Execute a Live Scan

Updated
  • Updated on Sep 3, 2025
  • Published on Aug 8, 2025
  • 2 minute(s) read
Prev Next

Live Scan enables you to analyze public or dark web URLs in real-time, capturing data such as screenshots, content hashes, headers, redirects, and SSL information. This article guides you through executing three types of Live Scans: Simple, Advanced, and Dark Web. Each type varies in URL input or customization options, but all produce similar data outputs for further analysis.

Simple Live Scan

A Simple Live Scan analyzes a public URL using your local specifications (e.g., region, browser type) as default parameters.

  1. From the main menu, enter a public URL (e.g., https://www.example.com) in the search box.

  2. Click Live Scan, or navigate to Web Data > Live Scan and enter the URL.

  3. View results, including a live screenshot of the URL, displayed below the URL box.

For guidance on analyzing scan results, see Work with Live Scan Data. To view past scans, see View Historical Scan Results.

Advanced Live Scan

An Advanced Live Scan analyzes a public URL with customizable emulation options to simulate different viewer parameters (e.g., region, platform, operating system, browser).Steps:

  1. From the left navigation menu, select Web Data > Live Scan > Advanced Scan.

  2. Enter a public URL (e.g., https://www.example.com).

  3. Select emulation options:

    1. Region: US, EU, or AS.

    2. Platform: Desktop, Mobile, or Crawler.

    3. Operating System: Windows, Linux, macOS, iOS, or Android.

    4. Browser: Firefox, Chrome, Edge, or Safari.

  4. Click Scan.

  5. View results, including a live screenshot, displayed below the URL box.

Advanced scans reflect the chosen parameters, allowing you to see how a URL appears under different conditions. For guidance on analyzing scan results, see Work with Live Scan Data.

Dark Web Scan

A Dark Web Scan analyzes a .onion URL (dark web) using your local specifications as default parameters.

  1. From the left navigation menu, select Web Data > Live Scan > Dark Web Scan.

  2. Enter a .onion URL (e.g., http://example.onion).

  3. View results, including a live screenshot of the URL, displayed below the URL box.

Dark Web Scans require a valid .onion URL. For guidance on analyzing scan results, see Work with Live Scan Data.

Spoof detection example

  • Start with a legitimate domain (e.g., irs.gov) via Web Scanner.

  • Expand results, add favicon_md5_hash = [IRS_hash] and ssl.subject_common_name != "UST" (legit issuer), then set domain != "irs.gov".

  • Run the query, copy a suspicious URL (e.g., a Let’s Encrypt site), and paste it into Live Scan.

  • See a screenshot of a fraud page and enrich its IP/domain data.

View Scan Results

After executing a Simple, Advanced, or Dark Web scan, results are displayed below the URL box, including:

  • A live screenshot of the URL.

  • Key data points like content hashes, headers, redirects, and SSL information.

To explore historical data for the scanned URL, click the Scan History button below.