URLhaus Has a Free API — Check If Any URL Is Serving Malware

The Story A client asked me to verify 500 URLs they collected from web scraping. Some looked suspicious. Clicking them manually? Terrible idea. VirusTotal has a 4/min rate limit. I needed something faster. URLhaus by abuse.ch processes 300K+ malicious URLs and has a free API with no rate limits . The API # Check a single URL curl -s -X POST "https://urlhaus-api.abuse.ch/v1/url/" \ -d "url=http://example-malware-site.com/payload.exe" # Search by host curl -s -X POST "https://urlhaus-api.abuse.ch/v1/host/" \ -d "host=example-malware-site.com" # Get recent malware URLs (last 3 hours) curl -s "https://urlhaus-api.abuse.ch/v1/urls/recent/" | python3 -c "import sys,json; d=json.load(sys.stdin); print(f'Recent URLs: {len(d[ \" urls \" ])}')" What You Get For each URL: Threat type (malware download, phishing, C2 server) Status (online, offline, unknown) Tags (emotet, qakbot, cobalt strike, etc.) First seen / Last seen dates Reporter who submitted it Blacklist status across multiple feeds Pract