Skip to content
Cloudflare API
Start here
API Reference
URL Scanner
Scans

Search URL scans

client.URLScanner.Scans.List(ctx, params) (*ScanListResponse, error)
GET/accounts/{account_id}/urlscanner/v2/search

Use a subset of ElasticSearch Query syntax to filter scans. Some example queries:

- 'path:"/bundles/jquery.js"': Searches for scans who requested resources with the given path.
- 'page.asn:AS24940 AND hash:xxx': Websites hosted in AS24940 where a resource with the given hash was downloaded.
- 'page.domain:microsoft* AND verdicts.malicious:true AND NOT page.domain:microsoft.com': malicious scans whose hostname starts with "microsoft".
- 'apikey:me AND date:[2025-01 TO 2025-02]': my scans from 2025 January to 2025 February.

Security
API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY
API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194
Accepted Permissions (at least one required)
URL Scanner WriteURL Scanner Read
ParametersExpand Collapse
params ScanListParams
AccountID param.Field[string]

Path param: Account ID.

Q param.Field[string]optional

Query param: Filter scans

Size param.Field[int64]optional

Query param: Limit the number of objects in the response.

ReturnsExpand Collapse
type ScanListResponse struct{…}
Results []ScanListResponseResult
ID string
Page ScanListResponseResultsPage
ASN string
Country string
IP string
URL string
Result string
Stats ScanListResponseResultsStats
DataLength float64
Requests float64
UniqCountries float64
UniqIPs float64
Task ScanListResponseResultsTask
Time string
URL string
UUID string
Visibility string
Verdicts ScanListResponseResultsVerdicts
Malicious bool

Search URL scans

package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/option"
  "github.com/cloudflare/cloudflare-go/url_scanner"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  scans, err := client.URLScanner.Scans.List(context.TODO(), url_scanner.ScanListParams{
    AccountID: cloudflare.F("account_id"),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", scans.Results)
}

{
  "results": [
    {
      "_id": "9626f773-9ffb-4cfb-89d3-30b120fc8011",
      "page": {
        "asn": "AS15133",
        "country": "US",
        "ip": "93.184.215.14",
        "url": "https://example.com"
      },
      "result": "https://radar.clouflare.com/scan/9626f773-9ffb-4cfb-89d3-30b120fc8011",
      "stats": {
        "dataLength": 2512,
        "requests": 2,
        "uniqCountries": 1,
        "uniqIPs": 1
      },
      "task": {
        "time": "2024-09-30T23:54:02.881000+00:00",
        "url": "https://example.com",
        "uuid": "9626f773-9ffb-4cfb-89d3-30b120fc8011",
        "visibility": "public"
      },
      "verdicts": {
        "malicious": true
      }
    }
  ]
}
Returns Examples
{
  "results": [
    {
      "_id": "9626f773-9ffb-4cfb-89d3-30b120fc8011",
      "page": {
        "asn": "AS15133",
        "country": "US",
        "ip": "93.184.215.14",
        "url": "https://example.com"
      },
      "result": "https://radar.clouflare.com/scan/9626f773-9ffb-4cfb-89d3-30b120fc8011",
      "stats": {
        "dataLength": 2512,
        "requests": 2,
        "uniqCountries": 1,
        "uniqIPs": 1
      },
      "task": {
        "time": "2024-09-30T23:54:02.881000+00:00",
        "url": "https://example.com",
        "uuid": "9626f773-9ffb-4cfb-89d3-30b120fc8011",
        "visibility": "public"
      },
      "verdicts": {
        "malicious": true
      }
    }
  ]
}