Method: urls.search

Search for URLs matching known threats. Each URL and it's host-suffix and path-prefix expressions (up to a limited depth) are checked. This means that the response may contain URLs that were not included in the request, but are expressions of the requested URLs.

HTTP request

GET https://safebrowsing.googleapis.com/v5alpha1/urls:search

The URL uses gRPC Transcoding syntax.

Query parameters

Parameters
urls[]

string

Required. The URLs to be looked up. Clients MUST NOT send more than 50 URLs.

Request body

The request body must be empty.

Response body

The response returned after searching threats matching the specified URLs.

If nothing is found, the server will return an OK status (HTTP status code 200) with the threats field empty, rather than returning a NOT_FOUND status (HTTP status code 404).

If successful, the response body contains data with the following structure:

JSON representation 
{
  "threats": [
    {
      object (ThreatUrl)
    }
  ],
  "cacheDuration": string
}
Fields
threats[]

object (ThreatUrl)

Unordered list. The unordered list of threat matches found. Each entry contains a URL and the threat types that were found matching that URL. The list size can be greater than the number of URLs in the request as the all expressions of the URL would've been considered.
cacheDuration

string (Duration format)

The client-side cache duration. The client MUST add this duration to the current time to determine the expiration time. The expiration time then applies to every URL queried by the client in the request, regardless of how many URLs are returned in the response. Even if the server returns no matches for a particular URL, this fact MUST also be cached by the client.

If and only if the field threats is empty, the client MAY increase the cacheDuration to determine a new expiration that is later than that specified by the server. In any case, the increased cache duration must not be longer than 24 hours.

Important: the client MUST NOT assume that the server will return the same cache duration for all responses. The server MAY choose different cache durations for different responses depending on the situation.

A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s".

ThreatUrl

A URL matching one or more threats.

JSON representation 
{
  "url": string,
  "threatTypes": [
    enum (ThreatType)
  ]
}
Fields
url

string

The requested URL that was matched by one or more threats.
threatTypes[]

enum (ThreatType)

Unordered list. The unordered list of threat that the URL is classified as.