Adscan renders real adm in a headless browser,
records redirects, runs an NSFW classifier, and gives you a blocklist you can pull into your own stack.
Built for ops and engineering teams running RTB—not a consumer ad product.
# POST /api/scan — async job, poll job id curl -s -X POST "$API_BASE/api/scan" \ -H "Content-Type: application/json" \ -d '{ "dsp": "your_dsp", "creative_id": "cr_123", "adm": "<div>...</div>", "w": 300, "h": 250 }'
Same pipeline your traffic would hit—without waiting for a user complaint to learn the tag was trash.
Follow what the markup actually does, including chained hops. Known bad URL patterns can short-circuit without a full render.
Optional screenshots (stored efficiently) and classifier output so reviewers and machines both have signal.
Export JSON or hit a per-creative check endpoint. Wire it into pre-bid or your own policies.
Team accounts, scan history, and optional API keys when you want the edge locked down.
Three steps from “new tag” to “blocked in prod.”
Your bidder or a sidecar posts markup and metadata. Whitelist skips trusted DSPs; duplicates can short-circuit.
Headless browser work runs in a worker pool. Results land in Postgres with timestamps you can audit.
Pull detail over HTTP, export the blocklist bundle, or let auto-blocklist rules push bad IDs for you.
Everything runs under /api. Machine-readable route list: GET /api. Health checks stay on /api/health.
POST /api/scan — enqueueGET /api/scan/:jobId — pollGET /api/creative/:id — latest resultGET /api/blocklist/export — bundleGET /api/blocklist/check — single lookupThe admin UI on dash.adscan.plus shows curl samples with the right host and optional API key headers.
Integration page →