Bot-Detect API

Verify whether an IP + User-Agent truly belong to Googlebot, Bingbot, OpenAI SearchBot and other major crawlers.

API FAQ

Get API Key Buy Credits

What you can do

7 search-bot vendors

Google, Bing, OpenAI, Yandex, DuckDuckGo, Qwant & Seznam.

CIDR-based IP check

Vendor IPv4 / IPv6 ranges pulled & cached every 12 h.

Flood-vs-Bot check

Pinpoints whether a request is a legit crawler or a flood / scraper.

Endpoint:

Try Live

99.9 % Uptime

1.4ms Response

20 req/s

0.003 Credits / request

Auto Detect – Which crawler is it?

POST https://api.yeb.to/v1/bot/detect/detect

Parameter	Type	Required	Description
`api_key`	string	yes	Your API key
`ip`	string	yes	IPv4 / IPv6 to verify (defaults to caller IP)
`ua`	string	opt	User-Agent header (defaults to caller UA)

Example

curl -X POST https://api.yeb.to/v1/bot/detect/detect \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"66.249.66.1","ua":"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"}'

Response Example

{
  "result": { "vendor": "google", "ip_match": true }
}

{
  "error": "Unknown action 'foo'",
  "code": 422
}

Response Codes

Code	Description
200 Success	Request processed OK.
400 Bad Request	Input validation failed.
401 Unauthorized	Missing / wrong API key.
403 Forbidden	Key inactive or not allowed.
429 Rate Limit	Too many requests.
500 Server Error	Unexpected failure.

Check Googlebot

POST https://api.yeb.to/v1/bot/detect/google

Parameter	Type	Required	Description
`api_key`	string	yes	Your API key
`ip`	string	yes	IP to verify
`ua`	string	opt	User-Agent header

Example

curl -X POST https://api.yeb.to/v1/bot/detect/google \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"66.249.66.1","ua":"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"}'

Response

{
  "result": { "vendor": "google", "ip_match": true }
}

{
  "result": { "vendor": "google", "ip_match": false }
}

Response Codes

Code	Description
200 Success	Request processed OK.
400 Bad Request	Input validation failed.
401 Unauthorized	Missing / wrong API key.
403 Forbidden	Key inactive or not allowed.
429 Rate Limit	Too many requests.
500 Server Error	Unexpected failure.

Check Bingbot

POST https://api.yeb.to/v1/bot/detect/bing

Parameter	Type	Required	Description
`api_key`	string	yes	Your API key
`ip`	string	yes	IP to verify
`ua`	string	opt	User-Agent header

Example

curl -X POST https://api.yeb.to/v1/bot/detect/bing \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"157.55.39.250","ua":"Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"}'

Response

{
  "result": { "vendor": "bing", "ip_match": true }
}

{
  "result": { "vendor": "bing", "ip_match": false }
}

Response Codes

Code	Description
200 Success	Request processed OK.
400 Bad Request	Input validation failed.
401 Unauthorized	Missing / wrong API key.
403 Forbidden	Key inactive or not allowed.
429 Rate Limit	Too many requests.
500 Server Error	Unexpected failure.

Check OpenAI Search Bot

POST https://api.yeb.to/v1/bot/detect/openai

Parameter	Type	Required	Description
`api_key`	string	yes	Your API key
`ip`	string	yes	IP to verify
`ua`	string	opt	User-Agent header

Example

curl -X POST https://api.yeb.to/v1/bot/detect/openai \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"20.15.240.186","ua":"Mozilla/5.0 (compatible; ChatGPT-User/1.0; +https://openai.com/bot)"}'

Response

{
  "result": { "vendor": "openai", "ip_match": true }
}

{
  "result": { "vendor": "openai", "ip_match": false }
}

Response Codes

Code	Description
200 Success	Request processed OK.
400 Bad Request	Input validation failed.
401 Unauthorized	Missing / wrong API key.
403 Forbidden	Key inactive or not allowed.
429 Rate Limit	Too many requests.
500 Server Error	Unexpected failure.

Check YandexBot

POST https://api.yeb.to/v1/bot/detect/yandex

Parameter	Type	Required	Description
`api_key`	string	yes	Your API key
`ip`	string	yes	IP to verify
`ua`	string	opt	User-Agent header

Example

curl -X POST https://api.yeb.to/v1/bot/detect/yandex \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"5.45.207.1","ua":"Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)"}'

Response

{
  "result": { "vendor": "yandex", "ip_match": true }
}

{
  "result": { "vendor": "yandex", "ip_match": false }
}

Response Codes

Code	Description
200 Success	Request processed OK.
400 Bad Request	Input validation failed.
401 Unauthorized	Missing / wrong API key.
403 Forbidden	Key inactive or not allowed.
429 Rate Limit	Too many requests.
500 Server Error	Unexpected failure.

Check DuckDuckBot

POST https://api.yeb.to/v1/bot/detect/duck

Parameter	Type	Required	Description
`api_key`	string	yes	Your API key
`ip`	string	yes	IP to verify
`ua`	string	opt	User-Agent header

Example

curl -X POST https://api.yeb.to/v1/bot/detect/duck \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"20.191.45.1","ua":"DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)"}'

Response

{
  "result": { "vendor": "duck", "ip_match": true }
}

{
  "result": { "vendor": "duck", "ip_match": false }
}

Response Codes

Code	Description
200 Success	Request processed OK.
400 Bad Request	Input validation failed.
401 Unauthorized	Missing / wrong API key.
403 Forbidden	Key inactive or not allowed.
429 Rate Limit	Too many requests.
500 Server Error	Unexpected failure.

Check QwantBot

POST https://api.yeb.to/v1/bot/detect/qwant

Parameter	Type	Required	Description
`api_key`	string	yes	Your API key
`ip`	string	yes	IP to verify
`ua`	string	opt	User-Agent header

Example

curl -X POST https://api.yeb.to/v1/bot/detect/qwant \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"51.158.38.1","ua":"Mozilla/5.0 (compatible; QwantBot/2.1; +https://help.qwant.com/bot)"}'

Response

{
  "result": { "vendor": "qwant", "ip_match": true }
}

{
  "result": { "vendor": "qwant", "ip_match": false }
}

Response Codes

Code	Description
200 Success	Request processed OK.
400 Bad Request	Input validation failed.
401 Unauthorized	Missing / wrong API key.
403 Forbidden	Key inactive or not allowed.
429 Rate Limit	Too many requests.
500 Server Error	Unexpected failure.

Check SeznamBot

POST https://api.yeb.to/v1/bot/detect/seznam

Parameter	Type	Required	Description
`api_key`	string	yes	Your API key
`ip`	string	yes	IP to verify
`ua`	string	opt	User-Agent header

Example

curl -X POST https://api.yeb.to/v1/bot/detect/seznam \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"77.75.76.3","ua":"Mozilla/5.0 (compatible; SeznamBot/4.0; +https://napoveda.seznam.cz/cz/search/bot/)"}'

Response

{
  "result": { "vendor": "seznam", "ip_match": true }
}

{
  "result": { "vendor": "seznam", "ip_match": false }
}

Response Codes

Code	Description
200 Success	Request processed OK.
400 Bad Request	Input validation failed.
401 Unauthorized	Missing / wrong API key.
403 Forbidden	Key inactive or not allowed.
429 Rate Limit	Too many requests.
500 Server Error	Unexpected failure.

Frequently Asked Questions

Vendor JSON feeds are cached 12 h; Yandex & Seznam use static official CIDRs.

The real proof is the IP address: a crawler is trusted only when its IP falls inside the official CIDR ranges published by the vendor. The User-Agent can help, but it is easy to spoof; scrapers often copy UA strings while coming from random networks. If the IP isn’t in the vendor range we flag the request, no matter what the UA says.

Yes, both IPv4 and IPv6 networks are fully supported.

Yes. Every request, even those resulting in errors, consumes credits. This is because your credits are strictly tied to the number of requests, regardless of success or failure. However, if the error is clearly due to a platform problem on our end, we’ll recover those credits for you.

Contact us at [email protected]. We take feedback seriously—if your bug report or feature request is meaningful, we can fix or improve the API quickly and grant you 50 free credits as a thank you.

It depends on the API and sometimes even on the endpoint. Some endpoints use data from external sources, which may have stricter limits. We also enforce limits to prevent abuse and keep our platform stable. Check the docs for the specific rate limit for each endpoint.

We operate on a credit system. Buy once—credits never expire. They’re non-refundable units for making API calls (requests). Simple, fair, and you top up only when you need more.

Every HTTP call is one request. Each request consumes a number of credits depending on the endpoint. In most cases, you can make thousands of requests with just one credit—but always check each endpoint for its cost.

Yes. Your credits never expire until you use them, but they are non-refundable.

Credits are non-refundable. Only buy what you need—you can always top-up later. If we screw up and it costs you, we’ll fix it.

Prices are set in credits, not dollars. Each endpoint lists its own cost—see the “Credits / request” badge above. You’ll always know exactly what you’re spending.

← Back to APIs

Get credits to unlock premium content and features

$10

100 credits

Bot-Detect API

What you can do

7 search-bot vendors

CIDR-based IP check

Flood-vs-Bot check

Auto Detect – Which crawler is it?

Example

Response Example

Response Codes

Check Googlebot

Example

Response

Response Codes

Check Bingbot

Example

Response

Response Codes

Check OpenAI Search Bot

Example

Response

Response Codes

Check YandexBot

Example

Response

Response Codes

Check DuckDuckBot

Example

Response

Response Codes

Check QwantBot

Example

Response

Response Codes

Check SeznamBot

Example

Response

Response Codes

Frequently Asked Questions

How fresh are the IP lists?

How realistic is the check?

Does it work for IPv6?

Do requests with errors count and cost credits?

I found a bug or want customizations in the APIs. What do I do?

What is the rate limit?

How does payment and usage work?

What’s the difference between a credit and a request?

Do unused credits roll over?

Do you offer refunds?

How much does each API call cost?