Bot-Detect API

Verify whether an IP + User-Agent truly belong to Googlebot, Bingbot, OpenAI SearchBot, Yahoo, Seznam, Meta (Facebook), Qwant, DuckDuckGo, and other major crawlers.

API FAQ
Get API Key Buy Credits
What you can do
7 search-bot vendors

Google, Bing, OpenAI, Yandex, DuckDuckGo, Qwant & Seznam.

CIDR-based IP check

Vendor IPv4 / IPv6 ranges pulled & cached every 12 h.

Flood-vs-Bot check

Pinpoints whether a request is a legit crawler or a flood / scraper.

Try Live
99.9 % Uptime
328.2ms Response
20 req/s
0.003 Credits / request

Auto Detect – Which crawler is it? 

POST https://api.yeb.to/v1/bot/detect/detect
Parameter Type Required Description
api_keystringyesYour API key
ipstringyesIPv4 / IPv6 to verify (defaults to caller IP)
uastringoptUser-Agent header (defaults to caller UA)

Example

curl -X POST https://api.yeb.to/v1/bot/detect/detect \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"66.249.66.1","ua":"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"}'

Response Example

{
  "result": { "vendor": "google", "ip_match": true }
}
{
  "error": "Unknown action 'foo'",
  "code": 422
}

Response Codes

CodeDescription
200 SuccessRequest processed OK.
400 Bad RequestInput validation failed.
401 UnauthorizedMissing / wrong API key.
403 ForbiddenKey inactive or not allowed.
429 Rate LimitToo many requests.
500 Server ErrorUnexpected failure.

Check Googlebot 

POST https://api.yeb.to/v1/bot/detect/google
ParameterTypeRequiredDescription
api_keystringyesYour API key
ipstringyesIP to verify
uastringoptUser-Agent header

Example

curl -X POST https://api.yeb.to/v1/bot/detect/google \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"66.249.66.1","ua":"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"}'

Response

{
  "result": { "vendor": "google", "ip_match": true }
}
{
  "result": { "vendor": "google", "ip_match": false }
}

Response Codes

CodeDescription
200 SuccessRequest processed OK.
400 Bad RequestInput validation failed.
401 UnauthorizedMissing / wrong API key.
403 ForbiddenKey inactive or not allowed.
429 Rate LimitToo many requests.
500 Server ErrorUnexpected failure.

Check Bingbot 

POST https://api.yeb.to/v1/bot/detect/bing
ParameterTypeRequiredDescription
api_keystringyesYour API key
ipstringyesIP to verify
uastringoptUser-Agent header

Example

curl -X POST https://api.yeb.to/v1/bot/detect/bing \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"157.55.39.250","ua":"Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"}'

Response

{
  "result": { "vendor": "bing", "ip_match": true }
}
{
  "result": { "vendor": "bing", "ip_match": false }
}

Response Codes

CodeDescription
200 SuccessRequest processed OK.
400 Bad RequestInput validation failed.
401 UnauthorizedMissing / wrong API key.
403 ForbiddenKey inactive or not allowed.
429 Rate LimitToo many requests.
500 Server ErrorUnexpected failure.

Check OpenAI Search Bot 

POST https://api.yeb.to/v1/bot/detect/openai
ParameterTypeRequiredDescription
api_keystringyesYour API key
ipstringyesIP to verify
uastringoptUser-Agent header

Example

curl -X POST https://api.yeb.to/v1/bot/detect/openai \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"20.15.240.186","ua":"Mozilla/5.0 (compatible; ChatGPT-User/1.0; +https://openai.com/bot)"}'

Response

{
  "result": { "vendor": "openai", "ip_match": true }
}
{
  "result": { "vendor": "openai", "ip_match": false }
}

Response Codes

CodeDescription
200 SuccessRequest processed OK.
400 Bad RequestInput validation failed.
401 UnauthorizedMissing / wrong API key.
403 ForbiddenKey inactive or not allowed.
429 Rate LimitToo many requests.
500 Server ErrorUnexpected failure.

Check YandexBot 

POST https://api.yeb.to/v1/bot/detect/yandex
ParameterTypeRequiredDescription
api_keystringyesYour API key
ipstringyesIP to verify
uastringoptUser-Agent header

Example

curl -X POST https://api.yeb.to/v1/bot/detect/yandex \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"5.45.207.1","ua":"Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)"}'

Response

{
  "result": { "vendor": "yandex", "ip_match": true }
}
{
  "result": { "vendor": "yandex", "ip_match": false }
}

Response Codes

CodeDescription
200 SuccessRequest processed OK.
400 Bad RequestInput validation failed.
401 UnauthorizedMissing / wrong API key.
403 ForbiddenKey inactive or not allowed.
429 Rate LimitToo many requests.
500 Server ErrorUnexpected failure.

Check DuckDuckBot 

POST https://api.yeb.to/v1/bot/detect/duck
ParameterTypeRequiredDescription
api_keystringyesYour API key
ipstringyesIP to verify
uastringoptUser-Agent header

Example

curl -X POST https://api.yeb.to/v1/bot/detect/duck \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"20.191.45.1","ua":"DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)"}'

Response

{
  "result": { "vendor": "duck", "ip_match": true }
}
{
  "result": { "vendor": "duck", "ip_match": false }
}

Response Codes

CodeDescription
200 SuccessRequest processed OK.
400 Bad RequestInput validation failed.
401 UnauthorizedMissing / wrong API key.
403 ForbiddenKey inactive or not allowed.
429 Rate LimitToo many requests.
500 Server ErrorUnexpected failure.

Check QwantBot 

POST https://api.yeb.to/v1/bot/detect/qwant
ParameterTypeRequiredDescription
api_keystringyesYour API key
ipstringyesIP to verify
uastringoptUser-Agent header

Example

curl -X POST https://api.yeb.to/v1/bot/detect/qwant \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"51.158.38.1","ua":"Mozilla/5.0 (compatible; QwantBot/2.1; +https://help.qwant.com/bot)"}'

Response

{
  "result": { "vendor": "qwant", "ip_match": true }
}
{
  "result": { "vendor": "qwant", "ip_match": false }
}

Response Codes

CodeDescription
200 SuccessRequest processed OK.
400 Bad RequestInput validation failed.
401 UnauthorizedMissing / wrong API key.
403 ForbiddenKey inactive or not allowed.
429 Rate LimitToo many requests.
500 Server ErrorUnexpected failure.

Check SeznamBot 

POST https://api.yeb.to/v1/bot/detect/seznam
ParameterTypeRequiredDescription
api_keystringyesYour API key
ipstringyesIP to verify
uastringoptUser-Agent header

Example

curl -X POST https://api.yeb.to/v1/bot/detect/seznam \
  -H "Content-Type: application/json" \
  -d '{"api_key":"YOUR_KEY","ip":"77.75.76.3","ua":"Mozilla/5.0 (compatible; SeznamBot/4.0; +https://napoveda.seznam.cz/cz/search/bot/)"}'

Response

{
  "result": { "vendor": "seznam", "ip_match": true }
}
{
  "result": { "vendor": "seznam", "ip_match": false }
}

Response Codes

CodeDescription
200 SuccessRequest processed OK.
400 Bad RequestInput validation failed.
401 UnauthorizedMissing / wrong API key.
403 ForbiddenKey inactive or not allowed.
429 Rate LimitToo many requests.
500 Server ErrorUnexpected failure.

Frequently Asked Questions

Vendor JSON feeds are cached 12 h; Yandex & Seznam use static official CIDRs.

The real proof is the IP address: a crawler is trusted only when its IP falls inside the official CIDR ranges published by the vendor. The User-Agent can help, but it is easy to spoof; scrapers often copy UA strings while coming from random networks. If the IP isn’t in the vendor range we flag the request, no matter what the UA says.

Yes, both IPv4 and IPv6 networks are fully supported.

Yes. Every request, even those resulting in errors, consumes credits. This is because your credits are tied to the number of requests, regardless of success or failure. If the error is clearly due to a platform problem on our end, we will restore the affected credits (no cash refunds).

Contact us at [email protected]. We take feedback seriously—if your bug report or feature request is meaningful, we can fix or improve the API quickly and grant you 50 free credits as a thank you.

It depends on the API and sometimes even on the endpoint. Some endpoints use data from external sources, which may have stricter limits. We also enforce limits to prevent abuse and keep our platform stable. Check the docs for the specific rate limit for each endpoint.

We operate on a credit system. Credits are prepaid, non-refundable units you spend on API calls and tools. Credits are consumed FIFO (oldest first) and are valid for 12 months from the purchase date. The dashboard shows each purchase date and its expiry.

Yes. All purchased credits (including fractional balances) are valid for 12 months from purchase. Unused credits automatically expire and are permanently deleted at the end of the validity period. Expired credits cannot be restored or converted to cash or other value. Transitional rule: credits bought before 22 Sep 2025 are treated as purchased on 22 Sep 2025 and expire on 22 Sep 2026 (unless an earlier expiry was stated at purchase).

Yes—within their validity window. Unused credits remain available and roll over month-to-month until they expire 12 months after purchase.

Credits are non-refundable. Only buy what you need—you can always top up later. If a platform-side error causes a failed charge, we may restore the affected credits after investigation. No cash refunds.

Prices are set in credits, not dollars. Each endpoint lists its own cost—see the “Credits / request” badge above. You’ll always know exactly what you’re spending.
← Back to APIs