🚧
Special privileges required
Vulnerability Intelligence is only available to users with the Google Threat Intelligence (Google TI) Enterprise or Enterprise Plus licenses.

Use this endpoint to check subscription preferences on a certain Vulnerability:

{
    "links":
    {
        "self": "<_string_> subscription URL"
    },
    "meta":
    {
        "count": "<_boolean_> 0 if subscription is not active, 1 if subscription is active"
    },
    "data":
    {
        "id": "<_string_> subscription identifier",
        "type": "subscription_preferences",
        "attributes":
        {
            "last_modification_date": "<_integer_> subscription last modification date (UTC timestamp)",
            "creation_date": "<_integer_> subscription creation date (UTC timestamp)",
            "notification_emails": "<_list of strings_> list of email addresses where notifications are sent. An empty list means that email notifications are not enabled, and only IoC Stream notifications are generated",
            "daily_email": "<_boolean_> whether email notifications are sent by IoC or as a daily digest"
        }
    }
}

Examples

Check subscription preferences for the Vulnerability with vulnerability--cve-2025-53164 identifier.

import requests

object_id = "vulnerability--cve-2025-53164"
url = f"https://www.virustotal.com/api/v3/collections/{object_id}/subscription_preferences"
headers = {
    "accept": "application/json","x-apikey": <api-key>
}
response = requests.get(url, headers=headers)