API Documentation
LastHash API ReferenceScan Websites Programmatically
RESTful API for automated security scanning, report retrieval, and integration with your existing workflows and CI/CD pipelines.
Base URL: https://api.lasthash.com
Authentication
All API requests require authentication using an API key. Include your API key in theAuthorizationheader:
curl -X POST https://api.lasthash.com/api/v1/scan \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"domain": "example.com"}'Get your API key: Navigate to Dashboard → Settings → API Keys. Keep your key secure and never commit it to version control.
API Endpoints
POST
View Details →/api/v1/scanInitiate a security scan for a website
Auth: RequiredRate Limit: 10 requests/minute
GET
View Details →/api/v1/scan/:idRetrieve scan results by scan ID
Auth: RequiredRate Limit: 100 requests/minute
GET
View Details →/api/v1/websitesList all websites in your account
Auth: RequiredRate Limit: 60 requests/minute
POST
View Details →/api/v1/websitesAdd a new website to your account
Auth: RequiredRate Limit: 10 requests/minute
Example Response
All API responses follow a consistent JSON structure:
{
"success": true,
"data": {
"scan_id": "scan_abc123",
"domain": "example.com",
"status": "queued",
"created_at": "2026-03-12T10:30:00Z"
}
}Rate Limits
Free Plan
10 scans/day, 100 API requests/hour
Pro Plan
100 scans/day, 1,000 API requests/hour
Business Plan
Unlimited scans, 10,000 API requests/hour