Skip to content
Cloudflare API
Start here
API Reference

URL Scanner

ModelsExpand Collapse
URLScannerDomain { id, name, super_category_id }
id: number
name: string
super_category_id?: number
URLScannerTask { effectiveUrl, errors, location, 7 more }
effectiveUrl: string
errors: Array<Error>
message: string
location: string
region: string
status: string
success: boolean
time: string
url: string
uuid: string
visibility: string

URL ScannerResponses

Get raw response
client.urlScanner.responses.get(stringresponseId, ResponseGetParams { account_id } params, RequestOptionsoptions?): ResponseGetResponse
GET/accounts/{account_id}/urlscanner/v2/responses/{response_id}
ModelsExpand Collapse
ResponseGetResponse = string

Web resource or image.

URL ScannerScans

Search URL scans
client.urlScanner.scans.list(ScanListParams { account_id, q, size } params, RequestOptionsoptions?): ScanListResponse { results }
GET/accounts/{account_id}/urlscanner/v2/search
Get URL scan
client.urlScanner.scans.get(stringscanId, ScanGetParams { account_id } params, RequestOptionsoptions?): ScanGetResponse { data, lists, meta, 5 more }
GET/accounts/{account_id}/urlscanner/v2/result/{scan_id}
Create URL Scan
client.urlScanner.scans.create(ScanCreateParams { account_id, url, country, 5 more } params, RequestOptionsoptions?): ScanCreateResponse { api, message, result, 4 more }
POST/accounts/{account_id}/urlscanner/v2/scan
Bulk create URL Scans
client.urlScanner.scans.bulkCreate(ScanBulkCreateParams { account_id, body } params, RequestOptionsoptions?): ScanBulkCreateResponse { api, result, url, 3 more }
POST/accounts/{account_id}/urlscanner/v2/bulk
Get URL scan's HAR
client.urlScanner.scans.har(stringscanId, ScanHARParams { account_id } params, RequestOptionsoptions?): ScanHARResponse { log }
GET/accounts/{account_id}/urlscanner/v2/har/{scan_id}
Get screenshot
client.urlScanner.scans.screenshot(stringscanId, ScanScreenshotParams { account_id, resolution } params, RequestOptionsoptions?): Response
GET/accounts/{account_id}/urlscanner/v2/screenshots/{scan_id}.png
Get URL scan's DOM
client.urlScanner.scans.dom(stringscanId, ScanDOMParams { account_id } params, RequestOptionsoptions?): ScanDOMResponse
GET/accounts/{account_id}/urlscanner/v2/dom/{scan_id}
ModelsExpand Collapse
ScanListResponse { results }
results: Array<Result>
_id: string
page: Page { asn, country, ip, url }
asn: string
country: string
ip: string
url: string
result: string
stats: Stats { dataLength, requests, uniqCountries, uniqIPs }
dataLength: number
requests: number
uniqCountries: number
uniqIPs: number
task: Task { time, url, uuid, visibility }
time: string
url: string
uuid: string
visibility: string
verdicts: Verdicts { malicious }
malicious: boolean
ScanGetResponse { data, lists, meta, 5 more }
data: Data { console, cookies, globals, 3 more }
console: Array<Console>
message: Message { level, source, text, url }
level: string
source: string
text: string
url: string
cookies: Array<Cookie>
domain: string
expires: number
httpOnly: boolean
name: string
path: string
priority: string
sameParty: boolean
secure: boolean
session: boolean
size: number
sourcePort: number
sourceScheme: string
value: string
globals: Array<Global>
prop: string
type: string
text: string
performance: Array<Performance>
duration: number
entryType: string
name: string
startTime: number
requests: Array<Request>
request: Request { documentURL, hasUserGesture, initiator, 9 more }
documentURL: string
hasUserGesture: boolean
initiator: Initiator { host, type, url }
host: string
type: string
url: string
redirectHasExtraInfo: boolean
request: Request { initialPriority, isSameSite, method, 4 more }
initialPriority: string
isSameSite: boolean
method: string
mixedContentType: string
referrerPolicy: string
url: string
headers?: unknown
requestId: string
type: string
wallTime: number
frameId?: string
loaderId?: string
primaryRequest?: boolean
redirectResponse?: RedirectResponse { charset, mimeType, protocol, 8 more }
charset: string
mimeType: string
protocol: string
remoteIPAddress: string
remotePort: number
securityHeaders: Array<SecurityHeader>
name: string
value: string
securityState: string
status: number
statusText: string
url: string
headers?: unknown
response: Response { asn, dataLength, encodedDataLength, 8 more }
asn: ASN { asn, country, description, 3 more }
asn: string
country: string
description: string
ip: string
name: string
org: string
dataLength: number
encodedDataLength: number
geoip: Geoip { city, country, country_name, 3 more }
city: string
country: string
country_name: string
geonameId: string
ll: Array<number>
region: string
hasExtraInfo: boolean
requestId: string
response: Response { charset, mimeType, protocol, 9 more }
charset: string
mimeType: string
protocol: string
remoteIPAddress: string
remotePort: number
securityDetails: SecurityDetails { certificateId, certificateTransparencyCompliance, cipher, 10 more }
certificateId: number
certificateTransparencyCompliance: string
cipher: string
encryptedClientHello: boolean
issuer: string
keyExchange: string
keyExchangeGroup: string
protocol: string
sanList: Array<string>
serverSignatureAlgorithm: number
subjectName: string
validFrom: number
validTo: number
securityHeaders: Array<SecurityHeader>
name: string
value: string
securityState: string
status: number
statusText: string
url: string
headers?: unknown
size: number
type: string
contentAvailable?: boolean
hash?: string
requests?: Array<RequestItem>
documentURL: string
frameId: string
hasUserGesture: boolean
initiator: Initiator { type }
type: string
loaderId: string
redirectHasExtraInfo: boolean
request: Request { headers, initialPriority, isSameSite, 4 more }
headers: Headers { name }
name: string
initialPriority: string
isSameSite: boolean
method: string
mixedContentType: string
referrerPolicy: string
url: string
requestId: string
type: string
wallTime: number
lists: Lists { asns, certificates, continents, 7 more }
asns: Array<string>
certificates: Array<Certificate>
issuer: string
subjectName: string
validFrom: number
validTo: number
continents: Array<string>
countries: Array<string>
domains: Array<string>
hashes: Array<string>
ips: Array<string>
linkDomains: Array<string>
servers: Array<string>
urls: Array<string>
meta: Meta { processors }
processors: Processors { asn, dns, domainCategories, 7 more }
asn: ASN { data }
data: Array<Data>
asn: string
country: string
description: string
ip: string
name: string
dns: DNS { data }
data: Array<Data>
address: string
dnssec_valid: boolean
name: string
type: string
domainCategories: DomainCategories { data }
data: Array<Data>
inherited: unknown
isPrimary: boolean
name: string
geoip: Geoip { data }
data: Array<Data>
geoip: Geoip { city, country, country_name, 2 more }
city: string
country: string
country_name: string
ll: Array<number>
region: string
ip: string
phishing: Phishing { data }
data: Array<string>
radarRank: RadarRank { data }
data: Array<Data>
bucket: string
hostname: string
rank?: number
wappa: Wappa { data }
data: Array<Data>
app: string
categories: Array<Category>
name: string
priority: number
confidence: Array<Confidence>
confidence: number
name: string
pattern: string
patternType: string
confidenceTotal: number
icon: string
website: string
phishing_v2?: PhishingV2 { data }
data: Array<string>
robotsTxt?: RobotsTXT { data }
data: Array<Data>
rules: Rules { * }
"*": _ { allow, disallow, contentSignal, crawlDelay }
allow: Array<string>
disallow: Array<string>
contentSignal?: ContentSignal { ai-input, ai-train, search }
"ai-input"?: string
"ai-train"?: string
crawlDelay?: number
sitemaps: Array<string>
hash?: string
urlCategories?: URLCategories { data }
data: Array<Data>
content: Array<Content>
id: number
name: string
super_category_id: number
inherited: Inherited { content, from, risks }
content: Array<Content>
id: number
name: string
super_category_id: number
from: string
risks: Array<Risk>
id: number
name: string
super_category_id: number
name: string
risks: Array<Risk>
id: number
name: string
super_category_id: number
page: Page { apexDomain, asn, asnname, 14 more }
apexDomain: string
asn: string
asnname: string
city: string
country: string
domain: string
ip: string
mimeType: string
server: string
status: string
title: string
tlsAgeDays: number
tlsIssuer: string
tlsValidDays: number
tlsValidFrom: string
url: string
screenshot?: Screenshot { dhash, mm3Hash, name, phash }
dhash: string
mm3Hash: number
name: string
phash: string
scanner: Scanner { colo, country }
colo: string
country: string
stats: Stats { domainStats, ipStats, IPv6Percentage, 10 more }
domainStats: Array<DomainStat>
count: number
countries: Array<string>
domain: string
encodedSize: number
index: number
initiators: Array<string>
ips: Array<string>
redirects: number
size: number
ipStats: Array<IPStat>
asn: ASN { asn, country, description, 3 more }
asn: string
country: string
description: string
ip: string
name: string
org: string
countries: Array<string>
domains: Array<string>
encodedSize: number
geoip: Geoip { city, country, country_name, 2 more }
city: string
country: string
country_name: string
ll: Array<number>
region: string
index: number
ip: string
ipv6: boolean
redirects: number
requests: number
size: number
count?: number
IPv6Percentage: number
malicious: number
protocolStats: Array<ProtocolStat>
count: number
countries: Array<string>
encodedSize: number
ips: Array<string>
protocol: string
size: number
resourceStats: Array<ResourceStat>
compression: number
count: number
countries: Array<string>
encodedSize: number
ips: Array<string>
percentage: number
size: number
type: string
securePercentage: number
secureRequests: number
serverStats: Array<ServerStat>
count: number
countries: Array<string>
encodedSize: number
ips: Array<string>
server: string
size: number
tlsStats: Array<TLSStat>
count: number
countries: Array<string>
encodedSize: number
ips: Array<string>
protocols: Protocols { TLS 1.3 / AES_128_GCM }
"TLS 1.3 / AES_128_GCM": number
securityState: string
size: number
uniqASNs: number
uniqCountries: number
task: Task { apexDomain, domain, domURL, 10 more }
apexDomain: string
domain: string
domURL: string
method: string
options: Options { customHeaders, screenshotsResolutions }
customHeaders?: unknown

Custom headers set.

screenshotsResolutions?: Array<string>
reportURL: string
screenshotURL: string
source: string
success: boolean
time: string
url: string
uuid: string
visibility: string
verdicts: Verdicts { overall }
overall: Overall { categories, hasVerdicts, malicious, tags }
categories: Array<string>
hasVerdicts: boolean
malicious: boolean
tags: Array<string>
ScanCreateResponse { api, message, result, 4 more }
api: string

URL to api report.

message: string
result: string

Public URL to report.

url: string

Canonical form of submitted URL. Use this if you want to later search by URL.

uuid: string

Scan ID.

formatuuid
visibility: "public" | "unlisted"

Submitted visibility status.

One of the following:
"public"
"unlisted"
options?: Options { useragent }
useragent?: string
ScanBulkCreateResponse = Array<ScanBulkCreateResponseItem>
api: string

URL to api report.

result: string

URL to report.

url: string

Submitted URL

uuid: string

Scan ID.

formatuuid
visibility: "public" | "unlisted"

Submitted visibility status.

One of the following:
"public"
"unlisted"
options?: Options { useragent }
useragent?: string
ScanHARResponse { log }
log: Log { creator, entries, pages, version }
creator: Creator { comment, name, version }
comment: string
name: string
version: string
entries: Array<Entry>
_initialPriority: string
_initiator_type: string
_priority: string
_requestId: string
_requestTime: number
_resourceType: string
cache: unknown
connection: string
pageref: string
request: Request { bodySize, headers, headersSize, 3 more }
bodySize: number
headers: Array<Header>
name: string
value: string
headersSize: number
httpVersion: string
method: string
url: string
response: Response { _transferSize, bodySize, content, 6 more }
_transferSize: number
bodySize: number
content: Content { mimeType, size, compression }
mimeType: string
size: number
compression?: number
headers: Array<Header>
name: string
value: string
headersSize: number
httpVersion: string
redirectURL: string
status: number
statusText: string
serverIPAddress: string
startedDateTime: string
time: number
pages: Array<Page>
id: string
pageTimings: PageTimings { onContentLoad, onLoad }
onContentLoad: number
onLoad: number
startedDateTime: string
title: string
version: string
ScanDOMResponse = string

HTML of webpage.