API Reference

URL Scanner

Scans

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Create URL Scan

client.urlScanner.scans.create(ScanCreateParams { account_id, url, country, 5 more } params, RequestOptionsoptions?): ScanCreateResponse { api, message, result, 4 more }

POST/accounts/{account_id}/urlscanner/v2/scan

Submit a URL to scan. Check limits at https://developers.cloudflare.com/security-center/investigate/scan-limits/.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

URL Scanner WriteURL Scanner Read

ParametersExpand Collapse

params: ScanCreateParams { account_id, url, country, 5 more }

account_id: string

Path param: Account ID.

url: string

Body param

country?: "AF" | "AL" | "DZ" | 192 more

Body param: Country to geo egress from

One of the following:

"AF"

"AL"

"DZ"

"AD"

"AO"

"AG"

"AR"

"AM"

"AU"

"AT"

"AZ"

"BH"

"BD"

"BB"

"BY"

"BE"

"BZ"

"BJ"

"BM"

"BT"

"BO"

"BA"

"BW"

"BR"

"BN"

"BG"

"BF"

"BI"

"KH"

"CM"

"CA"

"CV"

"KY"

"CF"

"TD"

"CL"

"CN"

"CO"

"KM"

"CG"

"CR"

"CI"

"HR"

"CU"

"CY"

"CZ"

"CD"

"DK"

"DJ"

"DM"

"DO"

"EC"

"EG"

"SV"

"GQ"

"ER"

"EE"

"SZ"

"ET"

"FJ"

"FI"

"FR"

"GA"

"GE"

"DE"

"GH"

"GR"

"GL"

"GD"

"GT"

"GN"

"GW"

"GY"

"HT"

"HN"

"HU"

"IS"

"IN"

"ID"

"IR"

"IQ"

"IE"

"IL"

"IT"

"JM"

"JP"

"JO"

"KZ"

"KE"

"KI"

"KW"

"KG"

"LA"

"LV"

"LB"

"LS"

"LR"

"LY"

"LI"

"LT"

"LU"

"MO"

"MG"

"MW"

"MY"

"MV"

"ML"

"MR"

"MU"

"MX"

"FM"

"MD"

"MC"

"MN"

"MS"

"MA"

"MZ"

"MM"

"NA"

"NR"

"NP"

"NL"

"NZ"

"NI"

"NE"

"NG"

"KP"

"MK"

"NO"

"OM"

"PK"

"PS"

"PA"

"PG"

"PY"

"PE"

"PH"

"PL"

"PT"

"QA"

"RO"

"RU"

"RW"

"SH"

"KN"

"LC"

"VC"

"WS"

"SM"

"ST"

"SA"

"SN"

"RS"

"SC"

"SL"

"SK"

"SI"

"SB"

"SO"

"ZA"

"KR"

"SS"

"ES"

"LK"

"SD"

"SR"

"SE"

"CH"

"SY"

"TW"

"TJ"

"TZ"

"TH"

"BS"

"GM"

"TL"

"TG"

"TO"

"TT"

"TN"

"TR"

"TM"

"UG"

"UA"

"AE"

"GB"

"US"

"UY"

"UZ"

"VU"

"VE"

"VN"

"YE"

"ZM"

"ZW"

customagent?: string

Body param

maxLength4096

customHeaders?: Record<string, string>

Body param: Set custom headers.

referer?: string

Body param

maxLength4096

screenshotsResolutions?: Array<"desktop" | "mobile" | "tablet">

Body param: Take multiple screenshots targeting different device types.

One of the following:

"desktop"

"mobile"

"tablet"

visibility?: "Public" | "Unlisted"

Body param: The option Public means it will be included in listings like recent scans and search results. Unlisted means it will not be included in the aforementioned listings, users will need to have the scan's ID to access it. A a scan will be automatically marked as unlisted if it fails, if it contains potential PII or other sensitive material.

One of the following:

"Public"

"Unlisted"

ReturnsExpand Collapse

ScanCreateResponse { api, message, result, 4 more }

api: string

URL to api report.

message: string

result: string

Public URL to report.

url: string

Canonical form of submitted URL. Use this if you want to later search by URL.

uuid: string

Scan ID.

formatuuid

visibility: "public" | "unlisted"

Submitted visibility status.

One of the following:

"public"

"unlisted"

options?: Options { useragent }

useragent?: string

Create URL Scan

TypeScript

HTTP

TypeScript

Python

Go

Terraform

import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const scan = await client.urlScanner.scans.create({
  account_id: 'account_id',
  url: 'https://www.example.com',
});

console.log(scan.uuid);

200 example

{
  "api": "api",
  "message": "Submission successful",
  "result": "result",
  "url": "url",
  "uuid": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
  "visibility": "public",
  "options": {
    "useragent": "useragent"
  }
}

Returns Examples

200 example

{
  "api": "api",
  "message": "Submission successful",
  "result": "result",
  "url": "url",
  "uuid": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
  "visibility": "public",
  "options": {
    "useragent": "useragent"
  }
}