loader image

URLscan

x Mindflow

URLScan.io and Mindflow have partnered to enable users to automate their incident management and protect their information systems.

URLScan Overview

URLScan is a free website scanner that focuses on analyzing all possible details about any established HTTP connection, site content, relations with other sites, and more, using Google Chrome in a headless environment.

When you submit a URL to urlscan.io, it triggers an automated process to browse the URL like a regular user. It will test the elements, services, and connections during the loading process to record all the activities that this page navigation creates. 

The analyzed elements include programming technologies like HTML, CSS, Javascript, or images. It also records cookies, DOM content, server IPs, linking domains, among many other interesting details.

More, it includes other security-oriented features such as detecting malicious content (like cryptojacking), phishing, as well as hacked pages.

By integrating with URLScan.io, Mindflow allows its users to use one of the most complete tools for URL analysis. Urlscan.io can be integrated with enrichment playbooks to make life easier for SOCs.

URLScan

Benefits

  • Domain interaction: know how many domains the website is interacting with, including social networks and third-party javascript/images/CSS resources
  • Website technologies: detect which website technologies are used by the website, to detect CMS like WordPress, Joomla, Drupal, as well as for popular programming frameworks and CDN networks
  • Subdomain detection: detect how many subdomains are being used to serve the information for different sources
  • SSL Certificate detection: find which SSL certificates are being used, as well as SSL providers
  • IP address detection: know where the site is hosted (the exact geographic location where the information was served) and what is the ISP behind the IP address
  • Malicious page detection: an integration with Google Safe Browsing to alert users from possible malware, cryptojacking, and phishing attacks
  • IP information: scan all the IP addresses involved in the actual HTTP transaction
  • Screenshot of actual page: get the latest screenshot from the page at the time of the analysis

Related integrations