Public API
A REST API for programmatic URL scanning and threat intelligence is in private beta. Browsers-first today; machine-first tomorrow.
We're currently testing a public HTTP API with a small group of security-research partners. It mirrors what the URL scanner does on this site — multi-engine antivirus lookup, SSL and WHOIS enrichment, visual page analysis, AI verdict — and returns structured JSON that's easy to integrate into SOC tooling, browser extensions, or automated moderation pipelines.
Planned capabilities
- Single-URL scan — synchronous verdict + full evidence payload. Cache-aware so repeat queries are instant.
- Bulk enqueue — submit up to 10,000 URLs for async scanning with webhooks when each verdict lands.
- Cached lookups — pull the latest public verdict for any host previously scanned by the community without triggering a re-scan.
- Threat-feed streaming — server-sent events of newly-flagged malicious hosts across the whole network.
- Comment & rating endpoints — read community comments and ratings per host.
Access & pricing
During private beta, access is granted case-by-case to non-profit researchers, independent security blogs, and community contributors. Once the API is generally available we plan to keep a generous free tier for personal and research use, with a paid tier for commercial-scale integrations. API usage will never require giving up any user-level data.
Join the waitlist
Interested in early access? Post in the MalwareTips forum with a short note about what you'd build with it. We read every request and usually respond within a week.
In the meantime, the browser-based tools are fully functional and free — start with the URL scanner.