DEV Community

Cover image for Discover The Malware & Phishing URL Scanner API
Dakidarts profile image Etuge Anselm
Etuge Anselm for Dakidarts

Posted on

Discover The Malware & Phishing URL Scanner API

#api #rapidapi #dakidarts #cybersecurity

πŸš€ Overview

The Malware & Phishing URL Scanner API helps developers, security platforms, and email providers detect unsafe, suspicious, or malicious URLs.
It combines VirusTotal threat intelligence with local heuristics (WHOIS, SSL validity, domain age, suspicious keywords) to give reliable results.

Malware & Phishing URL Scanner API

πŸ”‘ Authentication

All requests must include your RapidAPI key in the header:

"x-rapidapi-key": "YOUR_RAPIDAPI_KEY"
"x-rapidapi-host": "malware-scanner-api.p.rapidapi.com"
Enter fullscreen mode Exit fullscreen mode

πŸ“‘ Endpoints

1. Scan a URL

Endpoint:

GET /scan
POST /scan
Enter fullscreen mode Exit fullscreen mode

Description:
Analyze a given URL and return its safety status with reasons.

Request Parameters:

Parameter Type Required Description
url string Yes The URL to analyze (must be valid, e.g. https://example.com)

βœ… Example Requests

GET Example

curl -X GET "https://malware-scanner-api.p.rapidapi.com/scan?url=https://example.com" \
  -H "x-rapidapi-key: YOUR_RAPIDAPI_KEY" \
  -H "x-rapidapi-host: malware-scanner-api.p.rapidapi.com"
Enter fullscreen mode Exit fullscreen mode

POST Example

curl -X POST "https://malware-scanner-api.p.rapidapi.com/scan" \
  -H "Content-Type: application/json" \
  -H "x-rapidapi-key: YOUR_RAPIDAPI_KEY" \
  -H "x-rapidapi-host: malware-scanner-api.p.rapidapi.com" \
  -d '{"url": "https://suspicious-login.com"}'
Enter fullscreen mode Exit fullscreen mode

Example Response (Safe URL) 

{
  "success": true,
  "input": "https://google.com",
  "analysis": {
    "status": "safe",
    "reason": "No suspicious indicators found",
    "cached": false
  }
}
Enter fullscreen mode Exit fullscreen mode

Example Response (Suspicious / Malicious URL) 

{
  "success": true,
  "input": "http://suspicious-login.com",
  "analysis": {
    "status": "suspicious",
    "reason": "Flagged suspicious by 3 engines",
    "cached": true
  }
}
Enter fullscreen mode Exit fullscreen mode

⚠️ Error Responses

Status Reason
400 Missing or invalid URL parameter
500 Internal server error (WHOIS / VirusTotal failure)

Example Error

{
  "success": false,
  "error": "Invalid URL format"
}
Enter fullscreen mode Exit fullscreen mode

πŸ›‘οΈ Features

  • VirusTotal Threat Intel β†’ Real-time analysis against 70+ AV engines
  • WHOIS Check β†’ Detect newly registered domains often used in phishing
  • SSL Certificate Check β†’ Identifies invalid/missing SSL
  • Suspicious Keyword Detection β†’ Flags URLs containing risky words (login, bank, secure)

Top comments (0)