringOptional

Responses

200

Successful Response

application/json

Responsestring[]

422

Validation Error

application/json

get

/v2/takedown/takedown_types/

GET /v2/takedown/takedown_types/ HTTP/1.1
Accept: */*

[
  "text"
]

Get Social Media Platform Names

get

Header parameters

X-AuthorizationstringOptional

Responses

200

Successful Response

application/json

422

Validation Error

application/json

get

/v2/takedown/social_media/platforms

GET /v2/takedown/social_media/platforms HTTP/1.1
Accept: */*

{
  "items": [
    "text"
  ]
}

Get Cancellation Reasons

get

Header parameters

X-AuthorizationstringOptional

Responses

200

Successful Response

application/json

422

Validation Error

application/json

get

/v2/takedown/cancellation_reasons

GET /v2/takedown/cancellation_reasons HTTP/1.1
Accept: */*

[
  {
    "id": 1,
    "reason": "text",
    "is_active": true
  }
]

Get Threat Types

get

Header parameters

X-AuthorizationstringOptional

Responses

200

Successful Response

application/json

422

Validation Error

application/json

get

/v2/takedown/social_media/threat_types

GET /v2/takedown/social_media/threat_types HTTP/1.1
Accept: */*

{
  "items": [
    "text"
  ]
}

PreviousCompanies Management API NextPreCrime Intelligence

Last updated 3 months ago

Was this helpful?

hashtagAuthentication

hashtagTakedowns API Base URL

hashtagTakedown Listing

hashtagRetrieves a paginated list of takedown requests

hashtagGet Takedown Requests By Id

hashtagTakedown Creation

hashtagStart a takedown from a confirmed attack

hashtagGet Attacks

hashtagAccept a confirmed attack takedown

hashtagRequest a an infrastructure takedown

hashtagRequest a takedown for a potential false negative

hashtagRequest a social media takedown

hashtagCreate a takedown request for social media content

hashtagTakedown Cancelation

hashtagCancel a submitted takedown request

hashtagReference Data and Configuration

hashtagGet All Statuses

hashtagGet Takedown Types V2

hashtagGet Social Media Platform Names

hashtagGet Cancellation Reasons

hashtagGet Threat Types

Authentication

Takedowns API Base URL

Takedown Listing

Retrieves a paginated list of takedown requests

Get Takedown Requests By Id

Takedown Creation

Start a takedown from a confirmed attack

Get Attacks

Accept a confirmed attack takedown

Request a an infrastructure takedown

Request a takedown for a potential false negative

Request a social media takedown

Create a takedown request for social media content

Takedown Cancelation

Cancel a submitted takedown request

Reference Data and Configuration

Get All Statuses

Get Takedown Types V2

Get Social Media Platform Names

Get Cancellation Reasons

Get Threat Types