A sandbox for the web

urlscan.io is a free service to scan and analyse websites. When a URL is submitted to urlscan.io, an automated process will browse to the URL like a regular user and record the activity that this page navigation creates. This includes the domains and IPs contacted, the resources (JavaScript, CSS, etc) requested from those domains, as well as additional information about the page itself. urlscan.io will take a screenshot of the page, record the DOM content, JavaScript global variables, cookies created by the page, and a myriad of other observations. If the site is targeting the users one of the more than 900 brands tracked by urlscan.io, it will be highlighted as potentially malicious in the scan results.

urlscan.io itself is a free service, but we also offer commercial products for heavy users and organisations that need additional insight.

Our Mission

Our mission is to allow anyone to easily and confidently analyse unknown and potentially malicious websites. We realised early on that even for battle-hardened web developers and security researchers its a frustrating experience to record page interactions and additional metadata from websites, on the off chance of finding the needle in the haystack. Even worse, a single observation is often meaningless without the necessary context. Is this domain something that websites usually load third-party JavaScript from? Are any other reputable websites talking to this weird IP address on the Cayman Islands?

We created urlscan.io in late 2016 to solve these problems. Our focus has always been to break down the vast amount of data from a website page navigation into digestible chunks. We're analyst-first, we always strive to understand and anticipate the pieces of information that would be helpful during an investigation and the attributes that allow pivoting. Just like you would use a malware sandbox to analyse suspicious files, you can use urlscan.io to do the same thing but with URLs.

Johannes Gilger
CEO & Founder

Johannes has been working in InfoSec since 2011. He spent the last six years in the CrowdStrike Threat Intelligence team. In late 2016 he created urlscan.io.

Corporate Sponsors

Thanks to our corporate sponsors for helping us keep the community service up and running!

  • (a Recorded Future company) - Security Data and APIs
    We Offer Paid API and Data Services for Top Security Companies. Tap into a treasure-trove of cyber security gold and get the info you can’t find anywhere else.
  • - Security Automation and Orchestration (SOAR) Platform
    The Tines security automation platform helps the world's leading security teams automate any manual task. Making them more effective and efficient.
  • - Automated Malware Analysis - Joe Sandbox
    Analyse Malware in a Depth Previously Not Possible. Unleash the power of deep malware analysis to your CERT, CIRT, SOC or IR team! Fully automated or manual.
  • - Sandbox for High-Volume Automated Malware Analysis
    Hatching Triage is our state-of-the-art malware analysis sandbox designed for cross-platform support (Windows, Android, Linux, and macOS), high-volume malware analysis capabilities, and malware configuration extraction for dozens of malware families.
  • - Cyber Threat Management | Digital Risk Protection
    CTM360® is a Cyber Security subscription service offering 24 x 7 x 365 Cyber Threat Management for detecting and responding to cyber threats. CTM360 specializes in offensive defense and strives to strengthen a subscribed member’s security posture by making them a harder target in cyberspace.
  • - Managed Detection, Threat Correlation & Incident Response services.
    Expert Threat Hunting 24 hrs a day, 7 days a week, 365 days a year.
    Your brand deserves more than just Managed Detection & Response.
  • - Cybersecurity Threat Intelligence Platform & Solutions
    Experience next-level cybersecurity with our unified platform – the pinnacle of AI-powered threat management. Detect, analyze, and neutralize cyber threats seamlessly. Empower your organization with unmatched efficiency in identifying and countering a spectrum of cyber risks. Elevate your defense strategy with the future of cybersecurity.
  • - The essential penetration testing tools
    Instantly available setup for vulnerability assessment & penetration testing. Run a full pentest from anywhere with 20+ tools & features that go from recon to reporting. We don't replace pentesters - we develop custom tools, detection & exploitation modules to give them back some time to dig deeper, pop shells, and have fun.
  • - IP Address API and Data Solutions
    We're the trusted source for IP address data, handling 12 billion API requests per month for over 1,000 businesses and 100,000+ developers.

External Projects

These projects utilize urlscan.io:

  • Phish.ly - Analyze suspicious emails with Tines & urlscan

Media Coverage

urlscan.io was covered by these posts, articles and screencasts:

  • Backblaze Case Study - Threat Analysis Firm Taps Backblaze in the Fight Against Cybercrime (December 15, 2022)
  • Tines Podcast - Future of Security Operations - How automation can free up resources and streamline security investigation (May 10, 2022)
  • Tines Webinar - Box, urlscan, Tines: URL analysis & phishing automation (February 24, 2022)
  • Heise Newsticker - Sony bestätigt PS5-Betrug durch Fake-Shop "playstation-sony.eu" (April 9, 2021)
  • Heise Magazine - Website-Inspektor (February 1, 2021)
  • Reuters - 'Mercenary' hacker group runs rampant in Middle East, cybersecurity research shows (October 7, 2020)
  • securitytrails.com Blog - It's never been easier to make a great product: A chat with Johannes Gilger from urlscan.io (May 2, 2019)
  • tines.io - Automating abuse inbox management and phishing response (July 27, 2018)
  • The Daily Beast - Russian Hackers’ New Target: a Vulnerable Democratic Senator (July 26, 2018)
  • securitytrails.com Blog - URLScan.io: the best way to scan any website (July 16, 2018)

Reports referencing urlscan.io

These are industry reports that leverage urlscan.io or its data in some way.

Similar services & software

urlscan.io is not the only service that can be used to browse and analyse a website. These are some similar services, some provided invaluable inspiration for this very service!

Lists of similar & related services


  • urlquery.net - Scans sites and looks up domains/IPs on various blacklists. This service inspired us to build urscan.io.
  • keycdn speed test - Website speed test, employs similar techniques and inspired some features on this site
  • WebPagetest - Exhaustive speed-testing service with different locations, browser and options
  • pingdom Website speed test
  • Trackography - Find out who is tracking you when you are reading your favourite news online.
  • Web Cookies Scanner - HTTP cookies, Flash, HTML5 localStorage, sessionStorage, CANVAS, supercookies, evercookies as well as SSL/TLS and HTTP security
  • Hardenize - Helping you deploy the latest security standards
  • Browserless - A headless browser in the cloud


  • browserless - Chrome as a service in docker. Run on our cloud, or bring your own.
  • Puppeteer - Headless Chrome Node API, maintained by the Google Chrome Team
  • Lighthouse - analyzes web apps and web pages, collecting modern performance metrics and insights on developer best practices.
  • Awesome chrome-devtools - Awesome tooling and resources in the Chrome DevTools ecosystem



urlscan.io is not affiliated with any of the services we link to on our results pages. Linking to any site does not constitute an endorsement or guarantee of fitness of the data.