reversinglabs · MislavReversingLabs · Apr 28, 2025 · Apr 28, 2025 · Apr 28, 2025 · Apr 28, 2025
diff --git a/..._Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/ReversingLabsTitaniumCloudv2.py b/..._Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/ReversingLabsTitaniumCloudv2.py
@@ -30,7 +30,7 @@
     YARARetroHunting,
 )
 
-VERSION = get_pack_version() or "v2.7.0"
+VERSION = f"v{get_pack_version()}" or "v2.7.0"
 USER_AGENT = f"ReversingLabs XSOAR TitaniumCloud {VERSION}"
 
 TICLOUD_URL = demisto.params().get("base")

diff --git a/...nium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/ReversingLabsTitaniumCloudv2_test.py b/...nium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/ReversingLabsTitaniumCloudv2_test.py
@@ -41,7 +41,13 @@
     yara_retro_actions_output,
     yara_retro_matches_feed_output,
     yara_ruleset_output,
+    ip_command,
+    file_command,
+    domain_command,
+    url_command
 )
+from ReversingLabs.SDK.helper import WrongInputError
+
 
 INTEGRATION_NAME = "ReversingLabs TitaniumCloud v2"
 test_hash = "21841b32c6165b27dddbd4d6eb3a672defe54271"
@@ -400,3 +406,23 @@ def test_customer_data_output():
     result = customer_usage_data_output(data_type="MONTHLY USAGE", whole_company=False, response_json=report)
 
     assert result.to_context().get("Contents").get("customer_usage_data").get("rl").get("month") == "2024-06"
+
+
+def test_ip_command():
+    with pytest.raises(WrongInputError):
+        ip_command()
+
+
+def test_domain_command():
+    with pytest.raises(WrongInputError):
+        domain_command()
+
+
+def test_url_command():
+    with pytest.raises(WrongInputError):
+        url_command()
+
+
+def test_file_command():
+    with pytest.raises(WrongInputError):
+        file_command()
diff --git a/...abs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/domain_report.json b/...abs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/domain_report.json
@@ -1 +1 @@
-{"rl": {"last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}], "last_dns_records_time": "2023-08-25T09:34:16", "third_party_reputations": {"sources": [{"detection": "undetected", "source": "phishing_database", "update_time": "2023-11-06T02:25:55"}, {"detection": "undetected", "source": "0xSI_f33d", "update_time": "2023-11-06T06:22:03"}, {"detection": "undetected", "source": "cyradar", "update_time": "2023-11-06T08:15:05"}, {"detection": "malicious", "source": "adminus_labs", "update_time": "2023-11-06T13:53:59", "detect_time": "2023-10-22T21:13:34"}, {"detection": "undetected", "source": "apwg", "update_time": "2023-11-02T17:30:36"}, {"detection": "undetected", "source": "netstar", "update_time": "2023-11-06T13:13:59"}, {"detection": "undetected", "source": "threatfox_abuse_ch", "update_time": "2023-11-06T08:20:49"}, {"detection": "undetected", "source": "botvrij", "update_time": "2023-11-06T02:26:03"}, {"detection": "undetected", "source": "alphamountain", "update_time": "2023-11-06T12:59:58"}, {"detection": "undetected", "source": "comodo_valkyrie", "update_time": "2023-11-06T05:53:24"}, {"detection": "undetected", "source": "web_security_guard", "update_time": "2022-01-21T06:56:15"}, {"detection": "undetected", "source": "osint", "update_time": "2023-11-06T01:30:13"}, {"detection": "malicious", "source": "crdf", "update_time": "2023-11-06T08:34:19", "detect_time": "2023-10-23T03:27:25"}], "statistics": {"total": 13, "malicious": 2, "undetected": 11, "clean": 0}}, "top_threats": [{"threat_name": "Win32.Trojan.RedLine", "threat_level": 5, "files_count": 1}], "modified_time": "2023-11-06T13:53:59", "downloaded_files_statistics": {"known": 54, "unknown": 0, "suspicious": 0, "total": 55, "malicious": 1}, "requested_domain": "bloom-artists.com"}}
+{"rl": {"requested_domain": "bloom-artists.com", "third_party_reputations": {"statistics": {"malicious": 2, "clean": 0, "suspicious": 0, "undetected": 8, "total": 10}, "sources": [{"source": "cyradar", "update_time": "2025-04-28T12:29:32", "detection": "undetected"}, {"source": "threatfox_abuse_ch", "update_time": "2025-04-28T07:20:37", "detection": "undetected"}, {"source": "0xSI_f33d", "update_time": "2025-04-28T05:21:05", "detection": "undetected"}, {"source": "apwg", "update_time": "2025-04-28T04:57:03", "detection": "undetected"}, {"source": "crdf", "update_time": "2025-04-28T12:44:43", "detection": "undetected", "categories": [], "detect_time": "2025-04-20T02:10:05"}, {"source": "osint", "update_time": "2025-04-28T00:30:40", "detection": "undetected"}, {"source": "netstar", "update_time": "2025-04-28T12:11:20", "detection": "malicious", "categories": ["malware_file"], "detect_time": "2025-03-11T13:50:55"}, {"source": "phishing_database", "update_time": "2025-04-28T01:37:21", "detection": "undetected"}, {"source": "botvrij", "update_time": "2025-04-28T01:24:57", "detection": "undetected"}, {"source": "adminus_labs", "update_time": "2025-04-28T12:44:43", "detection": "malicious", "categories": [], "detect_time": "2025-04-11T21:06:59"}]}, "downloaded_files_statistics": {"unknown": 0, "known": 54, "suspicious": 0, "malicious": 1, "total": 55}, "last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}, {"type": "NS", "value": "ns24.domaincontrol.com", "provider": "ReversingLabs"}, {"type": "TXT", "value": "\"google-site-verification=Wj87EBeNi2R6elf6yJDVcocU59YAf1SdrNBjsRwVIPU\"", "provider": "ReversingLabs"}], "top_threats": [{"threat_name": "Win32.Ransomware.RedLine", "threat_level": 5, "files_count": 1}], "last_dns_records_time": "2025-04-26T05:23:38", "last_seen": "2025-04-26T05:23:38", "modified_time": "2025-04-26T05:23:38"}}
diff --git a/...nium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/domain_report_context.json b/...nium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/domain_report_context.json
@@ -1 +1 @@
-{"Type": 1, "ContentsFormat": "json", "Contents": {"domain_report": {"rl": {"last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}], "last_dns_records_time": "2023-08-25T09:34:16", "third_party_reputations": {"sources": [{"detection": "undetected", "source": "phishing_database", "update_time": "2023-11-06T02:25:55"}, {"detection": "undetected", "source": "0xSI_f33d", "update_time": "2023-11-06T06:22:03"}, {"detection": "undetected", "source": "cyradar", "update_time": "2023-11-06T08:15:05"}, {"detection": "malicious", "source": "adminus_labs", "update_time": "2023-11-06T13:53:59", "detect_time": "2023-10-22T21:13:34"}, {"detection": "undetected", "source": "apwg", "update_time": "2023-11-02T17:30:36"}, {"detection": "undetected", "source": "netstar", "update_time": "2023-11-06T13:13:59"}, {"detection": "undetected", "source": "threatfox_abuse_ch", "update_time": "2023-11-06T08:20:49"}, {"detection": "undetected", "source": "botvrij", "update_time": "2023-11-06T02:26:03"}, {"detection": "undetected", "source": "alphamountain", "update_time": "2023-11-06T12:59:58"}, {"detection": "undetected", "source": "comodo_valkyrie", "update_time": "2023-11-06T05:53:24"}, {"detection": "undetected", "source": "web_security_guard", "update_time": "2022-01-21T06:56:15"}, {"detection": "undetected", "source": "osint", "update_time": "2023-11-06T01:30:13"}, {"detection": "malicious", "source": "crdf", "update_time": "2023-11-06T08:34:19", "detect_time": "2023-10-23T03:27:25"}], "statistics": {"total": 13, "malicious": 2, "undetected": 11, "clean": 0}}, "top_threats": [{"threat_name": "Win32.Trojan.RedLine", "threat_level": 5, "files_count": 1}], "modified_time": "2023-11-06T13:53:59", "downloaded_files_statistics": {"known": 54, "unknown": 0, "suspicious": 0, "total": 55, "malicious": 1}, "requested_domain": "bloom-artists.com"}}}, "HumanReadable": "## ReversingLabs Domain Report for bloom-artists.com\n ### Last DNS records\n|provider|type|value|\n|---|---|---|\n| ReversingLabs | A | 85.187.128.34 |\n\n    \n**Last DNS records time**: 2023-08-25T09:34:16\n    \n ### Top threats\n|files_count|threat_level|threat_name|\n|---|---|---|\n| 1 | 5 | Win32.Trojan.RedLine |\n\n ### Third party statistics\n **CLEAN**: 0\n        **MALICIOUS**: 2\n        **UNDETECTED**: 11\n        **TOTAL**: 13\n        \n ### Third party sources\n|detection|source|update_time|\n|---|---|---|\n| undetected | phishing_database | 2023-11-06T02:25:55 |\n| undetected | 0xSI_f33d | 2023-11-06T06:22:03 |\n| undetected | cyradar | 2023-11-06T08:15:05 |\n| **malicious** | adminus_labs | 2023-11-06T13:53:59 |\n| undetected | apwg | 2023-11-02T17:30:36 |\n| undetected | netstar | 2023-11-06T13:13:59 |\n| undetected | threatfox_abuse_ch | 2023-11-06T08:20:49 |\n| undetected | botvrij | 2023-11-06T02:26:03 |\n| undetected | alphamountain | 2023-11-06T12:59:58 |\n| undetected | comodo_valkyrie | 2023-11-06T05:53:24 |\n| undetected | web_security_guard | 2022-01-21T06:56:15 |\n| undetected | osint | 2023-11-06T01:30:13 |\n| **malicious** | crdf | 2023-11-06T08:34:19 |\n\n ### Downloaded files statistics\n **KNOWN**: 54\n    **MALICIOUS**: 1\n    **SUSPICIOUS**: 0\n    **UNKNOWN**: 0\n    **TOTAL**: 55\n    ", "EntryContext": {"Domain(val.Name && val.Name == obj.Name)": [{"Name": "bloom-artists.com"}], "DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && val.Type == obj.Type)": [{"Indicator": "bloom-artists.com", "Type": "domain", "Vendor": "ReversingLabs TitaniumCloud v2", "Score": 0, "Reliability": "C - Fairly reliable"}], "ReversingLabs": {"domain_report": {"rl": {"last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}], "last_dns_records_time": "2023-08-25T09:34:16", "third_party_reputations": {"sources": [{"detection": "undetected", "source": "phishing_database", "update_time": "2023-11-06T02:25:55"}, {"detection": "undetected", "source": "0xSI_f33d", "update_time": "2023-11-06T06:22:03"}, {"detection": "undetected", "source": "cyradar", "update_time": "2023-11-06T08:15:05"}, {"detection": "malicious", "source": "adminus_labs", "update_time": "2023-11-06T13:53:59", "detect_time": "2023-10-22T21:13:34"}, {"detection": "undetected", "source": "apwg", "update_time": "2023-11-02T17:30:36"}, {"detection": "undetected", "source": "netstar", "update_time": "2023-11-06T13:13:59"}, {"detection": "undetected", "source": "threatfox_abuse_ch", "update_time": "2023-11-06T08:20:49"}, {"detection": "undetected", "source": "botvrij", "update_time": "2023-11-06T02:26:03"}, {"detection": "undetected", "source": "alphamountain", "update_time": "2023-11-06T12:59:58"}, {"detection": "undetected", "source": "comodo_valkyrie", "update_time": "2023-11-06T05:53:24"}, {"detection": "undetected", "source": "web_security_guard", "update_time": "2022-01-21T06:56:15"}, {"detection": "undetected", "source": "osint", "update_time": "2023-11-06T01:30:13"}, {"detection": "malicious", "source": "crdf", "update_time": "2023-11-06T08:34:19", "detect_time": "2023-10-23T03:27:25"}], "statistics": {"total": 13, "malicious": 2, "undetected": 11, "clean": 0}}, "top_threats": [{"threat_name": "Win32.Trojan.RedLine", "threat_level": 5, "files_count": 1}], "modified_time": "2023-11-06T13:53:59", "downloaded_files_statistics": {"known": 54, "unknown": 0, "suspicious": 0, "total": 55, "malicious": 1}, "requested_domain": "bloom-artists.com"}}}}, "IndicatorTimeline": [], "IgnoreAutoExtract": false, "Note": false, "Relationships": []}
+{"Type": 1, "ContentsFormat": "json", "Contents": {"domain_report": {"rl": {"requested_domain": "bloom-artists.com", "third_party_reputations": {"statistics": {"malicious": 2, "clean": 0, "suspicious": 0, "undetected": 8, "total": 10}, "sources": [{"source": "cyradar", "update_time": "2025-04-28T12:29:32", "detection": "undetected"}, {"source": "threatfox_abuse_ch", "update_time": "2025-04-28T07:20:37", "detection": "undetected"}, {"source": "0xSI_f33d", "update_time": "2025-04-28T05:21:05", "detection": "undetected"}, {"source": "apwg", "update_time": "2025-04-28T04:57:03", "detection": "undetected"}, {"source": "crdf", "update_time": "2025-04-28T12:44:43", "detection": "undetected", "categories": [], "detect_time": "2025-04-20T02:10:05"}, {"source": "osint", "update_time": "2025-04-28T00:30:40", "detection": "undetected"}, {"source": "netstar", "update_time": "2025-04-28T12:11:20", "detection": "malicious", "categories": ["malware_file"], "detect_time": "2025-03-11T13:50:55"}, {"source": "phishing_database", "update_time": "2025-04-28T01:37:21", "detection": "undetected"}, {"source": "botvrij", "update_time": "2025-04-28T01:24:57", "detection": "undetected"}, {"source": "adminus_labs", "update_time": "2025-04-28T12:44:43", "detection": "malicious", "categories": [], "detect_time": "2025-04-11T21:06:59"}]}, "downloaded_files_statistics": {"unknown": 0, "known": 54, "suspicious": 0, "malicious": 1, "total": 55}, "last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}, {"type": "NS", "value": "ns24.domaincontrol.com", "provider": "ReversingLabs"}, {"type": "TXT", "value": "\"google-site-verification=Wj87EBeNi2R6elf6yJDVcocU59YAf1SdrNBjsRwVIPU\"", "provider": "ReversingLabs"}], "top_threats": [{"threat_name": "Win32.Ransomware.RedLine", "threat_level": 5, "files_count": 1}], "last_dns_records_time": "2025-04-26T05:23:38", "last_seen": "2025-04-26T05:23:38", "modified_time": "2025-04-26T05:23:38"}}}, "HumanReadable": "## ReversingLabs Domain Report for bloom-artists.com\n\n ### Last DNS records\n|provider|type|value|\n|---|---|---|\n| ReversingLabs | A | 85.187.128.34 |\n| ReversingLabs | NS | ns24.domaincontrol.com |\n| ReversingLabs | TXT | \"google-site-verification=Wj87EBeNi2R6elf6yJDVcocU59YAf1SdrNBjsRwVIPU\" |\n\n    \n**Last DNS records time**: 2025-04-26T05:23:38\n    \n ### Top threats\n|files_count|threat_level|threat_name|\n|---|---|---|\n| 1 | 5 | Win32.Ransomware.RedLine |\n\n ### Third party statistics\n **CLEAN**: 0\n        **MALICIOUS**: 2\n        **UNDETECTED**: 8\n        **TOTAL**: 10\n        \n ### Third party sources\n|detection|source|update_time|\n|---|---|---|\n| undetected | cyradar | 2025-04-28T12:29:32 |\n| undetected | threatfox_abuse_ch | 2025-04-28T07:20:37 |\n| undetected | 0xSI_f33d | 2025-04-28T05:21:05 |\n| undetected | apwg | 2025-04-28T04:57:03 |\n| undetected | crdf | 2025-04-28T12:44:43 |\n| undetected | osint | 2025-04-28T00:30:40 |\n| **malicious** | netstar | 2025-04-28T12:11:20 |\n| undetected | phishing_database | 2025-04-28T01:37:21 |\n| undetected | botvrij | 2025-04-28T01:24:57 |\n| **malicious** | adminus_labs | 2025-04-28T12:44:43 |\n\n ### Downloaded files statistics\n **KNOWN**: 54\n    **MALICIOUS**: 1\n    **SUSPICIOUS**: 0\n    **UNKNOWN**: 0\n    **TOTAL**: 55\n    ", "EntryContext": {"Domain(val.Name && val.Name == obj.Name)": [{"Name": "bloom-artists.com"}], "DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && val.Type == obj.Type)": [{"Indicator": "bloom-artists.com", "Type": "domain", "Vendor": "ReversingLabs TitaniumCloud v2", "Score": 0, "Reliability": "C - Fairly reliable"}], "ReversingLabs": {"domain_report": {"rl": {"requested_domain": "bloom-artists.com", "third_party_reputations": {"statistics": {"malicious": 2, "clean": 0, "suspicious": 0, "undetected": 8, "total": 10}, "sources": [{"source": "cyradar", "update_time": "2025-04-28T12:29:32", "detection": "undetected"}, {"source": "threatfox_abuse_ch", "update_time": "2025-04-28T07:20:37", "detection": "undetected"}, {"source": "0xSI_f33d", "update_time": "2025-04-28T05:21:05", "detection": "undetected"}, {"source": "apwg", "update_time": "2025-04-28T04:57:03", "detection": "undetected"}, {"source": "crdf", "update_time": "2025-04-28T12:44:43", "detection": "undetected", "categories": [], "detect_time": "2025-04-20T02:10:05"}, {"source": "osint", "update_time": "2025-04-28T00:30:40", "detection": "undetected"}, {"source": "netstar", "update_time": "2025-04-28T12:11:20", "detection": "malicious", "categories": ["malware_file"], "detect_time": "2025-03-11T13:50:55"}, {"source": "phishing_database", "update_time": "2025-04-28T01:37:21", "detection": "undetected"}, {"source": "botvrij", "update_time": "2025-04-28T01:24:57", "detection": "undetected"}, {"source": "adminus_labs", "update_time": "2025-04-28T12:44:43", "detection": "malicious", "categories": [], "detect_time": "2025-04-11T21:06:59"}]}, "downloaded_files_statistics": {"unknown": 0, "known": 54, "suspicious": 0, "malicious": 1, "total": 55}, "last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}, {"type": "NS", "value": "ns24.domaincontrol.com", "provider": "ReversingLabs"}, {"type": "TXT", "value": "\"google-site-verification=Wj87EBeNi2R6elf6yJDVcocU59YAf1SdrNBjsRwVIPU\"", "provider": "ReversingLabs"}], "top_threats": [{"threat_name": "Win32.Ransomware.RedLine", "threat_level": 5, "files_count": 1}], "last_dns_records_time": "2025-04-26T05:23:38", "last_seen": "2025-04-26T05:23:38", "modified_time": "2025-04-26T05:23:38"}}}}, "IndicatorTimeline": [], "IgnoreAutoExtract": false, "Note": false, "Relationships": []}
diff --git a/...ingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/ip_report.json b/...ingLabs_Titanium_Cloud/Integrations/ReversingLabsTitaniumCloudv2/test_data/ip_report.json
@@ -1 +1 @@
-{"rl": {"requested_ip": "5.42.64.70", "third_party_reputations": {"sources": [{"detection": "undetected", "source": "adminus_labs", "update_time": "2023-11-06T14:20:53"}, {"detection": "undetected", "source": "apwg", "update_time": "2023-11-01T21:23:52"}, {"detection": "undetected", "source": "threatfox_abuse_ch", "update_time": "2023-11-06T08:20:49"}, {"detection": "undetected", "source": "alphamountain", "update_time": "2023-11-06T12:59:58"}, {"detection": "undetected", "source": "osint", "update_time": "2023-11-06T01:30:13"}, {"detection": "undetected", "source": "feodotracker", "update_time": "2023-11-06T05:28:24"}, {"detection": "malicious", "source": "crdf", "update_time": "2023-11-06T08:34:19", "detect_time": "2023-10-27T03:54:23"}], "statistics": {"total": 7, "malicious": 1, "undetected": 6, "clean": 0}}, "downloaded_files_statistics": {"known": 0, "unknown": 0, "suspicious": 0, "total": 0, "malicious": 0}, "modified_time": "2023-11-06T14:20:53"}}
+{"rl": {"requested_ip": "5.42.64.70", "third_party_reputations": {"statistics": {"malicious": 0, "clean": 0, "suspicious": 0, "undetected": 9, "total": 9}, "sources": [{"source": "crdf", "update_time": "2025-04-28T12:44:43", "detection": "undetected", "categories": [], "detect_time": "2025-04-20T09:06:05"}, {"source": "cyradar", "update_time": "2025-04-28T12:29:32", "detection": "undetected"}, {"source": "cyren", "update_time": "2025-04-28T07:59:28", "detection": "undetected"}, {"source": "feodotracker", "update_time": "2025-04-28T04:27:59", "detection": "undetected"}, {"source": "blocklist_de", "update_time": "2025-04-28T11:26:08", "detection": "undetected"}, {"source": "apwg", "update_time": "2025-04-28T08:24:32", "detection": "undetected"}, {"source": "osint", "update_time": "2025-04-28T00:30:40", "detection": "undetected"}, {"source": "threatfox_abuse_ch", "update_time": "2025-04-28T07:20:38", "detection": "undetected", "categories": [], "detect_time": "2024-04-07T07:20:06"}, {"source": "adminus_labs", "update_time": "2025-04-28T12:43:24", "detection": "undetected"}]}, "downloaded_files_statistics": {"unknown": 0, "known": 1, "suspicious": 0, "malicious": 0, "total": 1}, "last_seen": "2025-04-20T09:06:05", "modified_time": "2025-04-20T09:06:05"}}
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		{"rl": {"last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}], "last_dns_records_time": "2023-08-25T09:34:16", "third_party_reputations": {"sources": [{"detection": "undetected", "source": "phishing_database", "update_time": "2023-11-06T02:25:55"}, {"detection": "undetected", "source": "0xSI_f33d", "update_time": "2023-11-06T06:22:03"}, {"detection": "undetected", "source": "cyradar", "update_time": "2023-11-06T08:15:05"}, {"detection": "malicious", "source": "adminus_labs", "update_time": "2023-11-06T13:53:59", "detect_time": "2023-10-22T21:13:34"}, {"detection": "undetected", "source": "apwg", "update_time": "2023-11-02T17:30:36"}, {"detection": "undetected", "source": "netstar", "update_time": "2023-11-06T13:13:59"}, {"detection": "undetected", "source": "threatfox_abuse_ch", "update_time": "2023-11-06T08:20:49"}, {"detection": "undetected", "source": "botvrij", "update_time": "2023-11-06T02:26:03"}, {"detection": "undetected", "source": "alphamountain", "update_time": "2023-11-06T12:59:58"}, {"detection": "undetected", "source": "comodo_valkyrie", "update_time": "2023-11-06T05:53:24"}, {"detection": "undetected", "source": "web_security_guard", "update_time": "2022-01-21T06:56:15"}, {"detection": "undetected", "source": "osint", "update_time": "2023-11-06T01:30:13"}, {"detection": "malicious", "source": "crdf", "update_time": "2023-11-06T08:34:19", "detect_time": "2023-10-23T03:27:25"}], "statistics": {"total": 13, "malicious": 2, "undetected": 11, "clean": 0}}, "top_threats": [{"threat_name": "Win32.Trojan.RedLine", "threat_level": 5, "files_count": 1}], "modified_time": "2023-11-06T13:53:59", "downloaded_files_statistics": {"known": 54, "unknown": 0, "suspicious": 0, "total": 55, "malicious": 1}, "requested_domain": "bloom-artists.com"}}
		{"rl": {"requested_domain": "bloom-artists.com", "third_party_reputations": {"statistics": {"malicious": 2, "clean": 0, "suspicious": 0, "undetected": 8, "total": 10}, "sources": [{"source": "cyradar", "update_time": "2025-04-28T12:29:32", "detection": "undetected"}, {"source": "threatfox_abuse_ch", "update_time": "2025-04-28T07:20:37", "detection": "undetected"}, {"source": "0xSI_f33d", "update_time": "2025-04-28T05:21:05", "detection": "undetected"}, {"source": "apwg", "update_time": "2025-04-28T04:57:03", "detection": "undetected"}, {"source": "crdf", "update_time": "2025-04-28T12:44:43", "detection": "undetected", "categories": [], "detect_time": "2025-04-20T02:10:05"}, {"source": "osint", "update_time": "2025-04-28T00:30:40", "detection": "undetected"}, {"source": "netstar", "update_time": "2025-04-28T12:11:20", "detection": "malicious", "categories": ["malware_file"], "detect_time": "2025-03-11T13:50:55"}, {"source": "phishing_database", "update_time": "2025-04-28T01:37:21", "detection": "undetected"}, {"source": "botvrij", "update_time": "2025-04-28T01:24:57", "detection": "undetected"}, {"source": "adminus_labs", "update_time": "2025-04-28T12:44:43", "detection": "malicious", "categories": [], "detect_time": "2025-04-11T21:06:59"}]}, "downloaded_files_statistics": {"unknown": 0, "known": 54, "suspicious": 0, "malicious": 1, "total": 55}, "last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}, {"type": "NS", "value": "ns24.domaincontrol.com", "provider": "ReversingLabs"}, {"type": "TXT", "value": "\"google-site-verification=Wj87EBeNi2R6elf6yJDVcocU59YAf1SdrNBjsRwVIPU\"", "provider": "ReversingLabs"}], "top_threats": [{"threat_name": "Win32.Ransomware.RedLine", "threat_level": 5, "files_count": 1}], "last_dns_records_time": "2025-04-26T05:23:38", "last_seen": "2025-04-26T05:23:38", "modified_time": "2025-04-26T05:23:38"}}
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		{"Type": 1, "ContentsFormat": "json", "Contents": {"domain_report": {"rl": {"last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}], "last_dns_records_time": "2023-08-25T09:34:16", "third_party_reputations": {"sources": [{"detection": "undetected", "source": "phishing_database", "update_time": "2023-11-06T02:25:55"}, {"detection": "undetected", "source": "0xSI_f33d", "update_time": "2023-11-06T06:22:03"}, {"detection": "undetected", "source": "cyradar", "update_time": "2023-11-06T08:15:05"}, {"detection": "malicious", "source": "adminus_labs", "update_time": "2023-11-06T13:53:59", "detect_time": "2023-10-22T21:13:34"}, {"detection": "undetected", "source": "apwg", "update_time": "2023-11-02T17:30:36"}, {"detection": "undetected", "source": "netstar", "update_time": "2023-11-06T13:13:59"}, {"detection": "undetected", "source": "threatfox_abuse_ch", "update_time": "2023-11-06T08:20:49"}, {"detection": "undetected", "source": "botvrij", "update_time": "2023-11-06T02:26:03"}, {"detection": "undetected", "source": "alphamountain", "update_time": "2023-11-06T12:59:58"}, {"detection": "undetected", "source": "comodo_valkyrie", "update_time": "2023-11-06T05:53:24"}, {"detection": "undetected", "source": "web_security_guard", "update_time": "2022-01-21T06:56:15"}, {"detection": "undetected", "source": "osint", "update_time": "2023-11-06T01:30:13"}, {"detection": "malicious", "source": "crdf", "update_time": "2023-11-06T08:34:19", "detect_time": "2023-10-23T03:27:25"}], "statistics": {"total": 13, "malicious": 2, "undetected": 11, "clean": 0}}, "top_threats": [{"threat_name": "Win32.Trojan.RedLine", "threat_level": 5, "files_count": 1}], "modified_time": "2023-11-06T13:53:59", "downloaded_files_statistics": {"known": 54, "unknown": 0, "suspicious": 0, "total": 55, "malicious": 1}, "requested_domain": "bloom-artists.com"}}}, "HumanReadable": "## ReversingLabs Domain Report for bloom-artists.com\n ### Last DNS records\n\|provider\|type\|value\|\n\|---\|---\|---\|\n\| ReversingLabs \| A \| 85.187.128.34 \|\n\n \nLast DNS records time: 2023-08-25T09:34:16\n \n ### Top threats\n\|files_count\|threat_level\|threat_name\|\n\|---\|---\|---\|\n\| 1 \| 5 \| Win32.Trojan.RedLine \|\n\n ### Third party statistics\n CLEAN: 0\n MALICIOUS: 2\n UNDETECTED: 11\n TOTAL: 13\n \n ### Third party sources\n\|detection\|source\|update_time\|\n\|---\|---\|---\|\n\| undetected \| phishing_database \| 2023-11-06T02:25:55 \|\n\| undetected \| 0xSI_f33d \| 2023-11-06T06:22:03 \|\n\| undetected \| cyradar \| 2023-11-06T08:15:05 \|\n\| malicious \| adminus_labs \| 2023-11-06T13:53:59 \|\n\| undetected \| apwg \| 2023-11-02T17:30:36 \|\n\| undetected \| netstar \| 2023-11-06T13:13:59 \|\n\| undetected \| threatfox_abuse_ch \| 2023-11-06T08:20:49 \|\n\| undetected \| botvrij \| 2023-11-06T02:26:03 \|\n\| undetected \| alphamountain \| 2023-11-06T12:59:58 \|\n\| undetected \| comodo_valkyrie \| 2023-11-06T05:53:24 \|\n\| undetected \| web_security_guard \| 2022-01-21T06:56:15 \|\n\| undetected \| osint \| 2023-11-06T01:30:13 \|\n\| malicious \| crdf \| 2023-11-06T08:34:19 \|\n\n ### Downloaded files statistics\n KNOWN: 54\n MALICIOUS: 1\n SUSPICIOUS: 0\n UNKNOWN: 0\n TOTAL: 55\n ", "EntryContext": {"Domain(val.Name && val.Name == obj.Name)": [{"Name": "bloom-artists.com"}], "DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && val.Type == obj.Type)": [{"Indicator": "bloom-artists.com", "Type": "domain", "Vendor": "ReversingLabs TitaniumCloud v2", "Score": 0, "Reliability": "C - Fairly reliable"}], "ReversingLabs": {"domain_report": {"rl": {"last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}], "last_dns_records_time": "2023-08-25T09:34:16", "third_party_reputations": {"sources": [{"detection": "undetected", "source": "phishing_database", "update_time": "2023-11-06T02:25:55"}, {"detection": "undetected", "source": "0xSI_f33d", "update_time": "2023-11-06T06:22:03"}, {"detection": "undetected", "source": "cyradar", "update_time": "2023-11-06T08:15:05"}, {"detection": "malicious", "source": "adminus_labs", "update_time": "2023-11-06T13:53:59", "detect_time": "2023-10-22T21:13:34"}, {"detection": "undetected", "source": "apwg", "update_time": "2023-11-02T17:30:36"}, {"detection": "undetected", "source": "netstar", "update_time": "2023-11-06T13:13:59"}, {"detection": "undetected", "source": "threatfox_abuse_ch", "update_time": "2023-11-06T08:20:49"}, {"detection": "undetected", "source": "botvrij", "update_time": "2023-11-06T02:26:03"}, {"detection": "undetected", "source": "alphamountain", "update_time": "2023-11-06T12:59:58"}, {"detection": "undetected", "source": "comodo_valkyrie", "update_time": "2023-11-06T05:53:24"}, {"detection": "undetected", "source": "web_security_guard", "update_time": "2022-01-21T06:56:15"}, {"detection": "undetected", "source": "osint", "update_time": "2023-11-06T01:30:13"}, {"detection": "malicious", "source": "crdf", "update_time": "2023-11-06T08:34:19", "detect_time": "2023-10-23T03:27:25"}], "statistics": {"total": 13, "malicious": 2, "undetected": 11, "clean": 0}}, "top_threats": [{"threat_name": "Win32.Trojan.RedLine", "threat_level": 5, "files_count": 1}], "modified_time": "2023-11-06T13:53:59", "downloaded_files_statistics": {"known": 54, "unknown": 0, "suspicious": 0, "total": 55, "malicious": 1}, "requested_domain": "bloom-artists.com"}}}}, "IndicatorTimeline": [], "IgnoreAutoExtract": false, "Note": false, "Relationships": []}
		{"Type": 1, "ContentsFormat": "json", "Contents": {"domain_report": {"rl": {"requested_domain": "bloom-artists.com", "third_party_reputations": {"statistics": {"malicious": 2, "clean": 0, "suspicious": 0, "undetected": 8, "total": 10}, "sources": [{"source": "cyradar", "update_time": "2025-04-28T12:29:32", "detection": "undetected"}, {"source": "threatfox_abuse_ch", "update_time": "2025-04-28T07:20:37", "detection": "undetected"}, {"source": "0xSI_f33d", "update_time": "2025-04-28T05:21:05", "detection": "undetected"}, {"source": "apwg", "update_time": "2025-04-28T04:57:03", "detection": "undetected"}, {"source": "crdf", "update_time": "2025-04-28T12:44:43", "detection": "undetected", "categories": [], "detect_time": "2025-04-20T02:10:05"}, {"source": "osint", "update_time": "2025-04-28T00:30:40", "detection": "undetected"}, {"source": "netstar", "update_time": "2025-04-28T12:11:20", "detection": "malicious", "categories": ["malware_file"], "detect_time": "2025-03-11T13:50:55"}, {"source": "phishing_database", "update_time": "2025-04-28T01:37:21", "detection": "undetected"}, {"source": "botvrij", "update_time": "2025-04-28T01:24:57", "detection": "undetected"}, {"source": "adminus_labs", "update_time": "2025-04-28T12:44:43", "detection": "malicious", "categories": [], "detect_time": "2025-04-11T21:06:59"}]}, "downloaded_files_statistics": {"unknown": 0, "known": 54, "suspicious": 0, "malicious": 1, "total": 55}, "last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}, {"type": "NS", "value": "ns24.domaincontrol.com", "provider": "ReversingLabs"}, {"type": "TXT", "value": "\"google-site-verification=Wj87EBeNi2R6elf6yJDVcocU59YAf1SdrNBjsRwVIPU\"", "provider": "ReversingLabs"}], "top_threats": [{"threat_name": "Win32.Ransomware.RedLine", "threat_level": 5, "files_count": 1}], "last_dns_records_time": "2025-04-26T05:23:38", "last_seen": "2025-04-26T05:23:38", "modified_time": "2025-04-26T05:23:38"}}}, "HumanReadable": "## ReversingLabs Domain Report for bloom-artists.com\n\n ### Last DNS records\n\|provider\|type\|value\|\n\|---\|---\|---\|\n\| ReversingLabs \| A \| 85.187.128.34 \|\n\| ReversingLabs \| NS \| ns24.domaincontrol.com \|\n\| ReversingLabs \| TXT \| \"google-site-verification=Wj87EBeNi2R6elf6yJDVcocU59YAf1SdrNBjsRwVIPU\" \|\n\n \nLast DNS records time: 2025-04-26T05:23:38\n \n ### Top threats\n\|files_count\|threat_level\|threat_name\|\n\|---\|---\|---\|\n\| 1 \| 5 \| Win32.Ransomware.RedLine \|\n\n ### Third party statistics\n CLEAN: 0\n MALICIOUS: 2\n UNDETECTED: 8\n TOTAL: 10\n \n ### Third party sources\n\|detection\|source\|update_time\|\n\|---\|---\|---\|\n\| undetected \| cyradar \| 2025-04-28T12:29:32 \|\n\| undetected \| threatfox_abuse_ch \| 2025-04-28T07:20:37 \|\n\| undetected \| 0xSI_f33d \| 2025-04-28T05:21:05 \|\n\| undetected \| apwg \| 2025-04-28T04:57:03 \|\n\| undetected \| crdf \| 2025-04-28T12:44:43 \|\n\| undetected \| osint \| 2025-04-28T00:30:40 \|\n\| malicious \| netstar \| 2025-04-28T12:11:20 \|\n\| undetected \| phishing_database \| 2025-04-28T01:37:21 \|\n\| undetected \| botvrij \| 2025-04-28T01:24:57 \|\n\| malicious \| adminus_labs \| 2025-04-28T12:44:43 \|\n\n ### Downloaded files statistics\n KNOWN: 54\n MALICIOUS: 1\n SUSPICIOUS: 0\n UNKNOWN: 0\n TOTAL: 55\n ", "EntryContext": {"Domain(val.Name && val.Name == obj.Name)": [{"Name": "bloom-artists.com"}], "DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && val.Type == obj.Type)": [{"Indicator": "bloom-artists.com", "Type": "domain", "Vendor": "ReversingLabs TitaniumCloud v2", "Score": 0, "Reliability": "C - Fairly reliable"}], "ReversingLabs": {"domain_report": {"rl": {"requested_domain": "bloom-artists.com", "third_party_reputations": {"statistics": {"malicious": 2, "clean": 0, "suspicious": 0, "undetected": 8, "total": 10}, "sources": [{"source": "cyradar", "update_time": "2025-04-28T12:29:32", "detection": "undetected"}, {"source": "threatfox_abuse_ch", "update_time": "2025-04-28T07:20:37", "detection": "undetected"}, {"source": "0xSI_f33d", "update_time": "2025-04-28T05:21:05", "detection": "undetected"}, {"source": "apwg", "update_time": "2025-04-28T04:57:03", "detection": "undetected"}, {"source": "crdf", "update_time": "2025-04-28T12:44:43", "detection": "undetected", "categories": [], "detect_time": "2025-04-20T02:10:05"}, {"source": "osint", "update_time": "2025-04-28T00:30:40", "detection": "undetected"}, {"source": "netstar", "update_time": "2025-04-28T12:11:20", "detection": "malicious", "categories": ["malware_file"], "detect_time": "2025-03-11T13:50:55"}, {"source": "phishing_database", "update_time": "2025-04-28T01:37:21", "detection": "undetected"}, {"source": "botvrij", "update_time": "2025-04-28T01:24:57", "detection": "undetected"}, {"source": "adminus_labs", "update_time": "2025-04-28T12:44:43", "detection": "malicious", "categories": [], "detect_time": "2025-04-11T21:06:59"}]}, "downloaded_files_statistics": {"unknown": 0, "known": 54, "suspicious": 0, "malicious": 1, "total": 55}, "last_dns_records": [{"type": "A", "value": "85.187.128.34", "provider": "ReversingLabs"}, {"type": "NS", "value": "ns24.domaincontrol.com", "provider": "ReversingLabs"}, {"type": "TXT", "value": "\"google-site-verification=Wj87EBeNi2R6elf6yJDVcocU59YAf1SdrNBjsRwVIPU\"", "provider": "ReversingLabs"}], "top_threats": [{"threat_name": "Win32.Ransomware.RedLine", "threat_level": 5, "files_count": 1}], "last_dns_records_time": "2025-04-26T05:23:38", "last_seen": "2025-04-26T05:23:38", "modified_time": "2025-04-26T05:23:38"}}}}, "IndicatorTimeline": [], "IgnoreAutoExtract": false, "Note": false, "Relationships": []}
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		{"rl": {"requested_ip": "5.42.64.70", "third_party_reputations": {"sources": [{"detection": "undetected", "source": "adminus_labs", "update_time": "2023-11-06T14:20:53"}, {"detection": "undetected", "source": "apwg", "update_time": "2023-11-01T21:23:52"}, {"detection": "undetected", "source": "threatfox_abuse_ch", "update_time": "2023-11-06T08:20:49"}, {"detection": "undetected", "source": "alphamountain", "update_time": "2023-11-06T12:59:58"}, {"detection": "undetected", "source": "osint", "update_time": "2023-11-06T01:30:13"}, {"detection": "undetected", "source": "feodotracker", "update_time": "2023-11-06T05:28:24"}, {"detection": "malicious", "source": "crdf", "update_time": "2023-11-06T08:34:19", "detect_time": "2023-10-27T03:54:23"}], "statistics": {"total": 7, "malicious": 1, "undetected": 6, "clean": 0}}, "downloaded_files_statistics": {"known": 0, "unknown": 0, "suspicious": 0, "total": 0, "malicious": 0}, "modified_time": "2023-11-06T14:20:53"}}
		{"rl": {"requested_ip": "5.42.64.70", "third_party_reputations": {"statistics": {"malicious": 0, "clean": 0, "suspicious": 0, "undetected": 9, "total": 9}, "sources": [{"source": "crdf", "update_time": "2025-04-28T12:44:43", "detection": "undetected", "categories": [], "detect_time": "2025-04-20T09:06:05"}, {"source": "cyradar", "update_time": "2025-04-28T12:29:32", "detection": "undetected"}, {"source": "cyren", "update_time": "2025-04-28T07:59:28", "detection": "undetected"}, {"source": "feodotracker", "update_time": "2025-04-28T04:27:59", "detection": "undetected"}, {"source": "blocklist_de", "update_time": "2025-04-28T11:26:08", "detection": "undetected"}, {"source": "apwg", "update_time": "2025-04-28T08:24:32", "detection": "undetected"}, {"source": "osint", "update_time": "2025-04-28T00:30:40", "detection": "undetected"}, {"source": "threatfox_abuse_ch", "update_time": "2025-04-28T07:20:38", "detection": "undetected", "categories": [], "detect_time": "2024-04-07T07:20:06"}, {"source": "adminus_labs", "update_time": "2025-04-28T12:43:24", "detection": "undetected"}]}, "downloaded_files_statistics": {"unknown": 0, "known": 1, "suspicious": 0, "malicious": 0, "total": 1}, "last_seen": "2025-04-20T09:06:05", "modified_time": "2025-04-20T09:06:05"}}