ByteChefComponents
Urlscan.io
Urlscan.io is an online service that allows you to safely analyze websites and URLs to determine potential security threats and risks.
Categories: Helpers
Type: urlscan/v1
Connections
Version: 1
API Key
Properties
| Name | Label | Type | Description | Required |
|---|---|---|---|---|
| key | Key | STRING | true | |
| value | Value | STRING | true |
Actions
Scan
Name: scan
Submit a URL to be scanned and control options for how the scan should be performed.
Properties
| Name | Label | Type | Description | Required |
|---|---|---|---|---|
| url | URL | STRING | The URL to be scanned. | true |
| visibility | Visibility | STRING Optionspublic, unlisted, private | Intended visibility of the final scan result. | false |
| tags | Tags | ARRAY Items[STRING] | User-defined tags to annotate this scan. | false |
Example JSON Structure
{
"label" : "Scan",
"name" : "scan",
"parameters" : {
"url" : "",
"visibility" : "",
"tags" : [ "" ]
},
"type" : "urlscan/v1/scan"
}Output
Type: OBJECT
Properties
| Name | Type | Description |
|---|---|---|
| uuid | STRING | UUID for scan result, also called $scanId. |
| country | STRING | Country for scanning. |
| visibility | STRING | Determined visibility for scan. |
| url | STRING | Determined URL being scanned. |
Output Example
{
"uuid" : "",
"country" : "",
"visibility" : "",
"url" : ""
}Result
Name: result
Using the Scan ID, you can use the Result API to poll for the scan.
Properties
| Name | Label | Type | Description | Required |
|---|---|---|---|---|
| scanId | Scan ID | STRING | UUID of scan result. | true |
Example JSON Structure
{
"label" : "Result",
"name" : "result",
"parameters" : {
"scanId" : ""
},
"type" : "urlscan/v1/result"
}Output
Type: OBJECT
Properties
| Name | Type | Description |
|---|---|---|
| data | OBJECT Properties{[{{STRING(requestId), STRING(loaderId), STRING(documentURL), {STRING(url), STRING(method), {}(headers), STRING(mixedContentType), STRING(initialPriority), STRING(referrerPolicy), BOOLEAN(isSameSite), BOOLEAN(isLinkPreload)}(request), NUMBER(timestamp), NUMBER(wallTime), {STRING(type), STRING(url), INTEGER(lineNumber), INTEGER(columnNumber)}(initiator), BOOLEAN(redirectHasExtraInfo), STRING(type), STRING(frameId), BOOLEAN(hasUserGesture), BOOLEAN(primaryRequest)}(request), {INTEGER(encodedDataLength), INTEGER(dataLength), STRING(requestId), STRING(type), BOOLEAN(hasExtraInfo), STRING(hash), INTEGER(size), {STRING(ip), STRING(asn), STRING(country), STRING(registrar), STRING(date), STRING(description), STRING(route), STRING(name)}(asn), {STRING(country), STRING(region), STRING(timezone), STRING(city), [NUMBER](ll), STRING(country_name), INTEGER(metro), INTEGER(area)}(geoip), {STRING(ip), STRING(ptr)}(rdns), {STRING(url), INTEGER(status), STRING(statusText), {}(headers), STRING(mimeType), STRING(remoteIPAddress), INTEGER(remotePort), INTEGER(encodedDataLength), {NUMBER(requestTime), NUMBER(proxyStart), NUMBER(proxyEnd), NUMBER(dnsStart), NUMBER(dnsEnd), NUMBER(connectStart), NUMBER(connectEnd), NUMBER(sslStart), NUMBER(sslEnd), NUMBER(workerStart), NUMBER(workerReady), NUMBER(workerFetchStart), NUMBER(workerRespondWithSettled), NUMBER(sendStart), NUMBER(sendEnd), NUMBER(pushStart), NUMBER(pushEnd), NUMBER(receiveHeadersStart), NUMBER(receiveHeadersEnd)}(timing), NUMBER(responseTime), STRING(protocol), STRING(alternateProtocolUsage), STRING(securityState), {STRING(protocol), STRING(keyExchange), STRING(keyExchangeGroup), STRING(cipher), INTEGER(certificateId), STRING(subjectName), [STRING](sanList), STRING(issuer), INTEGER(validFrom), INTEGER(validTo), [STRING](signedCertificateTimestampList), STRING(certificateTransparencyCompliance), INTEGER(serverSignatureAlgorithm), BOOLEAN(encryptedClientHello)}(securityDetails), [{STRING(name), STRING(value)}](securityHeaders)}(response)}(response), {STRING(url), STRING(host), STRING(type)}(initiatorInfo)}](requests), [{}](cookies), [{}](console), [{STRING(href), STRING(text)}](links), {}(timing), [{}](globals)} | Raw scan data including network requests, responses, cookies, console logs, and page elements. |
| stats | OBJECT Properties{[{INTEGER(count), INTEGER(size), INTEGER(encodedSize), NUMBER(latency), [STRING](countries), [STRING](ips), STRING(type), STRING(compression), INTEGER(percentage)}](resourceStats), [{INTEGER(count), INTEGER(size), INTEGER(encodedSize), NUMBER(latency), [STRING](countries), [STRING](ips), INTEGER(percentage), STRING(protocol), {}(securityState)}](protocolStats), [{INTEGER(count), INTEGER(size), INTEGER(encodedSize), NUMBER(latency), [STRING](countries), [STRING](ips), INTEGER(percentage), {}(protocols), STRING(securityState)}](tlsStats), [{INTEGER(count), INTEGER(size), INTEGER(encodedSize), NUMBER(latency), [STRING](countries), [STRING](ips), INTEGER(percentage), STRING(server)}](serverStats), [{INTEGER(count), [STRING](ips), INTEGER(redirects), INTEGER(size), INTEGER(encodedSize), [STRING](countries), INTEGER(index), [STRING](initiators), INTEGER(requests), STRING(domain)}](domainStats), [{INTEGER(count), [STRING](ips), INTEGER(redirects), INTEGER(size), INTEGER(encodedSize), [STRING](countries), INTEGER(index), [STRING](initiators), INTEGER(requests), STRING(regDomain), [{STRING(domain), STRING(country)}](subDomains)}](regDomainStats), INTEGER(secureRequests), INTEGER(securePercentage), INTEGER(IPv6Percentage), INTEGER(uniqCountries), INTEGER(totalLinks), INTEGER(maliciousRequests), INTEGER(adBlocked), INTEGER(malicious), [{INTEGER(requests), [STRING](domains), [STRING](ips), [STRING](countries), [{STRING(asn), STRING(country), STRING(organisation)}](asns), INTEGER(encoded_size), INTEGER(size), INTEGER(redirects), STRING(ip), {STRING(ip), STRING(asn), STRING(country), STRING(registrar), STRING(date), STRING(description), STRING(route), STRING(name)}(asn), {}(dns), {STRING(country), STRING(region), STRING(timezone), STRING(city), [NUMBER](ll), STRING(country_name), INTEGER(metro), INTEGER(area)}(geoip), INTEGER(encodedSize), INTEGER(index), BOOLEAN(ipv6), INTEGER(count), {STRING(ip), STRING(ptr)}(rdns)}](ipStats)} | Statistical analysis of the scan including resource counts, protocols, security metrics, and geographic distribution. |
| meta | OBJECT Properties{{{[{STRING(hostname), INTEGER(rank)}](data)}(umbrella), {[{STRING(ip), {STRING(country), STRING(country_name), STRING(region), STRING(timezone), STRING(city), [NUMBER](ll), INTEGER(metro), INTEGER(area)}(geoip)}](data)}(geoip), {[{STRING(ip), STRING(ptr)}](data)}(rdns), {[{STRING(ip), STRING(asn), STRING(country), STRING(organisation), STRING(registrar), STRING(date), STRING(description), STRING(route), STRING(name)}](data)}(asn), {[{[{INTEGER(confidence), STRING(pattern)}](confidence), INTEGER(confidenceTotal), STRING(app), STRING(icon), STRING(website), [{STRING(name), STRING(id), INTEGER(priority)}](categories)}](data)}(wappa)}(processors)} | Enriched metadata from external processors including domain rankings, geolocation, DNS records, and ASN information. |
| task | OBJECT Properties{STRING(uuid), STRING(time), STRING(url), STRING(visibility), {}(options), STRING(method), STRING(source), STRING(userAgent), STRING(reportURL), STRING(screenshotURL), STRING(domURL), [STRING](tags)} | Information about the scan task including configuration, URLs, and submission details. |
| page | OBJECT Properties{STRING(country), STRING(server), STRING(city), STRING(domain), STRING(ip), STRING(asnname), STRING(asn), STRING(url), STRING(ptr)} | Information about the scanned page including server details, location and network properties. |
| lists | OBJECT Properties{[STRING](ips), [STRING](countries), [STRING](asns), [STRING](domains), [STRING](servers), [STRING](urls), [STRING](linkDomains), [{STRING(subjectName), STRING(issuer), INTEGER(validFrom), INTEGER(validTo)}](certificates), [STRING](hashes)} | Aggregated lists of unique elements found during the scan including IPs, domains, URLs, and certificates. |
| verdicts | OBJECT Properties{{INTEGER(score), [STRING](categories), [{}](brands), [STRING](tags), BOOLEAN(malicious), BOOLEAN(hasVerdicts)}(overall), {INTEGER(score), [STRING](categories), [{}](brands), [STRING](tags), BOOLEAN(malicious), BOOLEAN(hasVerdicts)}(urlscan), {INTEGER(score), [STRING](categories), [{}](brands), [STRING](tags), BOOLEAN(malicious), INTEGER(enginesTotal), INTEGER(maliciousTotal), INTEGER(benignTotal), [{STRING(engine), STRING(classification)}](verdicts), [{}](maliciousVerdicts), [{}](benignVerdicts), BOOLEAN(hasVerdicts)}(engines), {INTEGER(score), [STRING](categories), [{}](brands), [STRING](tags), BOOLEAN(malicious), INTEGER(votesBenign), INTEGER(votesMalicious), INTEGER(votesTotal), BOOLEAN(hasVerdicts)}(community)} | Security verdicts and threat analysis from multiple sources including urlscan.io, third-party engines, and community ratings. |
| submitter | OBJECT Properties{STRING(country)} | Information about the entity that submitted the scan request. |
Output Example
{
"data" : {
"requests" : [ {
"request" : {
"requestId" : "",
"loaderId" : "",
"documentURL" : "",
"request" : {
"url" : "",
"method" : "",
"headers" : { },
"mixedContentType" : "",
"initialPriority" : "",
"referrerPolicy" : "",
"isSameSite" : false,
"isLinkPreload" : false
},
"timestamp" : 0.0,
"wallTime" : 0.0,
"initiator" : {
"type" : "",
"url" : "",
"lineNumber" : 1,
"columnNumber" : 1
},
"redirectHasExtraInfo" : false,
"type" : "",
"frameId" : "",
"hasUserGesture" : false,
"primaryRequest" : false
},
"response" : {
"encodedDataLength" : 1,
"dataLength" : 1,
"requestId" : "",
"type" : "",
"hasExtraInfo" : false,
"hash" : "",
"size" : 1,
"asn" : {
"ip" : "",
"asn" : "",
"country" : "",
"registrar" : "",
"date" : "",
"description" : "",
"route" : "",
"name" : ""
},
"geoip" : {
"country" : "",
"region" : "",
"timezone" : "",
"city" : "",
"ll" : [ 0.0 ],
"country_name" : "",
"metro" : 1,
"area" : 1
},
"rdns" : {
"ip" : "",
"ptr" : ""
},
"response" : {
"url" : "",
"status" : 1,
"statusText" : "",
"headers" : { },
"mimeType" : "",
"remoteIPAddress" : "",
"remotePort" : 1,
"encodedDataLength" : 1,
"timing" : {
"requestTime" : 0.0,
"proxyStart" : 0.0,
"proxyEnd" : 0.0,
"dnsStart" : 0.0,
"dnsEnd" : 0.0,
"connectStart" : 0.0,
"connectEnd" : 0.0,
"sslStart" : 0.0,
"sslEnd" : 0.0,
"workerStart" : 0.0,
"workerReady" : 0.0,
"workerFetchStart" : 0.0,
"workerRespondWithSettled" : 0.0,
"sendStart" : 0.0,
"sendEnd" : 0.0,
"pushStart" : 0.0,
"pushEnd" : 0.0,
"receiveHeadersStart" : 0.0,
"receiveHeadersEnd" : 0.0
},
"responseTime" : 0.0,
"protocol" : "",
"alternateProtocolUsage" : "",
"securityState" : "",
"securityDetails" : {
"protocol" : "",
"keyExchange" : "",
"keyExchangeGroup" : "",
"cipher" : "",
"certificateId" : 1,
"subjectName" : "",
"sanList" : [ "" ],
"issuer" : "",
"validFrom" : 1,
"validTo" : 1,
"signedCertificateTimestampList" : [ "" ],
"certificateTransparencyCompliance" : "",
"serverSignatureAlgorithm" : 1,
"encryptedClientHello" : false
},
"securityHeaders" : [ {
"name" : "",
"value" : ""
} ]
}
},
"initiatorInfo" : {
"url" : "",
"host" : "",
"type" : ""
}
} ],
"cookies" : [ { } ],
"console" : [ { } ],
"links" : [ {
"href" : "",
"text" : ""
} ],
"timing" : { },
"globals" : [ { } ]
},
"stats" : {
"resourceStats" : [ {
"count" : 1,
"size" : 1,
"encodedSize" : 1,
"latency" : 0.0,
"countries" : [ "" ],
"ips" : [ "" ],
"type" : "",
"compression" : "",
"percentage" : 1
} ],
"protocolStats" : [ {
"count" : 1,
"size" : 1,
"encodedSize" : 1,
"latency" : 0.0,
"countries" : [ "" ],
"ips" : [ "" ],
"percentage" : 1,
"protocol" : "",
"securityState" : { }
} ],
"tlsStats" : [ {
"count" : 1,
"size" : 1,
"encodedSize" : 1,
"latency" : 0.0,
"countries" : [ "" ],
"ips" : [ "" ],
"percentage" : 1,
"protocols" : { },
"securityState" : ""
} ],
"serverStats" : [ {
"count" : 1,
"size" : 1,
"encodedSize" : 1,
"latency" : 0.0,
"countries" : [ "" ],
"ips" : [ "" ],
"percentage" : 1,
"server" : ""
} ],
"domainStats" : [ {
"count" : 1,
"ips" : [ "" ],
"redirects" : 1,
"size" : 1,
"encodedSize" : 1,
"countries" : [ "" ],
"index" : 1,
"initiators" : [ "" ],
"requests" : 1,
"domain" : ""
} ],
"regDomainStats" : [ {
"count" : 1,
"ips" : [ "" ],
"redirects" : 1,
"size" : 1,
"encodedSize" : 1,
"countries" : [ "" ],
"index" : 1,
"initiators" : [ "" ],
"requests" : 1,
"regDomain" : "",
"subDomains" : [ {
"domain" : "",
"country" : ""
} ]
} ],
"secureRequests" : 1,
"securePercentage" : 1,
"IPv6Percentage" : 1,
"uniqCountries" : 1,
"totalLinks" : 1,
"maliciousRequests" : 1,
"adBlocked" : 1,
"malicious" : 1,
"ipStats" : [ {
"requests" : 1,
"domains" : [ "" ],
"ips" : [ "" ],
"countries" : [ "" ],
"asns" : [ {
"asn" : "",
"country" : "",
"organisation" : ""
} ],
"encoded_size" : 1,
"size" : 1,
"redirects" : 1,
"ip" : "",
"asn" : {
"ip" : "",
"asn" : "",
"country" : "",
"registrar" : "",
"date" : "",
"description" : "",
"route" : "",
"name" : ""
},
"dns" : { },
"geoip" : {
"country" : "",
"region" : "",
"timezone" : "",
"city" : "",
"ll" : [ 0.0 ],
"country_name" : "",
"metro" : 1,
"area" : 1
},
"encodedSize" : 1,
"index" : 1,
"ipv6" : false,
"count" : 1,
"rdns" : {
"ip" : "",
"ptr" : ""
}
} ]
},
"meta" : {
"processors" : {
"umbrella" : {
"data" : [ {
"hostname" : "",
"rank" : 1
} ]
},
"geoip" : {
"data" : [ {
"ip" : "",
"geoip" : {
"country" : "",
"country_name" : "",
"region" : "",
"timezone" : "",
"city" : "",
"ll" : [ 0.0 ],
"metro" : 1,
"area" : 1
}
} ]
},
"rdns" : {
"data" : [ {
"ip" : "",
"ptr" : ""
} ]
},
"asn" : {
"data" : [ {
"ip" : "",
"asn" : "",
"country" : "",
"organisation" : "",
"registrar" : "",
"date" : "",
"description" : "",
"route" : "",
"name" : ""
} ]
},
"wappa" : {
"data" : [ {
"confidence" : [ {
"confidence" : 1,
"pattern" : ""
} ],
"confidenceTotal" : 1,
"app" : "",
"icon" : "",
"website" : "",
"categories" : [ {
"name" : "",
"id" : "",
"priority" : 1
} ]
} ]
}
}
},
"task" : {
"uuid" : "",
"time" : "",
"url" : "",
"visibility" : "",
"options" : { },
"method" : "",
"source" : "",
"userAgent" : "",
"reportURL" : "",
"screenshotURL" : "",
"domURL" : "",
"tags" : [ "" ]
},
"page" : {
"country" : "",
"server" : "",
"city" : "",
"domain" : "",
"ip" : "",
"asnname" : "",
"asn" : "",
"url" : "",
"ptr" : ""
},
"lists" : {
"ips" : [ "" ],
"countries" : [ "" ],
"asns" : [ "" ],
"domains" : [ "" ],
"servers" : [ "" ],
"urls" : [ "" ],
"linkDomains" : [ "" ],
"certificates" : [ {
"subjectName" : "",
"issuer" : "",
"validFrom" : 1,
"validTo" : 1
} ],
"hashes" : [ "" ]
},
"verdicts" : {
"overall" : {
"score" : 1,
"categories" : [ "" ],
"brands" : [ { } ],
"tags" : [ "" ],
"malicious" : false,
"hasVerdicts" : false
},
"urlscan" : {
"score" : 1,
"categories" : [ "" ],
"brands" : [ { } ],
"tags" : [ "" ],
"malicious" : false,
"hasVerdicts" : false
},
"engines" : {
"score" : 1,
"categories" : [ "" ],
"brands" : [ { } ],
"tags" : [ "" ],
"malicious" : false,
"enginesTotal" : 1,
"maliciousTotal" : 1,
"benignTotal" : 1,
"verdicts" : [ {
"engine" : "",
"classification" : ""
} ],
"maliciousVerdicts" : [ { } ],
"benignVerdicts" : [ { } ],
"hasVerdicts" : false
},
"community" : {
"score" : 1,
"categories" : [ "" ],
"brands" : [ { } ],
"tags" : [ "" ],
"malicious" : false,
"votesBenign" : 1,
"votesMalicious" : 1,
"votesTotal" : 1,
"hasVerdicts" : false
}
},
"submitter" : {
"country" : ""
}
}Screenshot
Name: screenshot
Use the scan UUID to retrieve the screenshot for a scan once the scan has finished.
Properties
| Name | Label | Type | Description | Required |
|---|---|---|---|---|
| scanId | Scan Id | STRING | UUID of scan result. | true |
Example JSON Structure
{
"label" : "Screenshot",
"name" : "screenshot",
"parameters" : {
"scanId" : ""
},
"type" : "urlscan/v1/screenshot"
}Output
Type: FILE_ENTRY
Properties
| Name | Type | Description |
|---|---|---|
| extension | STRING | |
| mimeType | STRING | |
| name | STRING | |
| url | STRING |
Output Example
{
"extension" : "",
"mimeType" : "",
"name" : "",
"url" : ""
}What to do if your action is not listed here?
If this component doesn't have the action you need, you can use Custom Action to create your own. Custom Actions empower you to define HTTP requests tailored to your specific requirements, allowing for greater flexibility in integrating with external services or APIs.
To create a Custom Action, simply specify the desired HTTP method, path, and any necessary parameters. This way, you can extend the functionality of your component beyond the predefined actions, ensuring that you can meet all your integration needs effectively.
Additional Instructions
Connection Setup
- Login to the dashboard at https://urlscan.io/user/login/.
- Click on Settings & API.
- Click on New API key.
- Add description and click Create API key.
- Copy the API key. Use these credentials to create a connection in ByteChef.