if query_params
            vulns.concat(
              case query_params
              when true
                scan_query_params(url, http: http, **kwargs,&block)