Sign in to your Google Cloud account. If you're new to
Google Cloud,
create an account to evaluate how our products perform in
real-world scenarios. New customers also get $300 in free credits to
run, test, and deploy workloads.
In the Google Cloud console, on the project selector page,
select or create a Google Cloud project.
No menu de navegação do console Google Cloud , clique em APIs e Serviços > Credenciais.
Na página Credenciais, clique em addCriar credenciais e selecione Chave de API.
Na caixa de diálogo Chave de API criada, clique em
content_copyCopiar chave para copiar a chave. Feche a caixa de diálogo e proteja a chave que você copiou para uso posterior.
Configure seu ambiente:
No console do Google Cloud , clique em Ativar o Cloud Shell para abrir uma janela do terminal.
O terminal do Cloud Shell pode levar vários segundos para ser totalmente carregado.
Exporte a chave de API que você copiou.
exportAPIKEY=API_KEY
Instalar e executar o app Web Risk de amostra
O app Web Risk tem os seguintes binários para detectar
se os URLs são maliciosos ou seguros:
Servidor wrserver: este binário executa o
proxy de pesquisa da API Web Risk, que permite verificar URLs.
Este guia de início rápido mostra como detectar se os URLs são maliciosos ou seguros usando os binários de servidor
wrserver e de linha de comando wrlookup.
Verificar URLs usando o binário de servidor wrserver
Quando você vir a mensagem Start server at localhost:8080, o wrserver é iniciado em localhost:8080.
Para visualizar o aplicativo no host local, clique em Visualização na Web
e selecione Visualizar na porta 8080.
O Cloud Shell abre o URL de visualização (porta 8080) no serviço de proxy em uma nova janela do navegador.
A janela do navegador do URL de visualização mostra uma mensagem 404 página não encontrada.
Na janela do URL de visualização, verifique os URLs a seguir.
Para verificar um URL, substitua a string de consulta que fica depois do URL de visualização do servidor local pelo
URL que você quer verificar no seguinte formato: PREVIEW_URL/r?url=URL_TO_BE_CHECKED.
Se o URL não for seguro, uma página de aviso intersticial será exibida conforme recomendado pelo Web Risk.
Se o URL for seguro, o cliente será redirecionado automaticamente para o destino.
[[["Fácil de entender","easyToUnderstand","thumb-up"],["Meu problema foi resolvido","solvedMyProblem","thumb-up"],["Outro","otherUp","thumb-up"]],[["Difícil de entender","hardToUnderstand","thumb-down"],["Informações incorretas ou exemplo de código","incorrectInformationOrSampleCode","thumb-down"],["Não contém as informações/amostras de que eu preciso","missingTheInformationSamplesINeed","thumb-down"],["Problema na tradução","translationIssue","thumb-down"],["Outro","otherDown","thumb-down"]],["Última atualização 2025-09-03 UTC."],[],[],null,["# Run the sample Web Risk app\n===========================\n\nLearn how to install the sample Web Risk Go app from\nGitHub and how to run the sample app to detect malicious URLs in a Go environment.\n\n*** ** * ** ***\n\nTo follow step-by-step guidance for this task directly in the\nGoogle Cloud console, click **Guide me**:\n\n[Guide me](https://console.cloud.google.com/freetrial?redirectPath=/?walkthrough_id=https://cloud-dot-devsite-v2-prod.appspot.com/walkthroughs/web-risk/webrisk_sample_quickstart)\n\n*** ** * ** ***\n\nBefore you begin\n----------------\n\n- Sign in to your Google Cloud account. If you're new to Google Cloud, [create an account](https://console.cloud.google.com/freetrial) to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.\n- In the Google Cloud console, on the project selector page,\n select or create a Google Cloud project.\n\n | **Note**: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.\n\n [Go to project selector](https://console.cloud.google.com/projectselector2/home/dashboard)\n-\n [Verify that billing is enabled for your Google Cloud project](/billing/docs/how-to/verify-billing-enabled#confirm_billing_is_enabled_on_a_project).\n\n-\n\n\n Enable the Web Risk API.\n\n\n [Enable the API](https://console.cloud.google.com/flows/enableapi?apiid=webrisk.googleapis.com)\n\n- In the Google Cloud console, on the project selector page,\n select or create a Google Cloud project.\n\n | **Note**: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.\n\n [Go to project selector](https://console.cloud.google.com/projectselector2/home/dashboard)\n-\n [Verify that billing is enabled for your Google Cloud project](/billing/docs/how-to/verify-billing-enabled#confirm_billing_is_enabled_on_a_project).\n\n-\n\n\n Enable the Web Risk API.\n\n\n [Enable the API](https://console.cloud.google.com/flows/enableapi?apiid=webrisk.googleapis.com)\n\n1. Create a new API key for authentication:\n 1. In the Google Cloud console navigation menu, click **APIs \\& Services \\\u003e Credentials**.\n 2. On the **Credentials** page, click **addCreate credentials** and then select **API key**.\n 3. In the **API key created** dialog, to copy the key, click content_copy **Copy key**. Close the dialog and secure the key that you copied for later use.\n2. Set up your environment:\n 1. \u003cbr /\u003e\n\n\n In the Google Cloud console, click **Activate Cloud Shell** to open a terminal window.\n\n \u003cbr /\u003e\n\n The Cloud Shell terminal can take several seconds to fully load.\n 2. Export the API key that you copied. \n\n ```bash\n export APIKEY=API_KEY\n ```\n\nInstall and run the sample Web Risk app\n---------------------------------------\n\nThe sample Web Risk app has the following binaries to detect\nwhether the URLs are malicious or safe:\n\n\u003cbr /\u003e\n\n- [**`wrserver`** server](https://github.com/google/webrisk/tree/master/cmd/wrserver): This binary runs the Web Risk API lookup proxy that lets you check URLs.\n- [**`wrlookup`** command-line](https://github.com/google/webrisk/tree/master/cmd/wrlookup): This binary filters unsafe URLs piped through STDIN.\n\n\u003cbr /\u003e\n\nThis quickstart document shows how to detect whether the URLs are malicious or safe by using the\n**`wrserver`** server and **`wrlookup`** command-line binaries.\n\n### Check URLs using the `wrserver` server binary\n\n1. In the Cloud Shell terminal, install `wrserver`: \n\n ```bash\n go install github.com/google/webrisk/cmd/wrserver@latest\n ```\n2. Run `wrserver` with your API key: \n\n ```bash\n wrserver -apikey=$APIKEY\n ```\n\n When you see the *Starting server at localhost:8080* message, `wrserver` is started at `localhost:8080`.\n3. To preview the application on the localhost, click **Web Preview** and then select **Preview on port 8080** . \n\n Cloud Shell opens the preview URL (port 8080) on its proxy service in a new browser window.\n The preview URL browser window shows a **404 page not found** message.\n4. In the preview URL window, check the following URLs. To check a URL, replace the query string after the preview URL of the local server with the URL you want to check in the following format: \u003cvar translate=\"no\"\u003ePREVIEW_URL\u003c/var\u003e`/r?url=`\u003cvar translate=\"no\"\u003eURL_TO_BE_CHECKED\u003c/var\u003e.\n\n If the URL is unsafe, an interstitial warning page is shown as recommended by Web Risk.\n If the URL is safe, the client is automatically redirected to the target.\n\n A fake malware URL: \n\n ```bash\n http://testsafebrowsing.appspot.com/apiv4/ANY_PLATFORM/MALWARE/URL/\n ```\n\n A safe URL: \n\n ```bash\n http://www.google.com/\n ```\n5. To stop the server, press `Control+C`.\n\nYou have successfully verified the URLs by using the `wrserver` server binary.\n\n### Check URLs using the `wrlookup` command-line binary\n\n1. In the Cloud Shell terminal, install the `wrlookup` command-line binary: \n\n ```bash\n go install github.com/google/webrisk/cmd/wrlookup@latest\n ```\n2. Check the URLs with your API key. A fake malware URL:\n\n ```bash\n echo \"http://testsafebrowsing.appspot.com/apiv4/ANY_PLATFORM/MALWARE/URL/\" | wrlookup -apikey=$APIKEY\n ```\n\n The following output is an abbreviated output for a malware URL: \n\n ```\n ......\n Unsafe URL: [MALWARE]\n ```\n\n A safe URL: \n\n ```bash\n echo \"http://www.google.com/\" | wrlookup -apikey=$APIKEY\n ```\n\n The following output is an abbreviated output for a safe URL: \n\n ```\n ......\n Safe URL: http://google.com\n ```\n\nYou have successfully verified the URLs by using the `wrlookup` command-line binary.\n\n\u003cbr /\u003e\n\nClean up\n--------\n\n\nTo avoid incurring charges to your Google Cloud account for\nthe resources used on this page, follow these steps.\n\nKeep the following things in mind when deleting a project:\n\n- Deleting a project deletes all the resources in the project.\n- You cannot reuse the custom project ID of a deleted project.\n\nIf you plan to explore multiple tutorials and quickstarts, reusing projects can\nhelp you avoid exceeding project quota limits.\n\nTo delete your project, do the following:\n\n1. In the Google Cloud console navigation menu, click **IAM \\& Admin \\\u003e Settings** .\n\n [Go to Settings](https://console.cloud.google.com/iam-admin/settings)\n2. Confirm that the project name is the name of the project you want to delete. If it isn't, choose the project you want to delete from the\n **Project selector**.\n\n3. Click **Shut down**.\n4. In the dialog, type the project ID, then click **Shut down** to delete the project.\n\nWhat's next\n-----------\n\n- Learn more about [Web Risk](/web-risk/docs/overview).\n- Learn more about the Web Risk app on the [Web Risk GitHub project](https://github.com/google/webrisk)."]]