The URL scanner API is a tool that scans web pages on the fly for malware, phishing, and spam links. The API also offers other data points such as a website’s reputation score.

Use this information to make informed decisions about which URLs and domains you should block. For example, a domain with a Risk Score > 85 indicates that there is a high probability of confirmed phishing or malware activity. You can identify this by the “suspicious” data point in a scan or by looking at the overall Risk Score confidence level (confidence level 100 means 100% confirmed activity).

Enhancing Online Security: How to Leverage URL Scanner APIs for Threat Detection

If you want to block all sites that have potentially dangerous PII, set overrideSafety = False. However, this may slow down the API response time and is not recommended unless you are sure that your system is well protected. You can use the Result API endpoint with the unique scan UUID to poll for the scanning result, screenshot, and DOM snapshot. The Result API will return an HTTP 404 status code if the scan is still in progress. We recommend that you use work queues with exponential backoffs and limit concurrency for API actions such as searches, submissions, DOM downloads, etc.

Integrating URL scanning with Email Security can detect malicious links in incoming emails. To enable this functionality, select the URL scanning filter type in the Main > Policy Management > Filters > Add or Edit Filter page. The filter checks a list of URL categories for malicious content and applies any configured email responses.