Detonate URL - Phish.AI

Detonates a URL using the Phish.AI integration.

Dependencies

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks

  • GenericPolling

Integrations

This playbook does not use any integrations.

Scripts

This playbook does not use any scripts.

Commands

  • phish-ai-check-status
  • phish-ai-scan-url

Playbook Inputs


NameDescriptionDefault ValueSourceRequired
URLThe URL to detonate.DataURLOptional
IntervalThe polling frequency. How often the polling command should run (in minutes).1-Optional
TimeoutHow much time to wait before a timeout occurs (in minutes).15-Optional

Playbook Outputs


PathDescriptionType
PhishAI.ScanIDThe Phish.AI scan ID.string
PhishAI.StatusThe scan status.string
PhishAI.URLThe URL address.string
URL.Malicious.VendorThe vendor that made the decision that the URL is malicious.string
URL.Malicious.DescriptionThe reason for the vendor to make the decision that the URL is malicious.string
DBotScore.IndicatorThe indicator that was tested.string
DBotScore.TypeThe type of the indicator.string
DBotScore.VendorThe vendor used to calculate the score.string
DBotScore.ScoreThe actual score.number
IP.AddressThe IP address of the URL.string
IP.Geo.CountryThe geo location of the URL.string
URL.StatusTHe URL's status.string
URL.DataThe URL's address.string

Playbook Image


Detonate_URL_PhishAI