URLScanner.onlineurlscanner.online
URLScanner.onlineurlscanner.online
URLScannerurlscanner.online
FileScannerfilescanner.online

urlscan.io's Public Index Alerts the Operator You're Watching.

Investigate any indicator without burning the op — DNS, SSL, WHOIS, headers, AI & screenshots. Private by default. Your queries never leave our servers.

By submitting, you agree to our and .

Try:
Analysis modules
DNSenabled

Resolves A, AAAA, MX, TXT, NS, SOA & CAA records. Maps the full DNS infrastructure of the target and identifies the resolved IP address.

SSLenabled

Inspects the full TLS certificate chain — issuer, expiry, protocol version, cipher suite, HSTS, and OCSP status. Flags expired or misconfigured certificates.

Headersenabled

Fetches the HTTP response and audits security headers: HSTS, Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, and redirect chains.

WHOISenabled

Looks up domain registration data — registrar, creation date, expiry, and domain age. Newly registered domains are flagged as higher risk.

Threatsenabled

Queries URLhaus, Spamhaus, SURBL DNS blocklists, and Google Safe Browsing to detect known malware, phishing pages, and blacklisted IPs.

Screenshotsenabled

Captures the live page at desktop, mobile, and full-page viewports using a sandboxed headless browser — so you see the site without visiting it.

Techenabled

Fingerprints the technology stack from response headers and HTML — CMS, frameworks, CDN, analytics, and server software. Requires HTTP Headers.

YARAenabled

Scans the page HTML and all linked JavaScript files against 20+ YARA-style security rules — detecting obfuscated eval, crypto miners, Magecart skimmers, keyloggers, and more. Requires HTTP Headers.

AIenabled

Runs an AI-powered analysis combining all scan evidence with knowledge of the domain's reputation to produce a risk summary and actionable recommendations.

Search Resultsenabled

Searches the web for news, reports, and community mentions about the domain. An AI then synthesizes the findings into a reputation verdict.

Why switch

URLScanner.online vs urlscan.io

urlscan.io is excellent for DOM and request analysis — but every free-tier scan you submit is publicly indexed and searchable by anyone. URLScanner.online gives you deep technical analysis with zero public exposure.

The core difference: When you submit a sensitive URL to urlscan.io on the free tier, that scan is publicly indexed. Attackers can monitor urlscan.io for their own domains being investigated. On URLScanner.online, your submissions are never stored publicly, never indexed, and never shared.

Feature
URLScanner.online
urlscan.io
Scans private by defaultKey
Always private — never indexed
Public by default on free tier
Submissions searchable by othersKey
No — never searchable
Yes — free scans are in the public index
No account required
3 scans/day free (1 without account)
Account needed for private scans
DNS record analysis
Full: A, AAAA, MX, TXT, NS, SOA, CAA
Limited DNS context
SSL / TLS inspection
Full chain, protocol, ciphers, expiry
Basic certificate info
HTTP security header analysis
HSTS, CSP, X-Frame-Options & more
Not available
WHOIS & domain age
Full WHOIS + registrar + domain age
Not available
AI security analysis
AI-powered threat summary
Not available
Page screenshots
Desktop, mobile & full-page viewports
Single screenshot
Redirect chain analysis
Full redirect path tracked
Available
DOM / JS behavior analysis
Not available
Deep DOM and script analysis

Feature comparison based on urlscan.io's publicly documented free-tier behavior as of 2026. urlscan.io is an independent service not affiliated with URLScanner.online.

How it works

Scan any URL for threats in seconds

Our free online URL scanner checks links against multiple threat databases and performs deep security analysis — results in under 15 seconds.

01

Enter any URL, domain or IP

Paste the link you want to check into the scanner. We accept full URLs, bare domains, and IP addresses. Our URL scanner validates and normalizes the input automatically.

02

Real-time security analysis

The scanner runs 8 parallel security checks: DNS resolution, SSL certificate analysis, HTTP header inspection, WHOIS lookup, threat intelligence queries against malware and phishing databases, and multi-viewport screenshots.

03

Get your detailed security report

Receive a comprehensive report with a safety score from 0-100, a clear threat verdict, and full breakdown of every security check. Know instantly whether a link is safe, suspicious, or malicious.

Pricing

Start free.
Scale without getting ripped off.

Every paid plan includes both URLScanner and FileScanner. No contracts. Cancel any time.

Any paid plan gives you access to both tools — filescanner.online included, shared quota, no extra charge.

Free

No card. No install. Just start.

€0forever
  • 3 scans/day — both toolsunified pool
  • Browser extension
  • PDF scan reports
  • API access
  • Team seats
Pay Per Use

Scan when you need it. No subscription.

€5one-time
€0.02 per scan
  • 250 scan creditsnever expire
  • PDF scan reports
  • API access
  • Browser extension
  • Team seats
Best value
Solo

The solo analyst's daily driver.

€29€11/ month

first month — then €29/mo

€18 off first month
  • 100 scans/dayshared pool
  • PDF scan reports
  • API access
  • Browser extension
  • Team seats
Team

5 Solo seats for less than the price of 4.

€99/ month
€145 if bought separately32% off
  • 500 scans/dayshared pool
  • 5 seats€145 standalone
  • PDF scan reports
  • API access
  • Browser extension
  • Slack/Discord bot alerts
Business

The full stack for teams who can't afford an incident.

€299/ month
€580 if bought separately48% off
  • 2000 scans/dayshared pool
  • 20 seats€580 standalone
  • PDF scan reports
  • API access
  • Browser extension
  • Slack/Discord bot alerts
  • Onboarding call
Included
Free
Pay Per Use
Solo
Team
Business
Scans
3/day
250 credits
100/day
500/day
2k/day
Seats
1
1
1
5
20
Security modules
All
All
All
All
All
Browser extension
PDF export
API access
Slack/Discord alerts
To replace Aprensec Solo, you'd pay $8,000+/year

URL scanning

VirusTotal free500 calls/day · results public · no commercial use
€0
VirusTotal Liteminimum · annual contract
$5,000/yr
urlscan.io Automatefor private automated scans
$5,000/yr

File analysis

ANY.RUN Communityevery sample you upload is public
€0
ANY.RUN Hunter≈$3,600/yr · private · one analyst
$299/mo
VirusTotal file APILite · no sandbox detonation
$5,000/yr
$8,000–$10,000/year for both tools
Aprensec Solo€348/year · both tools included · private · no contract
7-day money-back guarantee on all paid plans. No questions asked.

Need white-glove onboarding, unlimited API, or custom SLA? Contact us →

URL Scanning Tools

Comprehensive URL security scanning

Our URL scanner combines multiple security checks into one fast, free scan — from malware detection to SSL analysis.

URLs scanned

<15s

Avg scan time

Malware & Virus Detection

Scan URLs against URLhaus, Spamhaus, SURBL, and Google Safe Browsing databases. Detect malware, viruses, and known threat indicators in real time.

SSL Certificate Analysis

Full certificate chain inspection, TLS protocol version checks, HSTS validation, cipher suite analysis, and certificate expiry monitoring.

DNS Record Lookup

Complete DNS enumeration — A, AAAA, MX, TXT, NS, SOA, and CAA records. Identify the full DNS infrastructure behind any domain.

Phishing Detection

Multi-layered phishing analysis using DNS blocklists, domain age checking, SSL validation, and threat intelligence to identify fraudulent websites.

WHOIS Domain Lookup

Domain registration data including registrar, creation date, domain age, and expiry. Young domains are flagged as higher risk for cyber security threats.

Website Safety Score

Weighted security score from 0-100 based on SSL, headers, threats, and domain age. Clear verdict: safe, suspicious, or malicious.

HTTP Header Inspection

Evaluate critical security headers — HSTS, Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, and CORS configuration.

Website Screenshots

Safe visual capture at desktop, tablet, and mobile viewports. Preview any website without visiting it directly — see what the page looks like before you click.

Instant Free Scans

Most scans complete in under 15 seconds. Free scans with no account required. Real-time terminal output shows every step of the analysis as it happens.

FAQ

Frequently asked questions about URL scanning

Everything you need to know about scanning URLs for malware, phishing, and cyber security threats.

A URL scanner is an online security tool that analyzes websites and links for potential threats. URLScanner.online performs 8 different security checks on any URL, domain, or IP address — including DNS resolution, SSL certificate analysis, HTTP security header inspection, WHOIS domain registration lookup, threat intelligence queries, and multi-viewport screenshots. All scans are performed server-side so your device is never exposed to potentially malicious content.

Simply paste the URL into the search bar above and click Scan. URLScanner.online will automatically check the URL against multiple malware databases including URLhaus, Spamhaus DNS blocklists, SURBL, and Google Safe Browsing. You'll receive a detailed security report with a safety score out of 100 and a clear verdict within seconds.

Yes, URLScanner.online is free. Guests get 1 scan without signing up; free accounts get 3 scans per day. Each scan includes full threat detection, SSL certificate analysis, DNS records, HTTP header inspection, WHOIS data, technology detection, and multi-device screenshots.

Yes. The scanner uses multiple layers of phishing detection: DNS blocklist queries (Spamhaus, SURBL), Google Safe Browsing transparency reports, URLhaus malware database lookups, SSL certificate validation, domain age analysis via WHOIS, and HTTP security header inspection. Newly registered domains with missing security headers and blocklist matches are flagged as potential phishing sites.

Absolutely. All URL scanning is performed on our servers — your browser never connects to the target URL directly. We use isolated headless browsers with sandboxed environments and secure DNS resolution. You can safely scan any suspicious link without exposing your device, network, or personal information to potential threats.

URLScanner.online runs 8 security modules: (1) DNS Resolution — A, AAAA, MX, TXT, NS, SOA, CAA records, (2) SSL/TLS Certificate Analysis — certificate chain, protocol version, cipher suites, expiry, (3) HTTP Security Headers — HSTS, CSP, X-Frame-Options, X-Content-Type-Options, CORS, (4) WHOIS Lookup — domain registration, registrar, creation date, domain age, (5) Threat Detection — URLhaus, Spamhaus, SURBL, Google Safe Browsing, (6) Visual Capture — screenshots at desktop, tablet, and mobile viewports, (7) Security Scoring — weighted score from 0-100, (8) Verdict Classification — safe, suspicious, or malicious.

URLScanner.online combines multiple scanning engines into a single real-time analysis. Unlike basic link checkers that only query one database, we run parallel checks across DNS, SSL, HTTP headers, WHOIS, and multiple threat intelligence sources simultaneously. You get a comprehensive security report with a clear safety score — not just a pass/fail result. The real-time terminal output shows every step of the analysis as it happens.

The URL scanner detects malware distribution sites, phishing pages, domains on DNS blocklists (Spamhaus, SURBL), URLs flagged by Google Safe Browsing, sites with invalid or expired SSL certificates, domains using outdated TLS protocols, websites missing critical security headers (HSTS, CSP), newly registered domains commonly used in attacks, and suspicious redirect chains.