get https://www.virustotal.com/api/v3/collections//subscription_preferences
Special privileges required
Vulnerability Intelligence is only available to users with the Google Threat Intelligence (Google TI) Enterprise or Enterprise Plus licenses.
Use this endpoint to check subscription preferences on a certain Vulnerability:
{
"links":
{
"self": "<_string_> subscription URL"
},
"meta":
{
"count": "<_boolean_> 0 if subscription is not active, 1 if subscription is active"
},
"data":
{
"id": "<_string_> subscription identifier",
"type": "subscription_preferences",
"attributes":
{
"last_modification_date": "<_integer_> subscription last modification date (UTC timestamp)",
"creation_date": "<_integer_> subscription creation date (UTC timestamp)",
"notification_emails": "<_list of strings_> list of email addresses where notifications are sent. An empty list means that email notifications are not enabled, and only IoC Stream notifications are generated",
"daily_email": "<_boolean_> whether email notifications are sent by IoC or as a daily digest"
}
}
}
Examples
Check subscription preferences for the Vulnerability with vulnerability--cve-2025-53164 identifier.
import requests
object_id = "vulnerability--cve-2025-53164"
url = f"https://www.virustotal.com/api/v3/collections/{object_id}/subscription_preferences"
headers = {
"accept": "application/json","x-apikey": <api-key>
}
response = requests.get(url, headers=headers)