Official website

https://urlscan.io/

Rule

analyzer: urlscan
query: ...
use_similarity: ... 
api_key: ...
Name Type Required? Default Desc.
query String Yes Search query
use_similarity Boolean No False Whether to use the Similar Search API or not
api_key String No ENV[”URLSCAN_API_KEY"] API key

How it works

The analyzer uses urlscan.io API and /api/v1/search API endpoint by default.

IP addresses, domains and URLs matched with a query are treated as artifacts.

Output

This rule outputs the following types of artifacts.

Configuration

Mihari loads your urlscan.io API key via environment variable URLSCAN_API_KEY by default.