$ man homoglyph-check
/homoglyph-check(1)
PRICE / CALL
$0.003
USDC · base mainnet · scheme: exact
METHOD
POST
CLUSTER
webprobeCATEGORY
utilities
STATUS
● live
NAME
homoglyph-check — homoglyph attack detector / unicode lookalike scanner
SYNOPSIS
POST https://x402.org/v1/homoglyph-check
Content-Type: application/json
X-PAYMENT: <signed-transferWithAuthorization>
{ ... }↳ first call →
402 Payment Required. Sign USDCtransferWithAuthorization, retry with theX-PAYMENT header.DESCRIPTION
Homoglyph attack detector / Unicode lookalike scanner. Detects Cyrillic / Greek / fullwidth / mathematical lookalikes commonly used in phishing (apple.com vs аpple.com). Plus invisible / zero-width / RTL-override characters. Risk score 0-100 + normalized form.
INPUT — request schema
| property | type | description | req? |
|---|---|---|---|
| text | string | Max 10000 chars. | required |
OUTPUT — response shape
| field | type | description |
|---|---|---|
| text | string | Original input string that was scanned for homoglyphs and invisible characters. |
| text_length | number | Character count of the input string. |
| homoglyph_findings | array | Array of detected lookalike characters with position, script (Cyrillic/Greek/etc), and ASCII equivalent. |
| homoglyph_count | number | Total number of homoglyph characters found in the input. |
| invisible_findings | array | Array of zero-width, invisible, or RTL-override characters detected, with positions and codepoints. |
| invisible_count | number | Total number of invisible or zero-width characters found. |
| block_counts | object | Map of Unicode block names to character counts (e.g. Latin, Cyrillic, Greek). |
| has_mixed_scripts | boolean | True if the input mixes multiple writing scripts, a common phishing signal. |
| ascii_only | boolean | True if every character is plain ASCII with no Unicode lookalikes possible. |
| normalized | string | ASCII-folded form of the input with homoglyphs mapped back to their Latin equivalents. |
| is_suspicious | boolean | True if the input shows signs of a homoglyph or invisible-character attack. |
| risk_score | number | Phishing risk score from 0 (safe) to 100 (highly suspicious) based on findings. |
| risk_level | string | Categorical risk bucket such as low, medium, high, or critical. |
EXAMPLES — two ways to call
EXAMPLE 1 · curl
curl -X POST https://x402.org/v1/homoglyph-check \
-H 'Content-Type: application/json' \
-d '{ }'first response =
402 Payment Required with payment requirements; sign + retry with X-PAYMENT.EXAMPLE 2 · mcp
# install once claude mcp add x402 --command "npx x402-deployer-mcp" # then ask Claude Code: # "use the homoglyph-check tool to ..."
MCP server handles payment automatically — your coding agent just calls the tool by name.
METADATA
- tags
- homoglyphunicodephishingsecuritydomainspoofing
- methods
- POST
- cluster
- webprobe
- price
- $0.003 USDC per call
ADJACENT — other endpoints in webprobe
| endpoint | description | price |
|---|---|---|
| jwt-decode | JWT decoder / token inspector / debug tool. | $0.003 |
| url-metadata-extract | URL metadata extractor / OG tags / Open Graph parser / Twitter Card parser / meta tag extractor / link preview / page metadata / favicon… | $0.003 |
| arxiv-bibtex | arXiv to BibTeX / arxiv citation generator / paper bibtex / LaTeX citation builder / academic citation lookup. | $0.002 |
| github-readme | GitHub README fetch / repo readme / open-source-readme-as-markdown / package documentation puller. | $0.002 |
| keyword-suggest | Keyword autocomplete / search suggest / SEO keyword research / query expansion / autocomplete suggestions. | $0.002 |
| qr-code-decode | QR decoder / QR reader / scan QR from URL / QR code OCR / barcode reader / link extraction from QR. | $0.002 |
| disposable-email-check | Disposable email detector / fake email filter / fraud signup defense. | $0.005 |
| domain-availability | Domain availability / RDAP lookup / WHOIS replacement / domain registration checker / expiry date lookup. | $0.005 |
SEE ALSO