Trust Score API

Retrieve the safety scan result for any AWSYS.CO short link

The Trust Score API exposes the URL safety scan result stored on each short link. Links are scanned against Google Safe Browsing and other threat intelligence sources when created. You can also surface this data in your own application to reassure recipients before they click.

The same data powers the link preview page accessible by appending + to any short URL (e.g. awsys.co/abc123+).

Public endpoint — no authentication required. This endpoint is intentionally open so that recipients, browsers, and third-party tools can verify link safety without needing an API key.

Base URL

https://awsys.co

Get Trust Score

GET /api/link-scan/:short

Returns the destination URL, trust score, threat list, and scan metadata for any short link by its short code. No authentication is required.

Path parameters

ParameterDescription
shortThe short code of the link (e.g. abc123). For namespaced links, use only the short portion — not the full path.

Response — 200 OK

{
  "short": "abc123",
  "destination": "https://example.com/landing-page",
  "trustScore": 95,
  "trustStatus": "safe",
  "threats": [],
  "scannedAt": "2026-05-20T08:30:00Z",
  "source": "google_safe_browsing",
  "createdAt": 1748000000000
}
FieldTypeDescription
shortstringThe short code
destinationstringThe destination URL the link resolves to
trustScorenumber | nullSafety score 0–100. null if the link has not been scanned yet.
trustStatusstring | null"safe", "warning", or "unsafe". null if not yet scanned.
threatsstring[]List of detected threat types (empty array if none). Examples: MALWARE, SOCIAL_ENGINEERING.
scannedAtstring | nullISO 8601 timestamp of the last scan, or null if not scanned.
sourcestring | nullThe scanning provider used (e.g. "google_safe_browsing").
createdAtnumber | nullUnix timestamp (ms) when the link was created.

curl example

curl https://awsys.co/api/link-scan/abc123

JavaScript example

const res = await fetch('https://awsys.co/api/link-scan/abc123');
const data = await res.json();

if (data.trustStatus === 'safe') {
  console.log(`Safe link: ${data.destination} (score: ${data.trustScore})`);
} else if (data.trustStatus === 'unsafe') {
  console.warn('Warning: threats detected:', data.threats);
} else {
  console.log('Link not yet scanned');
}

Trust Score Interpretation

Score rangeStatusMeaning
80–100safeNo threats detected — destination is considered safe to visit
40–79warningSome signals of concern — recommend caution
0–39unsafeActive threats detected — do not visit this destination
nullnullLink has not been scanned yet

Error Codes

HTTPDescription
404No link with that short code exists.
500Internal server error while retrieving scan data.