Phishing_analysis__URLScan_io_and_Virustotal_. Uses manualTrigger, slack, splitInBatches, microsoftOutlook. Event-driven trigger; 23 nodes.
This n8n workflow automates the analysis of email messages received in a Microsoft Outlook inbox to identify indicators of compromise (IOCs), specifically suspicious URLs. It can be triggered manually
This workflow monitors SSL certificate logs to find and scan new domains that might be impersonating your brand.
The workflow is designed to scan submitted URLs using urlscan.io and VirusTotal, combine the results into a single structured summary, and send the report via Telegram.
• Webhook → urlscan.io → GPT-4o mini → Gmail • Payload example: • urlscan.io returns a Scan ID and raw JSON. • AI node classifies the scan as malicious / suspicious / benign, assigns a 1-10 risk score
Receive a URL via Webhook, submit it to urlscan.io, wait ~30 seconds for artifacts (e.g., screenshot), then email a clean summary with links to the result page, screenshot, and API JSON. Ingests a URL
6 of 6 workflows in this view · Browse all →
FAQ
How many n8n Urlscanio workflows are in the catalog?
6 n8n workflows in AutomationFlows currently use the Urlscanio integration — triggers, actions, or both.
How do I connect Urlscanio in n8n?
After importing the workflow JSON, n8n will prompt for Urlscanio credentials on the relevant nodes. AutomationFlows strips credential IDs before publishing — you'll add your own.
Can I combine these with other integrations?
Yes — most Urlscanio workflows pair with adjacent tools (Slack alerts, Google Sheets logging, OpenAI summarisation). Browse the integration tags on each workflow page to discover pairings.