Malware File Scanner API Documentation
Malware File Scanner API
IPQualityScore's Malware File Scanner API scans files in real-time to detect viruses and malicious files. Accurately detect ransomware, trojans, keyloggers, adware, rootkits, spyware, and all sorts of unwanted software with our live file malware scanning.
Virus File Scanning
Detect viruses and suspicious software with real-time malware file scanning. IPQS's file virus scanning API can accept a file, which is analyzed in a live sandbox environment to identify ransomware, trojans, keyloggers, viruses, and similar malicious files. Retrieve additional details like file size, file type, file hash, etc. through the file scanning API results.
Malware File Scanning API Use Cases
- Scan Email Attachments - Identify suspicious files and risky attachments, using a live scanning approach that can determine email attachment risk and verify if the files are safe to open.
- Filter Message Content - Scan user generated content and live messages for suspicious URLs and files that contain viruses or malware.
- Detect High Risk URLs - Detect suspicious URLs designed to steal credentials or upload malicious files, using our URL scanner API.
- Phishing Detection - Keep your team safe with advanced phishing detection using our live URL scanner service. Enrich risk signals around a URL or domain with live phishing and malware detection.
- Threat Intelligence Enrichment - Full support for detecting rootkits, viruses, phishing, malware, adware, spyware, trojans, worms, keyloggers, ransomware, and even business email compromise (BEC).
File Scanner API Private Key
NOTE: Do not share this key with anyone. It's like a password and can be used to make queries using our API.
Malware File Scanner Request URLs
The URLs below can be used to fetch the result using cURL or another utility in most languages. Please see the usage example at the bottom of the page. Simply replace "TYPE" with the type of scan and provide a URL or file.
The "type" can be populated with "scan" or "lookup". The "lookup" value will only check our database of file scans in the last 24 Hours for the same file, while "scan" executes a full malware file virus scan. Please use the "file" field to submit the file by POST with each API request. You can optionally pass a file URL instead of the entire file, as shown in our example code.
JSON Success Response Example
NOTE: For a description of each field listed above, please consult the response documentation below.
JSON Error Response Examples
Example errors that you may encounter when accessing our API due to an exhausted credit balance or an invalid URL.
Further Details on File Scanning API Results
The following definitions explain each of the malware file scanner API's data points.
| Field | Description | Possible Values |
|---|---|---|
| success | Indicates if the api request was successful | boolean |
| message | potential error message | string |
| file_hash | sha256 of the provided file | string |
| type | Type of scan | string |
| status | Depends on type of scan, possible values include: "completed", "cached", or "pending" | string |
| result | Result of the scan, which lists if any threat engines detected a virus, rootkit, ransomware, keylogger, or similar type of malicious file | json |
| update_url | if the status is pending, request this url to fetch the result | string | request_id | A unique identifier for this request that can be used to lookup the request details or send a postback conversion notice. | string |
| errors | Array of errors which occurred while attempting to process this request. | array of strings |