Request	Value
Method	GET
URL	https://api.metadefender.com/v4/feed/infected/latest

Summary

A feed exposing the latest infected hashes. Sorted chronologically, this feed can expose infected hashes up to 30 days old and is updated continuously. The data is returned in a paginated format of 1000 entries per page, and the last page of the day will contain less than 1000 entries. If querying the current day, the last page will be updated with the latest entries as our servers scan files, and will fill up to 1000 entries. When this happens, the next page needs to be accessed.

This feed is designed to be used as a live blacklist of hashes to be quarantined.

Query params usage is prohibited to licensed users. Free users can access the first 1000 entries of today.

Request

Header Parameters

	Description	Allowed Values	Required
apikey	Gives rights to use the endpoint (API Authentication Mechanisms)	apikey	YES

Query Parameters

	Description	Required	Default	Possible values
?page	Page number, each page consisting of 1000 hashes	NO	1	A positive integer
?date	Date when the hash was last scanned	NO	today	A valid date(max up to 30 days ago) in the format YYYY-MM-DD
?category	File type category. When used, only return hashes of this file type.	NO	-	See: Description of file categories

Response

The response is paginated, 1000 results per page.

HTTP Status Codes

Please refer to Status Codes for more information.

Body

Example of a successful response

{
    "from": "2019-07-01T00:00:00.000Z",
    "to": "2019-07-01T23:59:59.999Z",
	"length": 1000,
    "hashes": [
        {
            "md5": "C5D0065B594A4775E26FA9875B21189F",
            "sha1": "5097848493564423C633F8EB2A30C122E3BF515E",
            "sha256": "78E126DB893190E71CD8E176B76C746E0713C1F26BA91C69EBDC9297D0F61DF8",
            "data_id": "WlRFNE1EVXhPWEl4V21kNU4xUnFOakJOQmtYdlpHR2pMWA",
            "total_avs": 35,
            "total_detected_avs": 6,
            "file_type_category": "E",
            "file_type_extension": "exe",
        },
        {
            "md5": "F30B903B8E68EB22080F89BAD77884DA",
            "sha1": "8CD75118C28D1DF15C397FCAE13426D1D897764A",
            "sha256": "E865BDE3EFB8870FA4F181282FC80E97C9E5E17839983D93FD7062F54CE36197",
            "data_id": "WVRFNE1ERXhNMU14Wm5od1NuRkRTVFJtcnl5dThhcTg3",
            "total_avs": 34,
            "total_detected_avs": 21,
            "file_type_category": "E",
            "file_type_extension": "exe",
        }
        ...
    ]
}

Example of a failed response:

{
    "error": {
        "code": 404008,
        "messages": [
            "The apikey was not found"
        ]
    }
}

Description of response

md5	The hash of the file
sha1	The hash of the file
sha256	The hash of the file
total_avs	The total number of anti-malware engines that scanned this file
total_detected_avs	The total number of anti-malware engines that detected this file as being infected
file_type_category	Category for the file type. Please refer to Description of file categories for more information.
file_type_extension	The extension of the file based on the file type

Errors

Please refer to Errors for more information.

Sample code (NodeJS)

var http = require("https");
 
var options = {
  "method": "GET",
  "hostname": [
    "api",
    "metadefender",
    "com"
  ],
  "path": [
    "v4",
    "feed",
    "infected",
	"latest"
  ],
  "headers": {
    "apikey": process.env.APIKEY
  }
};
 
var req = http.request(options, function (res) {
  var chunks = [];
 
  res.on("data", function (chunk) {
    chunks.push(chunk);
  });
 
  res.on("end", function () {
    var body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});
 
req.end();

Sample code (cURL)

curl -X GET \
  'https://api.metadefender.com/v4/feed/infected/latest?page=1&category=N&date=2019-07-18' \
  -H "apikey: ${APIKEY}"

8.1 Latest infected hashes