# Scan

## POST /public-api/scan/url-analysis

> URL will be analyzed by Threat.Zone URL Scanner, use the UUID to track the status of the submission

```json
{"openapi":"3.0.0","info":{"title":"Threat.Zone Public API","version":"1.0.0"},"tags":[{"name":"Scan","description":""}],"security":[{"authorization":[]}],"components":{"securitySchemes":{"authorization":{"scheme":"bearer","bearerFormat":"","description":"Communication key","name":"Authorization","type":"http","in":"Header"}}},"paths":{"/public-api/scan/url-analysis":{"post":{"operationId":"ScanController_urlAnalysis","summary":"URL will be analyzed by Threat.Zone URL Scanner, use the UUID to track the status of the submission","parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"url":{"type":"string","description":"URL to be analyzed"},"private":{"type":"boolean","description":"Determines if the scan should be private","default":false}}}}}},"responses":{"200":{"description":"Successful analysis"},"400":{"description":"Bad Request - Invalid URL or body"},"401":{"description":"Unauthorized"}},"tags":["Scan"]}}}}
```

## POST /public-api/scan/sandbox

> File will be scanned by Threat.Zone Sandbox & Static Scanner, use the UUID to track the status of the submission

```json
{"openapi":"3.0.0","info":{"title":"Threat.Zone Public API","version":"1.0.0"},"tags":[{"name":"Scan","description":""}],"security":[{"authorization":[]}],"components":{"securitySchemes":{"authorization":{"scheme":"bearer","bearerFormat":"","description":"Communication key","name":"Authorization","type":"http","in":"Header"}}},"paths":{"/public-api/scan/sandbox":{"post":{"operationId":"ScanController_sandbox","summary":"File will be scanned by Threat.Zone Sandbox & Static Scanner, use the UUID to track the status of the submission","parameters":[{"name":"auto","required":false,"in":"query","description":"If this passed as \"true\", all of the metafields and environment will be set automatically","schema":{"type":"string"}}],"requestBody":{"required":true,"content":{"multipart/form-data":{"schema":{"type":"object","required":["file","analyzeConfig"],"properties":{"file":{"type":"string","format":"binary","description":"File to be analyzed"},"analyzeConfig":{"type":"array","items":{"type":"object","properties":{"metafieldId":{"type":"string"},"value":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"}]}}},"description":"Configuration for sandbox analysis"},"extensionCheck":{"type":"string","description":"Make a MIMEType check for the file and auto-assign the extension"},"modules":{"type":"array","items":{"type":"string"},"description":"Modules to be used in analysis"},"entrypoint":{"type":"string","description":"Select the file to be executed within the archive","nullable":true},"password":{"type":"string","description":"Enter the password that will be used to open the archive file","nullable":true}}}}}},"responses":{"200":{"description":"Successful analysis"},"401":{"description":"Unauthorized"},"422":{"description":"Unprocessable Entity - Invalid file or body"}},"tags":["Scan"]}}}}
```

## File will be scanned by Threat.Zone Static Scanner, use the UUID to track the status of the submission

> This endpoint allows users to upload a file and perform a static scan on it.

```json
{"openapi":"3.0.0","info":{"title":"Threat.Zone Public API","version":"1.0.0"},"tags":[{"name":"Scan","description":""}],"security":[{"authorization":[]}],"components":{"securitySchemes":{"authorization":{"scheme":"bearer","bearerFormat":"","description":"Communication key","name":"Authorization","type":"http","in":"Header"}}},"paths":{"/public-api/scan/static-scan":{"post":{"operationId":"ScanController_staticScan","summary":"File will be scanned by Threat.Zone Static Scanner, use the UUID to track the status of the submission","description":"This endpoint allows users to upload a file and perform a static scan on it.","parameters":[],"requestBody":{"required":true,"content":{"multipart/form-data":{"schema":{"type":"object","required":["file"],"properties":{"file":{"type":"string","format":"binary","description":"The file to be scanned"},"extensionCheck":{"type":"string","oneOf":[{"type":"boolean"},{"type":"string"}],"description":"Option to check file extension"},"isPublic":{"type":"boolean","description":"Whether the scan results should be public"},"entrypoint":{"type":"string","description":"Select the file to be executed within the archive","nullable":true},"password":{"type":"string","description":"Enter the password that will be used to open the archive file","nullable":true}}}}}},"responses":{"200":{"description":"The file has been successfully scanned"},"401":{"description":"Unauthorized"},"422":{"description":"Unprocessable Entity - Invalid file or body"}},"tags":["Scan"]}}}}
```

## Perform a CDR (Content Disarm and Reconstruction) scan on an uploaded file

> This endpoint allows users to upload a file and perform a CDR scan on it, extension check is not optional because it is necessary for CDR module to work properly.

```json
{"openapi":"3.0.0","info":{"title":"Threat.Zone Public API","version":"1.0.0"},"tags":[{"name":"Scan","description":""}],"security":[{"authorization":[]}],"components":{"securitySchemes":{"authorization":{"scheme":"bearer","bearerFormat":"","description":"Communication key","name":"Authorization","type":"http","in":"Header"}}},"paths":{"/public-api/scan/cdr":{"post":{"operationId":"ScanController_cdr","summary":"Perform a CDR (Content Disarm and Reconstruction) scan on an uploaded file","description":"This endpoint allows users to upload a file and perform a CDR scan on it, extension check is not optional because it is necessary for CDR module to work properly.","parameters":[],"requestBody":{"required":true,"content":{"multipart/form-data":{"schema":{"type":"object","required":["file"],"properties":{"file":{"type":"string","format":"binary","description":"The file to be scanned"},"isPublic":{"type":"boolean","description":"Whether the scan results should be public"},"entrypoint":{"type":"string","description":"Select the file to be executed within the archive","nullable":true},"password":{"type":"string","description":"Enter the password that will be used to open the archive file","nullable":true}}}}}},"responses":{"200":{"description":"The file has been successfully submitted for CDR","content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"},"uuid":{"type":"string"}}}}}},"401":{"description":"Unauthorized"},"422":{"description":"Unprocessable Entity - Invalid file or body"}},"tags":["Scan"]}}}}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.malwation.com/threatzone/api-docs/scan.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.