analyzer: urlscan
query: ...
use_similarity: ...
api_key: ...
| Name | Type | Required? | Default | Desc. |
|---|---|---|---|---|
| query | String | Yes | Search query | |
| use_similarity | Boolean | No | False | Whether to use the Similar Search API or not |
| api_key | String | No | ENV[ā€¯URLSCAN_API_KEY"] | API key |
The analyzer uses urlscan.io API and /api/v1/search API endpoint by default.
IP addresses, domains and URLs matched with a query are treated as artifacts.
This rule outputs the following types of artifacts.
Mihari loads your urlscan.io API key via environment variable URLSCAN_API_KEY by default.