• Unlock Free Access to Threat Intelligence Training Now!
  • Get Started
SecurityTrails Blog · Jul 16 · by Esteban Borges

URLScan.io: the best way to scan any website

Reading time: 4 minutes

Intel gathering and data reconnaissance are one of the first steps in any security investigation. There are a lot of OSINT tools to use in your daily infosec tasks — and we will keep sharing our best tools with you.

URLScan.io is a website scanner written by Johannes Gilger, focusing on analyzing all possible details about any established HTTP connection, site content, relations with other sites and much more.

Once you input your URL and hit the "Scan" button (public and privates scans are free!) it will launch a lot of automated tests against all the elements, services and connections during the page load.


Analyzed elements include programming technologies like HTML, CSS, Javascript or images. It also records cookies, DOM content, server IPs, linking domains, among many other interesting details.

It also includes other interesting security-oriented features like detecting malicious content (like CryptoJacking campaigns), phishing, as well as hacked pages.

All the details you need

URLScan.io does all the scanning and analyzing in the background using Google Chrome in a perfect headless environment.

All the details you can imagine are recorded by the tool, and once finished you can start reviewing the information displayed on the results page, as you see in the next screenshot:

Alexa details

Features you will love

Let's see what else URLScan.io has to offer:

HTTP Request data analysis: allowing you to discover how many requests were made, and displaying how many requests were made using the secure HTTPS protocol vs the traditional HTTP.

Inside the HTTP tab you will be able to discover total number of HTTP transactions, and the details for each one of them ordered by Method Protocol, Server Response Status, Resource Path, Size, Time to complete, Mime-Type and IP address and location.

HTTP transactions

Domain interaction: it also shows how many domains the website is interacting with, including social networks and third-party javascript/images/CSS resources.

Website technologies: detect which website technologies are used by the website, perfect to detect CMS like Wordpress, Joomla, Drupal, as well as for popular programming frameworks and CDN networks.

Website technologies

Subdomain detection: detect how many subdomains are being used to serve the information for different sources.

SSL Certificate detection: nowadays having an SSL certificate is very important, and this function will help you to find which SSL certificates are being used, as well as SSL provider, among other details.

IP address detection: is also a useful detail that will help to know where the site is hosted (exact geographic location where the information was served), and what is the ISP behind the IP address.

IP address detection

Link structure: where do this site link to? Find the most important internal and external links for the analyzed page.

Malicious page detection: while it is not an antivirus/antimalware tool, it does integrate pretty well with Google Safe Browsing to alert users from possible malware, cryptojacking, and phishing attacks.

Related Scans: this is a very interesting feature, that allows you to find similar scans by various attributes. For example, for alexa.com, it was able to find out 91 hits for the same domain name, and 119285 hits for the same ASN, as you see below:

Related Scans

IP information: urlscan.io has also the ability to scan all the IP addresses involved in the actual HTTP transaction, showing you the information easily. In our test against alexa.com revealed 17 different IPs in 2 countries, showing up ASN assigned number and PTR records as well:

IP information

Screenshot of actual page: get the latest screenshot from the page at the time of the analysis, see how it looks like right now.

Further lookup: Directly jump to other useful resources that make your life easier:

  • SecurityTrails (Domains & IPs)
  • VirusTotal
  • AbuseIPDB
  • Cymon
Further lookup

The SecurityTrails DNS, Domain and IP lookup will allow you to unveil IP address information — find related domains in no matter of time:

Related domains

This will help you to reveal even more information about certain domains, detecting popular subdomains, neighbors domain names and IP addresses used by the main website.

urlscan.io has become a great tool for security professionals and beginners who are looking for effective ways to investigate website details, as well as to inspect for possible malicious content.

Now it's your turn, in the same way as URLScan.io integrated their security platform with our powerful intelligent toolkit, now you can do the same with your apps... Sign up for a free API account today, or explore any website using our manual scans available at our SecurityTrails web page.

Esteban Borges Blog Author

Esteban is a seasoned cybersecurity specialist, and marketing manager with nearly 20 years of experience. Since joining SecurityTrails in 2017 he’s been our go-to for technical server security and source intelligence info.

Subscribe to the SecurityTrails newsletter
Sign up for our newsletter today!

Get the best cybersec research, news, tools,
and interviews with industry leaders