How to Scrape DexScreener Pair Security, Honeypot & Rugpull Data in 2026
Pull deep DEX pair safety data DexScreener's public API hides — honeypot, renounced, mint/burn/blacklist, LP locks, holder distribution, CG + CMC metadata. For rugpull detection at scale.
DexScreener’s public REST API gives you price, liquidity and volume — but it deliberately does not expose the data that tells you whether a token is safe to touch. The honeypot check, the contract-audit flags, the LP-lock status, the holder concentration: all of that is rendered into DexScreener’s front end from internal endpoints, not the documented API. This guide is about extracting that frontend-grade safety layer at scale for rugpull and honeypot detection, due diligence and trading-bot pre-trade filters.
What’s worth extracting
This actor’s whole reason to exist is the data the public API omits. Per pair it resolves 40+ fields, the high-value ones being:
- Security audit flags (Quickintel) — honeypot detection, contract verified, ownership renounced, mint capability, burn capability, blacklist/whitelist functions, hidden owner, proxy contract, external-contract and obfuscated-address risk.
- LP lock information — locker name (e.g. UNCX), lock-contract reference and locked percentage of liquidity. Unlocked LP is the single biggest rug vector.
- Holder distribution — total holder count, top-holder concentration, and LP holder counts. One wallet holding 80% is a flashing red light.
- Supply metrics — total, circulating and max supply.
- Authoritative token metadata — pre-cached CoinGecko and CoinMarketCap IDs, categories, tags, websites, social links, launch date and descriptions.
Together these are the inputs to an actual risk score, not the price-chart vanity metrics.
How the data is exposed (and why it’s hard)
The market data lives at the documented API. The safety data lives behind DexScreener’s internal pair-details endpoint — the one the website calls to render the security tab:
GET https://api.dexscreener.com/latest/dex/pairs/{chainId}/{pairAddress} # public: price/liquidity only
internal pair-details endpoint # audit, locks, holders, CG/CMC
The internal endpoint isn’t a documented public API. Hitting it at scale from a datacenter IP with a vanilla HTTP client gets you blocked — it expects browser-grade TLS fingerprints and well-behaved IPs. This actor accesses it using TLS fingerprint rotation and residential proxy IP rotation, which is precisely the infrastructure most people don’t want to build and maintain just to read a honeypot flag.
Rate limits and anti-abuse
Because you’re reading a frontend-grade endpoint rather than the throttled-but-open public API, the constraints are about looking legitimate more than a published quota:
- Datacenter IPs and generic clients get challenged or blocked quickly.
- Sustained bulk reads need residential rotation and fingerprint variety, plus polite pacing per IP.
- HTTP 429 / block responses must trigger backoff and IP rotation, not blind retries.
This is the same anti-bot reality as scraping a defended consumer site, and it’s why a managed scraper that already solves the fingerprint/proxy stack is the practical route.
▶ Run the DexScreener Pair Security Scraper — bulk-audits pairs across Ethereum, BSC, Polygon, Arbitrum, Base, Solana and 30+ chains: honeypot, verified, renounced, mint/burn/blacklist, UNCX LP locks, holder concentration, plus CG + CMC metadata. Residential proxy and TLS rotation included. Pay per row.
Build it yourself vs. use a managed scraper
- Building from scratch — reverse-engineer the internal endpoint, build TLS fingerprint rotation, source and rotate a residential proxy pool, handle blocks and backoff, flatten 40+ nested audit/lock/holder/metadata fields into one row, and re-fix it every time DexScreener changes the internal shape. This is genuinely hard infra, not a weekend script.
- Using a managed actor — feed it a list of pair addresses, get back a flat audit table ready to feed a risk model.
For one token’s audit you can read the website by hand. For bulk screening of hundreds of trending tokens, the fingerprint/proxy infrastructure is the deciding factor.
Schema design for downstream use
A flattened per-pair safety row:
{
"chain": "bsc",
"pair_address": "0x...",
"token_symbol": "SAFEMOONX",
"honeypot": false,
"contract_verified": true,
"ownership_renounced": false,
"can_mint": true,
"can_burn": false,
"has_blacklist": true,
"hidden_owner": false,
"is_proxy": false,
"lp_locked_pct": 0,
"lp_locker": null,
"total_holders": 412,
"top_holder_pct": 71.4,
"total_supply": 1000000000,
"coingecko_id": null,
"coinmarketcap_id": null,
"launch_date": "2026-05-22",
"scraped_at": "2026-05-24T12:00:00Z"
}
Decisions worth making early:
- Keep every audit flag as its own boolean column. A composite “is it safe?” verdict is your business logic; store the raw flags so you can re-weight your risk model without re-scraping.
lp_locked_pctandtop_holder_pctare your two heaviest features. Unlocked liquidity plus concentrated holdings is the canonical rug setup.- Treat missing CG/CMC IDs as a signal. A token with no CoinGecko/CMC presence is younger and riskier by default.
- Stamp
scraped_at. Renounced/locked status changes over a token’s life; safety is point-in-time.
Typical use cases
- Rugpull & honeypot detection systems — bulk-flag risky tokens across trending lists.
- Trading-bot safety filters — a single-pair pre-trade risk check before any swap executes.
- Retail wallet safety apps — show risk indicators to users before they sign a transaction.
- Security-firm bulk audits — intelligence reports on the day’s trending tokens.
- Due-diligence dashboards — pre-investment audit reports for compliance and OTC workflows.
- Anti-scam research / dataset generation — catalog rug patterns to train detection models.
- KYT / KYC enrichment — feed wallet- and transaction-screening platforms with token risk profiles.
- On-chain forensics — correlate wallet activity with token risk posture.
The thread: this is a safety dataset, and its value is in covering many tokens consistently, not in any single lookup.
Cost math for the managed approach
One enriched audit row per pair. Screening, say, the 300 trending tokens on a chain every hour is a few hundred rows per run at a fraction of a cent each — low tens of dollars a month for a continuous safety feed. The alternative isn’t cheaper-DIY, it’s the recurring cost of a residential proxy pool ($300–500/mo for a decent one) plus the engineering to keep fingerprint rotation ahead of DexScreener’s blocks. The managed route folds that into the per-row price.
Common pitfalls
- Audit flags are heuristics, not guarantees. “Not a honeypot” today doesn’t mean a malicious upgrade can’t make it one tomorrow — especially if ownership isn’t renounced and the contract is a proxy.
- Locked LP can still rug. A 100% locked LP with a short lock duration unlocks soon; check the lock terms, not just the percentage.
- Renounced ≠ safe. Ownership can be renounced after a backdoor mint already happened. Read mint/blacklist flags alongside renouncement.
- Holder concentration on fresh tokens. Brand-new tokens always look concentrated; weight concentration against pair age.
- Block/backoff handling. Reading the internal endpoint without residential rotation and backoff gets you blocked mid-run and leaves partial data.
Wrapping up
The safety data that actually matters for DeFi — honeypot, locks, holders, audit flags — sits behind DexScreener’s internal endpoint, not its public API, and reading it at scale requires real anti-bot infrastructure. If you’re building rugpull detection, a bot safety filter or a due-diligence pipeline, run a managed scraper that already carries the TLS-rotation and residential-proxy load and hands you a flat 40-field audit table.
▶ Open the DexScreener Pair Security Scraper on Apify — bulk honeypot, LP-lock and holder audits across 30+ chains, residential-proxy backed. JSON/CSV, pay per row, free monthly credit to start.
Related guides
EU Company Registry Data Export — Germany, France, Netherlands
How to extract company-registry records from Handelsregister, INPI, and KvK in a unified schema — for KYC, B2B lead generation, and compliance workflows.
How to Scrape CoinPaprika Crypto Market Data in 2026
Bulk-fetch the entire crypto market from CoinPaprika in one API call — price, volume, market cap, supply, ATH and 1h/24h/7d/30d momentum for thousands of coins, no API key.
How to Scrape DexScreener Boosted & Promoted Tokens in 2026
Track every boosted/promoted token on DexScreener — boost spend, payment timestamps, order history plus live top-pair price and liquidity. How the promotion endpoints work and why it's memecoin alpha.