threat-detection

Enhance Your Web Security with Real-Time URL Scanning

25 Apr 2025
Enhance Your Web Security with Real-Time URL Scanning

In today’s digital landscape, safeguarding your web applications and users from malicious threats is more critical than ever. The Malicious Scanner service offers a robust solution with its Cognitive Actions designed to assess URLs for potential security risks. By integrating this tool into your applications, you can conduct real-time analyses of URLs to detect harmful content, phishing attempts, and other security concerns. The benefits of employing this service include enhanced security, rapid detection of threats, and peace of mind for both developers and users.

Common use cases for the Malicious Scanner include validating user-submitted URLs, monitoring links within email communications, and securing web applications against potential phishing threats. By utilizing this service, developers can ensure their applications are fortified against malicious activities.

Before you start, ensure you have a valid Cognitive Actions API key and a basic understanding of making API calls to effectively integrate the service into your applications.

Perform Real-Time URL Security Scan

The "Perform Real-Time URL Security Scan" action provides a comprehensive analysis of a given URL to identify any malicious content. This includes identifying spam, gray classification, domain age, and various security flags. By leveraging enterprise-grade scanning technology, this action allows developers to secure their applications against threats like phishing, spam, and other potentially harmful websites, delivering fast, accurate, and reliable results.

Input Requirements

To utilize this action, the input must be a JSON object containing the following required field:

  • url: The URL to be scanned, provided as a string. If not specified, it defaults to https://vryjm.page.link/jS6a.

Example Input:

{
  "url": "https://vryjm.page.link/jS6a"
}

Expected Output

The output from this action will indicate the results of the scan, including:

  • A unique identifier for the scan.
  • The original and redirected URLs.
  • The status of the URL (e.g., Suspicious).
  • Detailed messages about the security assessment, including categories like Phishing, and reasons for any flags raised.
  • Information about the domain age and if it's a new or top domain.

Example Output:

{
  "data": {
    "_id": "66c2041aa0483a893ed74dbb",
    "url": "https://saledelivery.zone/?cp=fmlcqhob",
    "name": "https://vryjm.page.link/jS6a",
    "scan": [],
    "type": "redirect",
    "domain": "vryjm.page.link",
    "status": "Suspicious",
    "message": "A link has been flagged by multiple anti-malware engines.",
    "category": "Phishing",
    "highlight": "<b>Reason</b>: Multi-Engine",
    "domain_age": "2017-02-09T00:00:00.000Z",
    "finishScan": true,
    "is_captcha": false,
    "sub_status": [
      {
        "level": 3,
        "status": "Suspicious",
        "message": "A link has been flagged by multiple anti-malware engines.",
        "category": "Phishing",
        "highlight": "<b>Reason</b>: Multi-Engine",
        "sub_status": "Multi-Engine Links",
        "description": "This metric indicates that a link in the email has been flagged by multiple anti-malware engines."
      }
    ],
    "is_anti_bot": false,
    "malware_type": "PHISHING, MALWARE, SPAM, UNTRUSTED for https://vryjm.page.link/jS6a",
    "original_url": "https://vryjm.page.link/jS6a",
    "redirect_url": "https://saledelivery.zone/?cp=fmlcqhob",
    "is_new_domain": false,
    "is_top_domain": true
  },
  "success": true
}

Use Cases for this Specific Action

This action is particularly useful in scenarios such as:

  • User-Submitted Links: Validate URLs submitted by users in forms or comments to prevent malicious links from being posted.
  • Email Monitoring: Scan links within emails to identify potential phishing attempts before they reach the user.
  • Web Application Security: Implement ongoing checks for URLs used in your application, ensuring they remain safe from evolving threats.

```python
import requests
import json

# Replace with your actual Cognitive Actions API key and endpoint
# Ensure your environment securely handles the API key
COGNITIVE_ACTIONS_API_KEY = "YOUR_COGNITIVE_ACTIONS_API_KEY"
# This endpoint URL is hypothetical and should be documented for users
COGNITIVE_ACTIONS_EXECUTE_URL = "https://api.cognitiveactions.com/actions/execute"

action_id = "0afb90b9-6e60-452a-8a4b-a81f30038db0" # Action ID for: Perform Real-Time URL Security Scan

# Construct the exact input payload based on the action's requirements
# This example uses the predefined example_input for this action:
payload = {
  "url": "https://vryjm.page.link/jS6a"
}

headers = {
    "Authorization": f"Bearer {COGNITIVE_ACTIONS_API_KEY}",
    "Content-Type": "application/json",
    # Add any other required headers for the Cognitive Actions API
}

# Prepare the request body for the hypothetical execution endpoint
request_body = {
    "action_id": action_id,
    "inputs": payload
}

print(f"--- Calling Cognitive Action: {action.name or action_id} ---")
print(f"Endpoint: {COGNITIVE_ACTIONS_EXECUTE_URL}")
print(f"Action ID: {action_id}")
print("Payload being sent:")
print(json.dumps(request_body, indent=2))
print("------------------------------------------------")

try:
    response = requests.post(
        COGNITIVE_ACTIONS_EXECUTE_URL,
        headers=headers,
        json=request_body
    )
    response.raise_for_status() # Raise an exception for bad status codes (4xx or 5xx)

    result = response.json()
    print("Action executed successfully. Result:")
    print(json.dumps(result, indent=2))

except requests.exceptions.RequestException as e:
    print(f"Error executing action {action_id}: {e}")
    if e.response is not None:
        print(f"Response status: {e.response.status_code}")
        try:
            print(f"Response body: {e.response.json()}")
        except json.JSONDecodeError:
            print(f"Response body (non-JSON): {e.response.text}")
    print("------------------------------------------------")



In conclusion, the Malicious Scanner's real-time URL security scanning action empowers developers to proactively identify and mitigate threats within their applications. By integrating this service, you enhance your web security posture, protect your users, and ensure a safer online experience. As the digital threat landscape continues to evolve, leveraging such tools will be crucial for maintaining security and trust in your applications. Consider implementing this action today to fortify your defenses against malicious threats.
← Back to All Articles