<< Back to Categories

Getting Started

About the Malware File Scanner API

The IPQS Malware File Scanner API scans files in real time to detect viruses and malicious files. Accurately detect ransomware, trojans, keyloggers, adware, rootkits, spyware, and unwanted software with our live file malware scanning.

You can test out the IPQS malicious file scanner using our free tool.

Note: The Malware File Scanner API uses 10 credits per request.

Virus File Scanning

Detect viruses and suspicious software with real-time malware file scanning. IPQS's file virus scanning API can accept a file that is then analyzed in a live sandbox environment to identify ransomware, trojans, keyloggers, viruses, and similar malicious files. Retrieve additional details like file size, type, hash, and more through the file scanning API results.

Malware File Scanner API Use Cases

Scan Email Attachments: Identify suspicious files and risky attachments using a live scanning approach that can determine the risk of email attachments and verify whether the files are safe to open.
Filter Message Content: Scan user-generated content and live messages for suspicious URLs and files containing viruses or malware.
Detect High-Risk URLs: Detect suspicious URLs designed to steal credentials or upload malicious files using our URL scanner API.
Phishing Detection: Keep your team safe with advanced phishing detection using our live URL scanner service. Enrich risk signals around a URL or domain with live phishing and malware detection.
Threat Intelligence Enrichment: Full support for detecting rootkits, viruses, phishing, malware, adware, spyware, trojans, worms, keyloggers, ransomware, and even business email compromise (BEC).

API Request URLs

You can use the following URLs to submit files to the Malware Scanner API using cURL or another utility in most languages.

Replace TYPE with the URL or file to scan. The type can be populated with scan or lookup. lookup will only check our database of file scans in the last 24 Hours for the same file, while scan executes a full malware file virus scan. Use the file field to submit the file by POST with each API request. You can optionally pass a file URL instead of the entire file, as shown in the example code.

JSON

XML

Response Examples

Success Response

This is an example success response in JSON format. Responses are also available in XML format. Details about each of these variables can be found in Response Parameters.

{
    "success": true,
    "message": "Success",
    "file_hash": "e53c379d95e95706c5a2c4d6cd609857368a3bf14f28d7e67f6e3f8dfce6d486",
    "type": "scan",
    "status": "completed",
    "result": [
        {
            "name": "IPQS Threat Defender",
            "detected": false,
            "error": false
        },
        {
            "name": "IPQS Emerging Threats",
            "detected": true,
            "error": false
        },
        {
            "name": "IPQS Foreign Entity Checker",
            "detected": false,
            "error": false
        },
        {
            "name": "IPQS Byte Checks",
            "detected": false,
            "error": false
        },
        {
            "name": "IPQS Malicous Network Activity",
            "detected": false,
            "error": false
        },
        {
            "name": "IPQS Internet Security Suite",
            "detected": false,
            "error": false
        },
        {
            "name": "IPQS Malicious Code Scanner",
            "detected": false,
            "error": false
        }
    ],
    "update_url": "https://ipqualityscore.com/api/json/postback/YOUR_API_KEY_HERE?request_id=H7snPYbZrb",
    "request_id": "H7snPYbZrb"
}

Error Response

Example errors that you may encounter when accessing our API due to an exhausted credit balance or an invalid request. Details about each of these variables can be found in Response Parameters.

{
	"success":false,
	"message":"You have insufficient credits to make this query. Please contact IPQualityScore support if this error persists.",
	"request_id":"4OTORR352FU0p"
}

Next Steps

Learn more about each of the variables included in the responses you receive.

EXAMPLE CODE

PHP
PYTHON

    <?php
// Your API Key
$key = 'YOUR_API_KEY_HERE';

// Type of API request (scan or lookup)
$type = 'scan';

// Create API URL
$url = sprintf(
	'https://www.ipqualityscore.com/api/json/malware/%s/%s',
	$type,
	$key
);

// The file you want to scan
$file_to_scan = 'eicar.com';

// Fetch The Result
$timeout = 5;

$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($curl, CURLOPT_POSTFIELDS, [
    'file' => new CURLFile($file_to_scan),
]);
$json = curl_exec($curl);
curl_close($curl);

// Decode the result into an array.
$result = json_decode($json, true);

// Check to see if our query was successful.
if(isset($result['success']) && $result['success'] === true){
    return $result;
}

import requests
import json
import time
def HandleResult(data):
    if data.status_code != 200:
        raise Exception("Error: " + str(data.status_code))
    data = json.loads(data.text)
    if data["status"] != "pending":
        return data["result"]
    while True:
        time.sleep(1)
        data = requests.post(data["update_url"])
        return HandleResult(data)

def ScanUrl(apikey,url):
    data = requests.post("https://ipqualityscore.com/api/json/malware/scan/" + apikey, data = {'url': url})
    return HandleResult(data)
def ScanFile(apikey,file):
    data = requests.post("https://ipqualityscore.com/api/json/malware/scan/" + apikey, files = {'file': open(file,"rb")})
    return HandleResult(data)

print(ScanUrl("YOUR_API_KEY_HERE","https://secure.eicar.org/eicar.com"))
print(ScanFile("YOUR_API_KEY_HERE","eicar.com"))

Ready to eliminate fraud?

Start fighting fraud now with 5,000 Free Lookups!

We're happy to answer any questions or concerns.

Chat with our fraud detection experts any day of the week.

Call us at: (800) 713-2618

Schedule a Demo Sign Up