diff --git a/README.md b/README.md
index dcba72a47..7f5bf79ea 100644
--- a/README.md
+++ b/README.md
@@ -93,8 +93,8 @@ For more information: [Extending MISP with Python modules](https://www.misp-proj
 * [urlhaus](misp_modules/modules/expansion/urlhaus.py) - Query urlhaus to get additional data about a domain, hash, hostname, ip or url.
 * [urlscan](misp_modules/modules/expansion/urlscan.py) - an expansion module to query [urlscan.io](https://urlscan.io).
 * [variotdbs](misp_modules/modules/expansion/variotdbs.py) - an expansion module to query the [VARIoT db](https://www.variotdbs.pl) API to get more information about a Vulnerability
-* [virustotal](misp_modules/modules/expansion/virustotal.py) - an expansion module to query the [VirusTotal](https://www.virustotal.com/gui/home) API with a high request rate limit required. (More details about the API: [here](https://developers.virustotal.com/reference))
-* [virustotal_public](misp_modules/modules/expansion/virustotal_public.py) - an expansion module to query the [VirusTotal](https://www.virustotal.com/gui/home) API with a public key and a low request rate limit. (More details about the API: [here](https://developers.virustotal.com/reference))
+* [virustotal](misp_modules/modules/expansion/virustotal.py) - an expansion module to query the [VirusTotal](https://www.virustotal.com/gui/home) API with a high request rate limit required. (More details about the API: [here](https://docs.virustotal.com/reference/overview))
+* [virustotal_public](misp_modules/modules/expansion/virustotal_public.py) - an expansion module to query the [VirusTotal](https://www.virustotal.com/gui/home) API with a public key and a low request rate limit. (More details about the API: [here](https://docs.virustotal.com/reference/overview))
 * [VMray](misp_modules/modules/expansion/vmray_submit.py) - a module to submit a sample to VMray.
 * [VMware NSX](misp_modules/modules/expansion/vmware_nsx.py) - a module to enrich a file or URL with VMware NSX Defender.
 * [VulnDB](misp_modules/modules/expansion/vulndb.py) - a module to query [VulnDB](https://www.riskbasedsecurity.com/).
diff --git a/docs/index.md b/docs/index.md
index e6cd3c7b1..229288c1a 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -72,8 +72,8 @@ For more information: [Extending MISP with Python modules](https://www.circl.lu/
 * [threatminer](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/threatminer.py) - an expansion module to expand from [ThreatMiner](https://www.threatminer.org/).
 * [urlhaus](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/urlhaus.py) - Query urlhaus to get additional data about a domain, hash, hostname, ip or url.
 * [urlscan](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/urlscan.py) - an expansion module to query [urlscan.io](https://urlscan.io).
-* [virustotal](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/virustotal.py) - an expansion module to query the [VirusTotal](https://www.virustotal.com/gui/home) API with a high request rate limit required. (More details about the API: [here](https://developers.virustotal.com/reference))
-* [virustotal_public](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/virustotal_public.py) - an expansion module to query the [VirusTotal](https://www.virustotal.com/gui/home) API with a public key and a low request rate limit. (More details about the API: [here](https://developers.virustotal.com/reference))
+* [virustotal](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/virustotal.py) - an expansion module to query the [VirusTotal](https://www.virustotal.com/gui/home) API with a high request rate limit required. (More details about the API: [here](https://docs.virustotal.com/reference/overview))
+* [virustotal_public](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/virustotal_public.py) - an expansion module to query the [VirusTotal](https://www.virustotal.com/gui/home) API with a public key and a low request rate limit. (More details about the API: [here](https://docs.virustotal.com/reference/overview))
 * [VMray](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/vmray_submit.py) - a module to submit a sample to VMray.
 * [VulnDB](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/vulndb.py) - a module to query [VulnDB](https://www.riskbasedsecurity.com/).
 * [Vulners](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/vulners.py) - an expansion module to expand information about CVEs using Vulners API.
diff --git a/documentation/README.md b/documentation/README.md
index b776738c5..890104f6a 100644
--- a/documentation/README.md
+++ b/documentation/README.md
@@ -1829,7 +1829,7 @@ Module to get advanced information from virustotal.
 >MISP attributes and objects resulting from the parsing of the VirusTotal report concerning the input attribute.
 - **references**:
 > - https://www.virustotal.com/
-> - https://developers.virustotal.com/reference
+> - https://docs.virustotal.com/reference/overview
 - **requirements**:
 >An access to the VirusTotal API (apikey), with a high request rate limit.
 
@@ -1854,7 +1854,7 @@ Module to get information from VirusTotal.
 >MISP attributes and objects resulting from the parsing of the VirusTotal report concerning the input attribute.
 - **references**:
 > - https://www.virustotal.com
-> - https://developers.virustotal.com/reference
+> - https://docs.virustotal.com/reference/overview
 - **requirements**:
 >An access to the VirusTotal API (apikey)
 
diff --git a/documentation/mkdocs/expansion.md b/documentation/mkdocs/expansion.md
index 5379c8239..fd053e6d4 100644
--- a/documentation/mkdocs/expansion.md
+++ b/documentation/mkdocs/expansion.md
@@ -1784,7 +1784,7 @@ Module to get advanced information from virustotal.
 >MISP attributes and objects resulting from the parsing of the VirusTotal report concerning the input attribute.
 - **references**:
 > - https://www.virustotal.com/
-> - https://developers.virustotal.com/reference
+> - https://docs.virustotal.com/reference/overview
 - **requirements**:
 >An access to the VirusTotal API (apikey), with a high request rate limit.
 
@@ -1809,7 +1809,7 @@ Module to get information from VirusTotal.
 >MISP attributes and objects resulting from the parsing of the VirusTotal report concerning the input attribute.
 - **references**:
 > - https://www.virustotal.com
-> - https://developers.virustotal.com/reference
+> - https://docs.virustotal.com/reference/overview
 - **requirements**:
 >An access to the VirusTotal API (apikey)
 
diff --git a/documentation/mkdocs/index.md b/documentation/mkdocs/index.md
index e2c5a13f2..ca6179f32 100644
--- a/documentation/mkdocs/index.md
+++ b/documentation/mkdocs/index.md
@@ -70,8 +70,8 @@ For more information: [Extending MISP with Python modules](https://www.circl.lu/
 * [threatminer](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/threatminer.py) - an expansion module to expand from [ThreatMiner](https://www.threatminer.org/).
 * [urlhaus](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/urlhaus.py) - Query urlhaus to get additional data about a domain, hash, hostname, ip or url.
 * [urlscan](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/urlscan.py) - an expansion module to query [urlscan.io](https://urlscan.io).
-* [virustotal](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/virustotal.py) - an expansion module to query the [VirusTotal](https://www.virustotal.com/gui/home) API with a high request rate limit required. (More details about the API: [here](https://developers.virustotal.com/reference))
-* [virustotal_public](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/virustotal_public.py) - an expansion module to query the [VirusTotal](https://www.virustotal.com/gui/home) API with a public key and a low request rate limit. (More details about the API: [here](https://developers.virustotal.com/reference))
+* [virustotal](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/virustotal.py) - an expansion module to query the [VirusTotal](https://www.virustotal.com/gui/home) API with a high request rate limit required. (More details about the API: [here](https://docs.virustotal.com/reference/overview))
+* [virustotal_public](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/virustotal_public.py) - an expansion module to query the [VirusTotal](https://www.virustotal.com/gui/home) API with a public key and a low request rate limit. (More details about the API: [here](https://docs.virustotal.com/reference/overview))
 * [VMray](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/vmray_submit.py) - a module to submit a sample to VMray.
 * [VulnDB](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/vulndb.py) - a module to query [VulnDB](https://www.riskbasedsecurity.com/).
 * [Vulners](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/vulners.py) - an expansion module to expand information about CVEs using Vulners API.
diff --git a/documentation/website/expansion/virustotal.json b/documentation/website/expansion/virustotal.json
index 80378a08e..1900fd52f 100644
--- a/documentation/website/expansion/virustotal.json
+++ b/documentation/website/expansion/virustotal.json
@@ -8,7 +8,7 @@
     "output": "MISP attributes and objects resulting from the parsing of the VirusTotal report concerning the input attribute.",
     "references": [
         "https://www.virustotal.com/",
-        "https://developers.virustotal.com/reference"
+        "https://docs.virustotal.com/reference/overview"
     ],
     "features": "New format of modules able to return attributes and objects.\n\nA module to take a MISP attribute as input and query the VirusTotal API to get additional data about it.\n\nCompared to the [standard VirusTotal expansion module](https://github.com/MISP/misp-modules/blob/main/misp_modules/modules/expansion/virustotal_public.py), this module is made for advanced parsing of VirusTotal report, with a recursive analysis of the elements found after the first request.\n\nThus, it requires a higher request rate limit to avoid the API to return a 204 error (Request rate limit exceeded), and the data parsed from the different requests are returned as MISP attributes and objects, with the corresponding relations between each one of them."
 }
\ No newline at end of file
diff --git a/documentation/website/expansion/virustotal_public.json b/documentation/website/expansion/virustotal_public.json
index 591dfbfac..3a5086cfa 100644
--- a/documentation/website/expansion/virustotal_public.json
+++ b/documentation/website/expansion/virustotal_public.json
@@ -8,7 +8,7 @@
     "output": "MISP attributes and objects resulting from the parsing of the VirusTotal report concerning the input attribute.",
     "references": [
         "https://www.virustotal.com",
-        "https://developers.virustotal.com/reference"
+        "https://docs.virustotal.com/reference/overview"
     ],
     "features": "New format of modules able to return attributes and objects.\n\nA module to take a MISP attribute as input and query the VirusTotal API to get additional data about it.\n\nCompared to the [more advanced VirusTotal expansion module](https://github.com/MISP/misp-modules/blob/main/misp_modules/modules/expansion/virustotal.py), this module is made for VirusTotal users who have a low request rate limit.\n\nThus, it only queries the API once and returns the results that is parsed into MISP attributes and objects."
 }
\ No newline at end of file
diff --git a/misp_modules/lib/vt_graph_parser/helpers/rules.py b/misp_modules/lib/vt_graph_parser/helpers/rules.py
index e3ed7f830..92ad5d24b 100644
--- a/misp_modules/lib/vt_graph_parser/helpers/rules.py
+++ b/misp_modules/lib/vt_graph_parser/helpers/rules.py
@@ -4,10 +4,10 @@
 between them using VirusTotal relationship. Check all available relationship
 here:
 
-- File: https://developers.virustotal.com/v3/reference/#files-relationships
-- URL: https://developers.virustotal.com/v3/reference/#urls-relationships
-- Domain: https://developers.virustotal.com/v3/reference/#domains-relationships
-- IP: https://developers.virustotal.com/v3/reference/#ip-relationships
+- File: https://docs.virustotal.com/reference/files#relationships
+- URL: https://docs.virustotal.com/reference/url-object#relationships
+- Domain: https://docs.virustotal.com/reference/domains-object#relationships
+- IP: https://docs.virustotal.com/reference/ip-object#relationships
 """