URLVoid
Integration version: 11.0
Configure URLVoid to work with Google Security Operations SOAR
API
For configuring URLVoid to work with Google Security Operations SOAR, the process is the same as for APIVoid.
To obtain your personal API Key, please sign in to your APIVoid account.
Click on the one of the two My API Keys buttons to get to the page where is your API key stored.
Once you get to the page with relevant key, click the copy button to copy your key to the clipboard, which will be later used in this integration configuration with Google Security Operations SOAR.
Network
| Function | Default Port | Direction | Protocol |
|---|---|---|---|
| API | Multivalues | Outbound | apikey |
Configure URLVoid integration in Google Security Operations SOAR
For detailed instructions on how to configure an integration in Google Security Operations SOAR, see Configure integrations.
Actions
Get domain reputation
Description
Check if a domain is blacklisted by a popular and trusted domain blacklist services. The multiple domain blacklist services are used in order to better identify potentially malicious and fraudulent websites involved in malware distribution, phishing incidents, and fake online shops.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
| Threshold | String | 0 | Domain risk threshold. |
Run On
This action runs on the following entities:
- Hostname
- URL
Action Results
Entity Enrichment
| Enrichment Field Name | Logic - When to apply |
|---|---|
| alexa_top_100k | Returns if it exists in JSON result |
| domain_length | Returns if it exists in JSON result |
| alexa_top_10k | Returns if it exists in JSON result |
| blacklists | Returns if it exists in JSON result |
| scantime | Returns if it exists in JSON result |
| detection_rate | Returns if it exists in JSON result |
| detections | Returns if it exists in JSON result |
| engines_count | Returns if it exists in JSON result |
| engines | Returns if it exists in JSON result |
| engine | Returns if it exists in JSON result |
| detected | Returns if it exists in JSON result |
| confidence | Returns if it exists in JSON result |
| reference | Returns if it exists in JSON result |
| region_name | Returns if it exists in JSON result |
| reverse_dns | Returns if it exists in JSON result |
| ip | Returns if it exists in JSON result |
| isp | Returns if it exists in JSON result |
| continent_code | Returns if it exists in JSON result |
| latitude | Returns if it exists in JSON result |
| city_name | Returns if it exists in JSON result |
| longitude | Returns if it exists in JSON result |
| country_code | Returns if it exists in JSON result |
| country_name | Returns if it exists in JSON result |
| continent_name | Returns if it exists in JSON result |
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| success | True/False | success:False |
JSON Result
[
{
"EntityResult": {
"alexa_top_100k": false,
"domain_length": 17,
"alexa_top_10k": false,
"blacklists": {
"scantime": "0.07",
"detection_rate": "0%",
"detections": 0,
"engines_count": 29,
"engines":
[
{
"engine": "ThreatLog",
"detected": false,
"confidence": "high",
"reference": "http://www.threatlog.com/"
}, {
"engine": "Threat Sourcing",
"detected": false,
"confidence": "high",
"reference":"https://www.threatsourcing.com/"
}, {
"engine": "URLVir",
"detected": false,
"confidence": "high",
"reference": "http://www.urlvir.com/"
}
]
},
"server":
{
"region_name": null,
"reverse_dns": "",
"ip": "",
"isp": null,
"continent_code": null,
"latitude": null,
"city_name": null,
"longitude": null,
"country_code": null,
"country_name": null,
"continent_name": null
},
"host": "qotaerltozres.com",
"most_abused_tld": false,
"alexa_top_250k": false
},
"Entity": "qotaerltozres.com"
},
"Entity": "1.1.1.1"
}
]
Ping
Description
Test Connectivity.
Parameters
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| success | True/False | success:False |
JSON Result
N/A