Free API Documentation - Security Scanner & Web Tools

Overview

The 7AZZANI API provides programmatic access to our suite of security scanning, performance testing, and web utility tools. Build powerful integrations, automate security checks, and monitor website performance at scale.

Security Scanner

Detect vulnerabilities, malware, and security issues in websites

Performance Testing

Analyze Core Web Vitals, page speed, and optimization opportunities

Web Utilities

Speed tests, URL shortener, domain lookup, and more tools

Why Choose 7AZZANI API?

Enterprise-Grade Security: Advanced vulnerability detection and threat analysis
Real-Time Analysis: Get instant results with our high-performance infrastructure
Comprehensive Reporting: Detailed reports with actionable recommendations
Open Source & Free: Community-driven platform with unlimited free access for developers

Getting Started

🎉

API Access is FREE!

Create a free account and get unlimited API access. No credit card required.

1

Create an Account

Sign up for a free 7AZZANI account to access the API:

New User

Visit the signup page
Enter your email and create a password
Verify your email (optional but recommended)
You're ready to create API keys!

Existing User

Already have an account?

Login to Dashboard

2

Generate API Key

After logging in, visit your API dashboard to create an API key:

Go to API Dashboard
Click "Create New Key"
Give your key a descriptive name (e.g., "Production App", "Development")
Optionally add IP restrictions for enhanced security
Copy your API key (starts with 7AZ_)

Important Security Notice:

• Store your API key securely - it won't be shown again
• Never commit API keys to version control
• Use environment variables in production
• Rotate keys regularly for security

3

Make Your First Request

Use your API key to authenticate requests:

curl -H "Authorization: Bearer 7AZ_YOUR_API_KEY" \
     https://7azzani.com/api/scans/statistics/

All requests must include the Authorization header with your API key.

✓ Success Response (200 OK):

{
  "total_scans": 42,
  "completed_scans": 38,
  "vulnerabilities_found": 156,
  "critical_issues": 12
}

What You Get

🛡️

Security Scanner

Scan websites for vulnerabilities

⚡

Speed Test

Network bandwidth testing

🔗

URL Shortener

Create and track short links

🌐

Domain Lookup

WHOIS and DNS analysis

📱

QR Codes

Generate QR codes with tracking

📊

Analytics

Usage tracking and insights

API Endpoints

OpenAPI Specification

Import into Swagger, Postman, or other tools

Download YAML

Base URL: https://7azzani.com

All endpoints require Authorization: Bearer YOUR_API_KEY header

🛡️ Security Scanner

Scan websites for vulnerabilities, security issues, and misconfigurations.

GET /api/scans/

List all your security scans

POST /api/scans/quick_scan/

Perform a quick security scan

View Request/Response

Request Body:

{
  "url": "https://example.com",
  "scan_type": "quick"  // Options: "quick", "standard", "deep"
}

Response (201 Created):

{
  "scan_id": "abc123-def456",
  "url": "https://example.com",
  "status": "scanning",
  "status_url": "/api/scans/abc123-def456/status/"
}

GET /api/scans/{id}/status/

Check scan status and progress

GET /api/scans/{id}/report/

Get detailed vulnerability report

GET /api/scans/statistics/

Get overall scanning statistics

⚡ Speed Test

Run network speed tests and measure bandwidth, latency, and jitter.

POST /speedtest/api/v1/run/

Run a network speed test

View Request/Response

Response (200 OK):

{
  "test_id": "speed-789xyz",
  "download_speed": 95.4,
  "upload_speed": 45.2,
  "ping": 12,
  "jitter": 3.2,
  "server_location": "New York, US"
}

GET /speedtest/api/v1/history/

Get your speed test history

GET /speedtest/api/analytics/

Get speed test analytics and trends

🔗 URL Shortener (ShrinkIt)

Create shortened URLs with analytics and tracking.

POST /shrinkit/api/shorten/

Create a shortened URL

View Request/Response

Request Body:

{
  "url": "https://example.com/very/long/url/here",
  "custom_code": "mylink"  // Optional
}

Response (201 Created):

{
  "short_url": "https://7azzani.com/s/mylink",
  "short_code": "mylink",
  "original_url": "https://example.com/very/long/url/here",
  "created_at": "2024-01-15T10:30:00Z"
}

POST /shrinkit/api/toggle/{url_id}/

Enable/disable a URL

DELETE /shrinkit/api/delete/{url_id}/

Delete a shortened URL

GET /shrinkit/{short_code}/stats/

Get click statistics for a URL

🌐 Domain Lookup

Perform WHOIS lookups and DNS record analysis.

POST /lookup/api/lookup/

Perform domain/IP lookup

View Request/Response

Request Body:

{
  "domain": "example.com",
  "lookup_type": "all"  // Options: "whois", "dns", "all"
}

Response (200 OK):

{
  "domain": "example.com",
  "registrar": "Example Registrar Inc.",
  "created_date": "1995-08-14",
  "expiry_date": "2024-08-13",
  "dns_records": {
    "A": ["93.184.216.34"],
    "MX": ["mail.example.com"]
  }
}

GET /lookup/history/

Get your lookup history

📱 QR Code Generator

Generate customizable QR codes with tracking and analytics.

POST /qr/api/preview/

Generate QR code preview

View Request/Response

Request Body:

{
  "qr_type": "url",
  "content": "https://example.com",
  "style": {
    "color": "#000000",
    "background": "#FFFFFF"
  }
}

Response (200 OK):

{
  "preview_url": "/media/qr/preview_abc123.png",
  "qr_code_base64": "data:image/png;base64,..."
}

GET /qr/api/content-form/{qr_type}/

Get form fields for QR code type

Types: url, text, email, phone, wifi, vcard

⚠️ Error Responses

Common error responses across all endpoints:

401 Unauthorized

{
  "error": "Authentication required",
  "message": "Please provide a valid API key"
}

429 Too Many Requests

{
  "error": "Rate limit exceeded",
  "message": "Maximum 10 requests per second",
  "retry_after": 1
}

400 Bad Request

{
  "error": "Invalid request",
  "message": "URL is required"
}

Rate Limits & Quotas

Understanding Rate Limits

Rate limits prevent API abuse and ensure fair usage for all customers. Limits are applied per API key and reset automatically.

Limit Type	Quota	Description
Per Second	10 requests	Maximum burst rate for short-term traffic
Per Minute	100 requests	Sustained traffic limit
Daily/Monthly	Unlimited	No caps on total usage volume

Rate Limit Headers

Every API response includes headers with your current rate limit status:

X-RateLimit-Limit Your rate limit
X-RateLimit-Remaining Calls remaining
X-RateLimit-Reset Reset time (Unix timestamp)

Handling Rate Limits

When you exceed a rate limit:

• You'll receive a 429 Too Many Requests response
• Check the Retry-After header for wait time
• Implement exponential backoff in your code

Pro Tip: Monitor your usage in real-time from your API Dashboard to avoid hitting rate limits unexpectedly.

Code Examples

cURL Examples

Quick Security Scan:

curl -X POST https://7azzani.com/api/scans/quick_scan/ \
     -H "Authorization: Bearer 7AZ_YOUR_API_KEY" \
     -H "Content-Type: application/json" \
     -d '{"url": "https://example.com"}'

Check Scan Status:

curl -H "Authorization: Bearer 7AZ_YOUR_API_KEY" \
     https://7azzani.com/api/scans/{scan_id}/status/

Python Example

import requests
import time

API_KEY = "7AZ_YOUR_API_KEY"
BASE_URL = "https://7azzani.com/api"

headers = {
    "Authorization": f"Bearer {API_KEY}",
    "Content-Type": "application/json"
}

# Start a security scan
response = requests.post(
    f"{BASE_URL}/scans/quick_scan/",
    headers=headers,
    json={"url": "https://example.com"}
)

if response.status_code == 201:
    scan = response.json()
    scan_id = scan["scan_id"]
    print(f"Scan started: {scan_id}")
    
    # Poll for completion
    while True:
        status = requests.get(
            f"{BASE_URL}/scans/{scan_id}/status/",
            headers=headers
        ).json()
        
        if status["completed"]:
            # Get the report
            report = requests.get(
                f"{BASE_URL}/scans/{scan_id}/report/",
                headers=headers
            ).json()
            print(f"Scan complete!")
            print(f"Vulnerabilities found: {report['total_issues']}")
            break
        
        print(f"Status: {status['status']}...")
        time.sleep(5)
else:
    print(f"Error: {response.status_code}")
    print(response.json())

JavaScript/Node.js Example

const API_KEY = '7AZ_YOUR_API_KEY';
const BASE_URL = 'https://7azzani.com/api';

async function runSecurityScan(url) {
    // Start scan
    const scanResponse = await fetch(`${BASE_URL}/scans/quick_scan/`, {
        method: 'POST',
        headers: {
            'Authorization': `Bearer ${API_KEY}`,
            'Content-Type': 'application/json'
        },
        body: JSON.stringify({ url })
    });
    
    if (!scanResponse.ok) {
        throw new Error(`HTTP error! status: ${scanResponse.status}`);
    }
    
    const { scan_id } = await scanResponse.json();
    console.log(`Scan started: ${scan_id}`);
    
    // Poll for completion
    while (true) {
        const statusResponse = await fetch(
            `${BASE_URL}/scans/${scan_id}/status/`,
            {
                headers: {
                    'Authorization': `Bearer ${API_KEY}`
                }
            }
        );
        
        const status = await statusResponse.json();
        
        if (status.completed) {
            // Get report
            const reportResponse = await fetch(
                `${BASE_URL}/scans/${scan_id}/report/`,
                {
                    headers: {
                        'Authorization': `Bearer ${API_KEY}`
                    }
                }
            );
            
            const report = await reportResponse.json();
            console.log('Scan complete!');
            console.log(`Vulnerabilities: ${report.total_issues}`);
            return report;
        }
        
        console.log(`Status: ${status.status}...`);
        await new Promise(resolve => setTimeout(resolve, 5000));
    }
}

// Usage
runSecurityScan('https://example.com')
    .then(report => console.log(report))
    .catch(error => console.error(error));

PHP Example

<?php
$apiKey = '7AZ_YOUR_API_KEY';
$baseUrl = 'https://7azzani.com/api';

function runSecurityScan($url) {
    global $apiKey, $baseUrl;
    
    // Start scan
    $ch = curl_init("$baseUrl/scans/quick_scan/");
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode(['url' => $url]));
    curl_setopt($ch, CURLOPT_HTTPHEADER, [
        "Authorization: Bearer $apiKey",
        'Content-Type: application/json'
    ]);
    
    $response = curl_exec($ch);
    $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    curl_close($ch);
    
    if ($httpCode !== 201) {
        throw new Exception("Failed to start scan: $response");
    }
    
    $scan = json_decode($response, true);
    $scanId = $scan['scan_id'];
    echo "Scan started: $scanId\n";
    
    // Poll for completion
    while (true) {
        $ch = curl_init("$baseUrl/scans/$scanId/status/");
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_HTTPHEADER, [
            "Authorization: Bearer $apiKey"
        ]);
        
        $response = curl_exec($ch);
        curl_close($ch);
        
        $status = json_decode($response, true);
        
        if ($status['completed']) {
            // Get report
            $ch = curl_init("$baseUrl/scans/$scanId/report/");
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
            curl_setopt($ch, CURLOPT_HTTPHEADER, [
                "Authorization: Bearer $apiKey"
            ]);
            
            $response = curl_exec($ch);
            curl_close($ch);
            
            $report = json_decode($response, true);
            echo "Scan complete!\n";
            echo "Vulnerabilities: {$report['total_issues']}\n";
            return $report;
        }
        
        echo "Status: {$status['status']}...\n";
        sleep(5);
    }
}

// Usage
try {
    $report = runSecurityScan('https://example.com');
    print_r($report);
} catch (Exception $e) {
    echo "Error: " . $e->getMessage() . "\n";
}
?>

Developer Guide

SDK Examples

Ready-to-use code snippets for popular languages:

# Install: pip install requests

import requests

API_KEY = "7AZ_your_api_key_here"
BASE_URL = "https://7azzani.com"

headers = {
    "Authorization": f"Bearer {API_KEY}",
    "Content-Type": "application/json"
}

# Security Scan
def run_security_scan(url):
    response = requests.post(
        f"{BASE_URL}/api/scans/quick_scan/",
        headers=headers,
        json={"url": url, "scan_type": "quick"}
    )
    return response.json()

# URL Shortener
def shorten_url(long_url):
    response = requests.post(
        f"{BASE_URL}/shrinkit/api/shorten/",
        headers=headers,
        json={"url": long_url}
    )
    return response.json()

# Domain Lookup
def lookup_domain(domain):
    response = requests.post(
        f"{BASE_URL}/lookup/api/lookup/",
        headers=headers,
        json={"domain": domain, "lookup_type": "all"}
    )
    return response.json()

# Usage example
result = run_security_scan("https://example.com")
print(f"Scan ID: {result['scan_id']}")

// Node.js or Browser with fetch

const API_KEY = '7AZ_your_api_key_here';
const BASE_URL = 'https://7azzani.com';

const headers = {
  'Authorization': `Bearer ${API_KEY}`,
  'Content-Type': 'application/json'
};

// Security Scan
async function runSecurityScan(url) {
  const response = await fetch(`${BASE_URL}/api/scans/quick_scan/`, {
    method: 'POST',
    headers,
    body: JSON.stringify({ url, scan_type: 'quick' })
  });
  return response.json();
}

// URL Shortener
async function shortenUrl(longUrl) {
  const response = await fetch(`${BASE_URL}/shrinkit/api/shorten/`, {
    method: 'POST',
    headers,
    body: JSON.stringify({ url: longUrl })
  });
  return response.json();
}

// Domain Lookup
async function lookupDomain(domain) {
  const response = await fetch(`${BASE_URL}/lookup/api/lookup/`, {
    method: 'POST',
    headers,
    body: JSON.stringify({ domain, lookup_type: 'all' })
  });
  return response.json();
}

// Usage example
runSecurityScan('https://example.com')
  .then(result => console.log('Scan ID:', result.scan_id));

<?php

$api_key = '7AZ_your_api_key_here';
$base_url = 'https://7azzani.com';

function makeRequest($endpoint, $data = null, $method = 'POST') {
    global $api_key, $base_url;
    
    $ch = curl_init($base_url . $endpoint);
    
    $headers = [
        'Authorization: Bearer ' . $api_key,
        'Content-Type: application/json'
    ];
    
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    
    if ($method === 'POST' && $data) {
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
    }
    
    $response = curl_exec($ch);
    curl_close($ch);
    
    return json_decode($response, true);
}

// Security Scan
function runSecurityScan($url) {
    return makeRequest('/api/scans/quick_scan/', [
        'url' => $url,
        'scan_type' => 'quick'
    ]);
}

// URL Shortener
function shortenUrl($longUrl) {
    return makeRequest('/shrinkit/api/shorten/', [
        'url' => $longUrl
    ]);
}

// Usage example
$result = runSecurityScan('https://example.com');
echo "Scan ID: " . $result['scan_id'];
?>

# Set your API key
API_KEY="7AZ_your_api_key_here"

# Security Scan
curl -X POST "https://7azzani.com/api/scans/quick_scan/" \
  -H "Authorization: Bearer $API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://example.com", "scan_type": "quick"}'

# URL Shortener
curl -X POST "https://7azzani.com/shrinkit/api/shorten/" \
  -H "Authorization: Bearer $API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://example.com/long/url"}'

# Domain Lookup
curl -X POST "https://7azzani.com/lookup/api/lookup/" \
  -H "Authorization: Bearer $API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"domain": "example.com", "lookup_type": "all"}'

# Check Scan Status
curl -X GET "https://7azzani.com/api/scans/{scan_id}/status/" \
  -H "Authorization: Bearer $API_KEY"

Best Practices

Security

• Store API keys in environment variables
• Never expose keys in client-side code
• Use IP restrictions when possible
• Rotate keys periodically

Performance

• Implement request caching
• Use async/await for parallel requests
• Handle rate limits gracefully
• Use polling for long operations

Error Handling

• Always check response status codes
• Implement retry logic with backoff
• Log errors for debugging
• Gracefully handle 429 errors

Polling Pattern

• Start scan/test operation
• Poll status endpoint at intervals
• Use exponential backoff
• Stop when status is "completed"

Handling Rate Limits

Example of implementing retry logic with exponential backoff:

import time
import requests

def make_request_with_retry(url, headers, data, max_retries=3):
    for attempt in range(max_retries):
        response = requests.post(url, headers=headers, json=data)
        
        if response.status_code == 429:
            retry_after = int(response.headers.get('Retry-After', 2 ** attempt))
            print(f"Rate limited. Waiting {retry_after} seconds...")
            time.sleep(retry_after)
            continue
        
        return response
    
    raise Exception("Max retries exceeded")

Frequently Asked Questions

API Terms of Use

Last updated: May 19, 2026

1. Acceptable Use

By using the 7AZZANI API, you agree to:

Only scan websites you own or have explicit permission to test
Not use the API for illegal, harmful, or malicious purposes
Not attempt to disrupt, damage, or gain unauthorized access to our services
Comply with all applicable laws and regulations
Not reverse engineer or attempt to derive the source code of our API

2. Rate Limits & Fair Use

To ensure quality service for all users:

You must respect the global rate limits
Systematic attempts to circumvent rate limits may result in suspension
We reserve the right to throttle or block excessive usage

3. API Key Security

You are responsible for maintaining the security of your API keys:

Keep your API keys confidential and secure
Do not share API keys publicly or commit them to version control
Immediately notify us if you suspect unauthorized use
You are liable for all usage under your API keys
We may revoke compromised keys without notice

4. Data & Privacy

How we handle data:

Scan results are retained for 90 days for your reference
We do not sell or share your scan data with third parties
You retain ownership of your scan targets and results
We may collect anonymized usage statistics for service improvement
Full privacy policy available at 7azzani.com/privacy

5. Service Level & Availability

Our service commitments:

We strive for 99.9% uptime but do not guarantee uninterrupted service
Scheduled maintenance will be announced 24 hours in advance
We are not liable for issues beyond our reasonable control

6. Prohibited Activities

The following activities are strictly prohibited:

Scanning government or military websites without authorization
Testing for vulnerabilities to exploit rather than report
Automated scanning of third-party websites without permission
Using scan results to harm, defame, or harass others
Reselling or redistributing API access
Creating derivative works based on our API

7. Limitation of Liability

THE API IS PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND. IN NO EVENT SHALL 7AZZANI BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES ARISING FROM YOUR USE OF THE API, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

8. Termination

We may terminate or suspend your access:

For violation of these terms
For suspected fraudulent or illegal activity
Upon your request

Upon termination, your API keys will be revoked and you must cease all use of the API.

9. Changes to Terms

We may update these terms at any time. Continued use of the API after changes constitutes acceptance of the new terms. Material changes will be notified via email or dashboard announcement.

Questions?

For questions about these terms or the API, contact us at:

7azzani@proton.me

https://7azzani.com

7AZZANI API Documentation

Overview

Security Scanner

Performance Testing

Web Utilities

Why Choose 7AZZANI API?

Getting Started

API Access is FREE!

Create an Account

New User

Existing User

Generate API Key

Make Your First Request

What You Get

Security Scanner

Speed Test

URL Shortener

Domain Lookup

QR Codes

Analytics

API Endpoints

🛡️ Security Scanner

⚡ Speed Test

🔗 URL Shortener (ShrinkIt)

🌐 Domain Lookup

📱 QR Code Generator

⚠️ Error Responses

Rate Limits & Quotas

Understanding Rate Limits

Rate Limit Headers

Handling Rate Limits

Code Examples

cURL Examples

Python Example

JavaScript/Node.js Example

PHP Example

Developer Guide

SDK Examples

Best Practices

Security

Performance

Error Handling

Polling Pattern

Handling Rate Limits

Frequently Asked Questions

Is the API truly free?

What are the usage limits?

How do I authenticate requests?

How secure is my data?

Can I use this for commercial projects?

How can I contribute?

API Terms of Use

1. Acceptable Use

2. Rate Limits & Fair Use

3. API Key Security

4. Data & Privacy

5. Service Level & Availability

6. Prohibited Activities

7. Limitation of Liability

8. Termination

9. Changes to Terms

Questions?