# Scan

Submit a URL to be scanned and control options for how the scan should be performed.

Endpoint: POST /api/v1/scan
Version: 1.0.0
Security: apikeyAuth

## Request fields (application/json):

  - `url` (string, required)
    The URL to be scanned
    Example: "https://urlscan.io"

  - `visibility` (string)
    Intended visibility of the final scan result
    Enum: "public", "unlisted", "private"

  - `country` (string)
    Country to scan from. ISO 3166-1 alpha-2 format. If not supplied, an appropriate country will automatically be chosen.
    Example: "de"

  - `tags` (array)
    User-defined tags to annotate this scan, e.g. "phishing" or "malicious".
    Example: ["iloveurlscan","testing"]

  - `overrideSafety` (boolean)
    If set to any value, this will disable reclassification of URLs with potential PII in them. Use with care!

  - `referer` (string)
    Override HTTP referer for this scan

  - `customagent` (string)
    Override HTTP User-Agent for this scan

## Response 200 fields (application/json):

  - `uuid` (string)
    UUID for scan result, also called $scanId

  - `country` (string)
    Country for scanning

  - `visibility` (string)
    Determined visibility for scan

  - `url` (string)
    Determined URL being scanned