Skip to main content
All CollectionsTemplatesBasic
URLScan URL Enrichment with Cache - Workflow Template
URLScan URL Enrichment with Cache - Workflow Template

Receive a URL to analyze with URLScan and provide a summary of the URL with malicious, phishing, score and screenshot details if available.

Updated over a week ago

This Torq workflow template, "URLScan URL Enrichment with Cache," automates the process of analyzing URLs for threat intelligence purposes. It receives a URL from a parent workflow and utilizes URLScan to check for existing scans or to initiate a new scan. The results provide detailed insights, including indications if the URL is identified as malicious or a phishing attempt, along with a URLScan score. If available, the workflow also procures a screenshot of the URL. The intelligence gathered can be cached for efficiency, ensuring that repeated queries for the same URL are expedited. This workflow is ideal for cyber security teams looking to enhance their threat analysis capabilities efficiently.

Take Me to the Template

Use Cases

Threat Intelligence Enrichment

Workflow Breakdown

  1. Receive a URL from the parent workflow along with the required integrations

  2. Escape the URL and search URLScan for a recent scan. If no results are found submit the URL.

  3. Collect the results from the scan or search

  4. Provide the details on the observable if it was found to be malicious, phishing, and the URLScan score. Provide a screenshot URL if available.

Vendors

Utils, urlscan.io, Torq

Workflow Output

Summary of the URLScan output

Related Articles
AlienVault URL Enrichment with Cache - Workflow Template
VirusTotal Domain Enrichment with Cache - Workflow Template
Recorded Future - URL Enrichment with Cache - Workflow Template
VirusTotal URL Enrichment with Cache - Workflow Template
Scan URLs with URLScan and Provide a Summary - Workflow Template
Did this answer your question?