urlscan.io 2.0.0
App Vendor: urlscan.io
App Category: Data Enrichment & Threat Intelligence
Connector Version: 2.1.1
API Version: 1.0.0
About App
The urlscan.io allows security teams to integrate with the urlscan.io application. urlscan.io is a free service to scan and analyze websites. When you submit a URL to urlscan.io, an automated process will browse to the URL like a regular user and record the activity the page navigation creates. It includes domains and IPs contacted, resources like JavaScript and CSS requested from those domains, and additional information about the page.
The urlscan.io app is configured with the Orchestrate to perform the following actions:
Action Name | Description |
|---|---|
Get Scan Result | This action fetches the result of a scan. |
Global Query Search | This action performs a global query search. |
Submit URL for Scan | This action submits a fully qualified domain name (fqdn) or URL for scanning. |
Configuration Parameters
The following configuration parameters are required for the urlscan.io app to communicate with the urlscan.io enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
API Key | Enter the API key. | Password | Required |
Action: Get Scan Result
This action fetches the result of a scan.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Scan ID | Enter the scan ID. Example: "b4f777bd-4910-4e15-ae51-3e2b3c55bacb" | Text | Required |
Example Request
[
{
"scan_id": "b4f777bd-4910-4e15-ae51-3e2b3c55bacb"
}
]Action: Global Query Search
This action performs a global query search.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Query String | Enter the query string. | Text | Optional | Default value: * |
Size | Enter the result size. Example: 50 | Integer | Optional | Default value: 100 |
Search After | Use comma-separated last value of the sort attribute to retrieve the next batch of results. | Text | Optional | |
Sorting | Enter the sort value specified through $sort_field or $sort_order. | Text | Optional | Default value: None |
Example Request
[
{
"query_string": "*",
"size": 50,
"sorting": "_score"
}
]Action: Submit URL for Scan
This action submits a fully qualified domain name (fqdn) or URL for scanning.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
FQDN | Enter the fully qualified domain name (fqdn) or URL. Example: "https://cyware.com/support/tool-integrations" | Text | Required | |
Scan Type | Enter the scan type. Example: "unlisted" | Text | Optional | Allowed values:
|
Extra Params | Enter the extra parameters. | Key-Value | Optional | Allowed values:
|
Example Request
[
{
"fqdn": "https://cyware.com/support/tool-integrations",
"params": {},
"scan_type": "unlisted"
}
]