Description	Retrieve scan report by multiple hashes.
URL Path	/hash
Method	POST

Summary

Get a list of available hashes for an API key.
Dues to business stuff, we need to remove scan result of Kaspersky in response json (MCL-3016) (Only applicable for Metascan Online)

HTTP header parameters

apikey

API key assigned by user

OPTIONAL

include_scan_details

include scan details

Value: 0, 1

OPTIONAL

Default: 0

"scan_details" exists in response when "scan_result" = 0|1|2 in response and header "include_scan_details"=1

Method: POST

URL path	/hash	REQUIRED
Body content	{"hash":["hash_value_1","hash_value_2","hash_value_3",..]}

Response Codes

200	OK	Found or Not Found
400	Bad request	Not supported HTTP method or invalid http request .
401	Invalid API key	Either missing API key or invalid api is passed.
403	Signature lookup limit reached, try again later	User exceeds limit
503	Internal server error	Server temporary unavailable. Try again later.

Response

Example of when input body is empty :

{
	"err" : "hashes in body content is null or empty"
}

Example of when input body is wrong format :

{
	"err" : "Could not parse body content."
}

Example of maximum hashes input.

{
    "err" : "Exceeded maximum allowed. Allow maximum 1000 hashes"
}

Example of when request is successful :

[
	{
		"hash" : md5_1,
  		"scan_result" : 0,  
		"data_id" : data_id_1
	}, 
	{
		"hash" : md5_2,
  		"scan_result" : 1,  
		"data_id" : data_id_2
	}, 
	{  
		"hash" : "abc",
  		"scan_result" : 5,
  		"data_id" : null
	} 
]

Example of when request is successful and "include_scan_details"=1:

[
	{
		"hash" : md5_1,
  		"scan_result" : 0,
        "scan_details":{
            "Agnitum":{
                "scan_result_i":0,
                "threat_found":"",
                "def_time":"2014-08-07T07:00:00Z",
                "scan_time":78.0
            }...{}},
		"data_id" : data_id_1
	}, 
	{
		"hash" : md5_2,
  		"scan_result" : 1,  
        "scan_details":{
            "Agnitum":{
                "scan_result_i":0,
                "threat_found":"",
                "def_time":"2014-08-07T07:00:00Z",
                "scan_time":78.0
            }...{}},
		"data_id" : data_id_2
	}, 
	{  
		"hash" : "abc",
  		"scan_result" : 5,
  		"data_id" : null
	} 
]

Example of when the number of lookup hashes i s more than remaning lookup number:

e.g: user can only scan 2 hashes but posts 3 hashes.

[
	{
		"hash" : md5_1,
  		"scan_result" : 0,  
		"data_id" : data_id_1
	}, 
	{
		"hash" : md5_2,
  		"scan_result" : 1,  
		"data_id" : data_id_2
	}, 
	{  
		"hash" : md5_3,
  		"scan_result" : 403,
  		"data_id" : null
	} 
]

Descriptions of response:

scan_result

the newest final scan result of hash

5: unknown scan result - may be hash does not exist in mongo

data_id

the newest data_id of hash

scan_details

Array of scan results for engines

For more details of response, refer to Response Description.

Multiple Hashes Lookup