diff --git a/Pulsedive/Snapshot_Pulsedive_Domain.json b/Pulsedive/Snapshot_Pulsedive_Domain.json
index d15dae29..06bdc956 100644
--- a/Pulsedive/Snapshot_Pulsedive_Domain.json
+++ b/Pulsedive/Snapshot_Pulsedive_Domain.json
@@ -1 +1 @@
-{"description": "Pulsedive Domain", "schema_version": "1.0.23", "type": "investigation", "search-txt": "domain:\"wightcompany.com\"", "source": "Anastasiia Rozlyvan", "actions": "[{\"created-perf\":13201100000.000223,\"updated-perf\":13201105000.000097,\"type\":\"collect\",\"created\":\"2021-02-04T07:33:57.537Z\",\"state\":\"ok\",\"arg\":\"wightcompany.com\\n\\n\",\"result\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"id\":\"collect-aa796cee\",\"uuid\":\"3d60e993-7725-4db9-88e4-9a2031bbaf53\"},{\"created-perf\":13687590000.000454,\"updated-perf\":13687590000.000454,\"type\":\"deliberate\",\"created\":\"2021-02-04T07:33:58.023Z\",\"state\":\"ok\",\"arg\":[{\"type\":\"domain\",\"value\":\"wightcompany.com\"}],\"result\":{\"data\":[{\"module\":\"AMP File Reputation\",\"module_instance_id\":\"ddcf41a2-3ecb-43e8-b5b2-0e36ad2e16f3\",\"module_type_id\":\"1898d0e8-45f7-550d-8ab5-915f064426dd\",\"data\":{\"verdicts\":{\"count\":0,\"docs\":[]}}}]},\"id\":\"deliberate-35d1c38e\",\"uuid\":\"b413d9e0-7a03-47e0-b121-a07751df6779\"},{\"created-perf\":14443355000.000338,\"updated-perf\":14443360000.000212,\"type\":\"investigate\",\"created\":\"2021-02-04T07:33:58.779Z\",\"state\":\"ok\",\"arg\":{\"type\":\"domain\",\"value\":\"wightcompany.com\"},\"result\":{\"data\":[{\"module\":\"Pulsedive\",\"module_instance_id\":\"c53416a4-abf2-4e99-b9e9-826cc4f27c25\",\"module_type_id\":\"cb1f6d1c-f28b-4c50-82ba-11ab49fd39be\",\"data\":{\"indicators\":{\"count\":7,\"docs\":[{\"tags\":[\"malware\"],\"valid_time\":{\"start_time\":\"2032-01-19T17:12:42.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"Threat: Ryuk\",\"title\":\"Threat: Ryuk\",\"source_uri\":\"https://pulsedive.com/threat/?tid=261\",\"id\":\"transient:indicator-217e31a3-bacb-5e50-a3ea-798d509615f6\",\"severity\":\"High\",\"tlp\":\"white\"},{\"tags\":[\"malware\"],\"valid_time\":{\"start_time\":\"2032-01-19T17:12:42.000Z\"},\"producer\":\"AlphaSOC\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"Feed: AlphaSOC Ryuk C2\",\"title\":\"Feed: AlphaSOC Ryuk C2\",\"source_uri\":\"https://pulsedive.com/feed/?fid=66\",\"id\":\"transient:indicator-3337e1be-1d82-5c42-b493-25796da3ff41\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-01-19T21:27:03.000Z\",\"end_time\":\"2032-04-20T03:27:03.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"registration recently updated\",\"title\":\"registration recently updated\",\"id\":\"transient:indicator-0218c770-4b29-5e6b-8fa0-dc4d4d39196a\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-01-19T21:27:03.000Z\",\"end_time\":\"2032-04-20T03:27:03.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"recently registered\",\"title\":\"recently registered\",\"id\":\"transient:indicator-09fc8707-928f-5df0-ac81-3126cec719d3\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-01-19T21:27:03.000Z\",\"end_time\":\"2032-04-20T03:27:03.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"SPF record present\",\"title\":\"SPF record present\",\"id\":\"transient:indicator-4ac11498-6d80-52e4-b104-004b9ff8a6d1\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-01-19T21:27:03.000Z\",\"end_time\":\"2032-04-20T03:27:03.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"found in threat feeds\",\"title\":\"found in threat feeds\",\"id\":\"transient:indicator-de577757-b53c-5b49-8e8d-508420e9f63b\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-01-19T21:27:03.000Z\",\"end_time\":\"2032-04-20T03:27:03.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"does not resolve to an IP\",\"title\":\"does not resolve to an IP\",\"id\":\"transient:indicator-0825b49a-b024-521a-8393-25a8a226b28d\",\"tlp\":\"white\"}]},\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":2,\"observable\":{\"value\":\"wightcompany.com\",\"type\":\"domain\"},\"disposition_name\":\"Malicious\",\"valid_time\":{\"start_time\":\"2032-01-19T21:27:03.000Z\",\"end_time\":\"2032-04-20T03:27:03.000Z\"}}]},\"relationships\":{\"count\":7,\"docs\":[{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-0218c770-4b29-5e6b-8fa0-dc4d4d39196a\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-9878c197-5f23-450d-8a8f-13fadb94affd\",\"id\":\"transient:relationship-ce6708c6-37b7-4390-a683-27683969eec6\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-09fc8707-928f-5df0-ac81-3126cec719d3\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-c4f91bb3-6b49-4223-b215-53a428e936d5\",\"id\":\"transient:relationship-8f010cd5-dab3-4977-b08f-4e03c757fc9a\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-217e31a3-bacb-5e50-a3ea-798d509615f6\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-386090c4-d2d7-405c-971c-42a864984c47\",\"id\":\"transient:relationship-861f8a45-6827-4001-82a2-f8a23d0a9b8e\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-3337e1be-1d82-5c42-b493-25796da3ff41\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-8988e668-adbf-4058-9c14-eb1cbd7eda2f\",\"id\":\"transient:relationship-e9694407-3803-4cd5-a25c-c4203dd9b873\",\"relationship_type\":\"member-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-de577757-b53c-5b49-8e8d-508420e9f63b\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-d1d139b2-9f99-4549-a159-6d114a9da6c0\",\"id\":\"transient:relationship-fc60cc7a-cda2-45d9-a2d3-953f7218e229\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-4ac11498-6d80-52e4-b104-004b9ff8a6d1\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-429b9ddc-5e4d-469b-b937-3eba60a6a113\",\"id\":\"transient:relationship-c70f6b63-cc0b-428d-bca8-90380dc731eb\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-0825b49a-b024-521a-8393-25a8a226b28d\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-c258e6b1-eb2f-4f17-aa6b-87babb0b70df\",\"id\":\"transient:relationship-95c7e06a-1126-4d7b-860c-62e05df13f5b\",\"relationship_type\":\"sighting-of\"}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2032-01-19T21:27:03.000Z\",\"end_time\":\"2032-04-20T03:27:03.000Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"wightcompany.com\",\"type\":\"domain\"},\"type\":\"judgement\",\"source\":\"Pulsedive\",\"disposition\":2,\"source_uri\":\"https://pulsedive.com/indicator/?iid=21123478\",\"disposition_name\":\"Malicious\",\"priority\":85,\"id\":\"transient:judgement-a1bacf6b-4c98-427b-abb6-9898dd9ab383\",\"severity\":\"High\",\"tlp\":\"white\",\"confidence\":\"Medium\"}]},\"sightings\":{\"count\":7,\"docs\":[{\"description\":\"Feed: AlphaSOC Ryuk C2\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/feed/?fid=66\",\"id\":\"transient:sighting-8988e668-adbf-4058-9c14-eb1cbd7eda2f\",\"count\":1,\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T17:12:42.000Z\",\"end_time\":\"2032-01-19T17:12:42.000Z\"}},{\"description\":\"SPF record present\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=21123478\",\"id\":\"transient:sighting-429b9ddc-5e4d-469b-b937-3eba60a6a113\",\"count\":1,\"severity\":\"High\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T21:27:03.000Z\",\"end_time\":\"2032-01-19T21:27:03.000Z\"}},{\"description\":\"recently registered\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=21123478\",\"id\":\"transient:sighting-c4f91bb3-6b49-4223-b215-53a428e936d5\",\"count\":1,\"severity\":\"High\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T21:27:03.000Z\",\"end_time\":\"2032-01-19T21:27:03.000Z\"}},{\"description\":\"registration recently updated\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=21123478\",\"id\":\"transient:sighting-9878c197-5f23-450d-8a8f-13fadb94affd\",\"count\":1,\"severity\":\"High\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T21:27:03.000Z\",\"end_time\":\"2032-01-19T21:27:03.000Z\"}},{\"description\":\"does not resolve to an IP\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=21123478\",\"id\":\"transient:sighting-c258e6b1-eb2f-4f17-aa6b-87babb0b70df\",\"count\":1,\"severity\":\"High\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T21:27:03.000Z\",\"end_time\":\"2032-01-19T21:27:03.000Z\"}},{\"description\":\"Threat: Ryuk\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/threat/?tid=261\",\"id\":\"transient:sighting-386090c4-d2d7-405c-971c-42a864984c47\",\"count\":1,\"severity\":\"High\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T17:12:42.000Z\",\"end_time\":\"2032-01-19T17:12:42.000Z\"}},{\"description\":\"found in threat feeds\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=21123478\",\"id\":\"transient:sighting-d1d139b2-9f99-4549-a159-6d114a9da6c0\",\"count\":1,\"severity\":\"High\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T21:27:03.000Z\",\"end_time\":\"2032-01-19T21:27:03.000Z\"}}]}}}]},\"id\":\"investigate-c55c66e8\",\"uuid\":\"28fc7711-0645-4ed6-b79c-cc188037b4f8\"}]", "short_description": "Snapshot @ 20210204 07:36:24", "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-9b582566-7d8c-444b-b77f-8d653c429877", "tlp": "amber", "groups": ["32e22c6d-7624-477e-8bbd-989c979b552e"], "timestamp": "2021-02-04T07:36:40.327Z", "owner": "9d64bbce-2e7c-43f0-b9d7-0e2fa3c2d88d"}
\ No newline at end of file
+{"description": "Pulsedive Domain", "schema_version": "1.0.23", "type": "investigation", "search-txt": "domain:\"wightcompany.com\"", "source": "Anastasiia Rozlyvan", "actions": "[{\"created-perf\":13201100000.000223,\"updated-perf\":13201105000.000097,\"type\":\"collect\",\"created\":\"2021-02-04T07:33:57.537Z\",\"state\":\"ok\",\"arg\":\"wightcompany.com\\n\\n\",\"result\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"id\":\"collect-aa796cee\",\"uuid\":\"3d60e993-7725-4db9-88e4-9a2031bbaf53\"},{\"created-perf\":13687590000.000454,\"updated-perf\":13687590000.000454,\"type\":\"deliberate\",\"created\":\"2021-02-04T07:33:58.023Z\",\"state\":\"ok\",\"arg\":[{\"type\":\"domain\",\"value\":\"wightcompany.com\"}],\"result\":{\"data\":[{\"module\":\"AMP File Reputation\",\"module_instance_id\":\"ddcf41a2-3ecb-43e8-b5b2-0e36ad2e16f3\",\"module_type_id\":\"1898d0e8-45f7-550d-8ab5-915f064426dd\",\"data\":{\"verdicts\":{\"count\":0,\"docs\":[]}}}]},\"id\":\"deliberate-35d1c38e\",\"uuid\":\"b413d9e0-7a03-47e0-b121-a07751df6779\"},{\"created-perf\":14443355000.000338,\"updated-perf\":14443360000.000212,\"type\":\"investigate\",\"created\":\"2021-02-04T07:33:58.779Z\",\"state\":\"ok\",\"arg\":{\"type\":\"domain\",\"value\":\"wightcompany.com\"},\"result\":{\"data\":[{\"module\":\"Pulsedive\",\"module_instance_id\":\"c53416a4-abf2-4e99-b9e9-826cc4f27c25\",\"module_type_id\":\"cb1f6d1c-f28b-4c50-82ba-11ab49fd39be\",\"data\":{\"indicators\":{\"count\":7,\"docs\":[{\"tags\":[\"malware\"],\"valid_time\":{\"start_time\":\"2032-04-19T17:12:42.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"Threat: Ryuk\",\"title\":\"Threat: Ryuk\",\"source_uri\":\"https://pulsedive.com/threat/?tid=261\",\"id\":\"transient:indicator-217e31a3-bacb-5e50-a3ea-798d509615f6\",\"severity\":\"High\",\"tlp\":\"white\"},{\"tags\":[\"malware\"],\"valid_time\":{\"start_time\":\"2032-04-19T17:12:42.000Z\"},\"producer\":\"AlphaSOC\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"Feed: AlphaSOC Ryuk C2\",\"title\":\"Feed: AlphaSOC Ryuk C2\",\"source_uri\":\"https://pulsedive.com/feed/?fid=66\",\"id\":\"transient:indicator-3337e1be-1d82-5c42-b493-25796da3ff41\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-04-19T21:27:03.000Z\",\"end_time\":\"2032-07-20T03:27:03.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"registration recently updated\",\"title\":\"registration recently updated\",\"id\":\"transient:indicator-0218c770-4b29-5e6b-8fa0-dc4d4d39196a\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-04-19T21:27:03.000Z\",\"end_time\":\"2032-07-20T03:27:03.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"recently registered\",\"title\":\"recently registered\",\"id\":\"transient:indicator-09fc8707-928f-5df0-ac81-3126cec719d3\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-04-19T21:27:03.000Z\",\"end_time\":\"2032-07-20T03:27:03.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"SPF record present\",\"title\":\"SPF record present\",\"id\":\"transient:indicator-4ac11498-6d80-52e4-b104-004b9ff8a6d1\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-04-19T21:27:03.000Z\",\"end_time\":\"2032-07-20T03:27:03.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"found in threat feeds\",\"title\":\"found in threat feeds\",\"id\":\"transient:indicator-de577757-b53c-5b49-8e8d-508420e9f63b\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-04-19T21:27:03.000Z\",\"end_time\":\"2032-07-20T03:27:03.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"does not resolve to an IP\",\"title\":\"does not resolve to an IP\",\"id\":\"transient:indicator-0825b49a-b024-521a-8393-25a8a226b28d\",\"tlp\":\"white\"}]},\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":2,\"observable\":{\"value\":\"wightcompany.com\",\"type\":\"domain\"},\"disposition_name\":\"Malicious\",\"valid_time\":{\"start_time\":\"2032-04-19T21:27:03.000Z\",\"end_time\":\"2032-07-20T03:27:03.000Z\"}}]},\"relationships\":{\"count\":7,\"docs\":[{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-0218c770-4b29-5e6b-8fa0-dc4d4d39196a\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-9878c197-5f23-450d-8a8f-13fadb94affd\",\"id\":\"transient:relationship-ce6708c6-37b7-4390-a683-27683969eec6\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-09fc8707-928f-5df0-ac81-3126cec719d3\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-c4f91bb3-6b49-4223-b215-53a428e936d5\",\"id\":\"transient:relationship-8f010cd5-dab3-4977-b08f-4e03c757fc9a\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-217e31a3-bacb-5e50-a3ea-798d509615f6\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-386090c4-d2d7-405c-971c-42a864984c47\",\"id\":\"transient:relationship-861f8a45-6827-4001-82a2-f8a23d0a9b8e\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-3337e1be-1d82-5c42-b493-25796da3ff41\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-8988e668-adbf-4058-9c14-eb1cbd7eda2f\",\"id\":\"transient:relationship-e9694407-3803-4cd5-a25c-c4203dd9b873\",\"relationship_type\":\"member-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-de577757-b53c-5b49-8e8d-508420e9f63b\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-d1d139b2-9f99-4549-a159-6d114a9da6c0\",\"id\":\"transient:relationship-fc60cc7a-cda2-45d9-a2d3-953f7218e229\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-4ac11498-6d80-52e4-b104-004b9ff8a6d1\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-429b9ddc-5e4d-469b-b937-3eba60a6a113\",\"id\":\"transient:relationship-c70f6b63-cc0b-428d-bca8-90380dc731eb\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-0825b49a-b024-521a-8393-25a8a226b28d\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-c258e6b1-eb2f-4f17-aa6b-87babb0b70df\",\"id\":\"transient:relationship-95c7e06a-1126-4d7b-860c-62e05df13f5b\",\"relationship_type\":\"sighting-of\"}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2032-04-19T21:27:03.000Z\",\"end_time\":\"2032-07-20T03:27:03.000Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"wightcompany.com\",\"type\":\"domain\"},\"type\":\"judgement\",\"source\":\"Pulsedive\",\"disposition\":2,\"source_uri\":\"https://pulsedive.com/indicator/?iid=21123478\",\"disposition_name\":\"Malicious\",\"priority\":85,\"id\":\"transient:judgement-a1bacf6b-4c98-427b-abb6-9898dd9ab383\",\"severity\":\"High\",\"tlp\":\"white\",\"confidence\":\"Medium\"}]},\"sightings\":{\"count\":7,\"docs\":[{\"description\":\"Feed: AlphaSOC Ryuk C2\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/feed/?fid=66\",\"id\":\"transient:sighting-8988e668-adbf-4058-9c14-eb1cbd7eda2f\",\"count\":1,\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T17:12:42.000Z\",\"end_time\":\"2032-04-19T17:12:42.000Z\"}},{\"description\":\"SPF record present\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=21123478\",\"id\":\"transient:sighting-429b9ddc-5e4d-469b-b937-3eba60a6a113\",\"count\":1,\"severity\":\"High\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T21:27:03.000Z\",\"end_time\":\"2032-04-19T21:27:03.000Z\"}},{\"description\":\"recently registered\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=21123478\",\"id\":\"transient:sighting-c4f91bb3-6b49-4223-b215-53a428e936d5\",\"count\":1,\"severity\":\"High\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T21:27:03.000Z\",\"end_time\":\"2032-04-19T21:27:03.000Z\"}},{\"description\":\"registration recently updated\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=21123478\",\"id\":\"transient:sighting-9878c197-5f23-450d-8a8f-13fadb94affd\",\"count\":1,\"severity\":\"High\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T21:27:03.000Z\",\"end_time\":\"2032-04-19T21:27:03.000Z\"}},{\"description\":\"does not resolve to an IP\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=21123478\",\"id\":\"transient:sighting-c258e6b1-eb2f-4f17-aa6b-87babb0b70df\",\"count\":1,\"severity\":\"High\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T21:27:03.000Z\",\"end_time\":\"2032-04-19T21:27:03.000Z\"}},{\"description\":\"Threat: Ryuk\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/threat/?tid=261\",\"id\":\"transient:sighting-386090c4-d2d7-405c-971c-42a864984c47\",\"count\":1,\"severity\":\"High\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T17:12:42.000Z\",\"end_time\":\"2032-04-19T17:12:42.000Z\"}},{\"description\":\"found in threat feeds\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"wightcompany.com\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=21123478\",\"id\":\"transient:sighting-d1d139b2-9f99-4549-a159-6d114a9da6c0\",\"count\":1,\"severity\":\"High\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T21:27:03.000Z\",\"end_time\":\"2032-04-19T21:27:03.000Z\"}}]}}}]},\"id\":\"investigate-c55c66e8\",\"uuid\":\"28fc7711-0645-4ed6-b79c-cc188037b4f8\"}]", "short_description": "Snapshot @ 20210204 07:36:24", "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-9b582566-7d8c-444b-b77f-8d653c429877", "tlp": "amber", "groups": ["32e22c6d-7624-477e-8bbd-989c979b552e"], "timestamp": "2021-02-04T07:36:40.327Z", "owner": "9d64bbce-2e7c-43f0-b9d7-0e2fa3c2d88d"}
\ No newline at end of file
diff --git a/Pulsedive/Snapshot_Pulsedive_IP.json b/Pulsedive/Snapshot_Pulsedive_IP.json
index 0b65df48..366c16fd 100644
--- a/Pulsedive/Snapshot_Pulsedive_IP.json
+++ b/Pulsedive/Snapshot_Pulsedive_IP.json
@@ -1 +1 @@
-{"description": "Pulsedive IP", "schema_version": "1.0.23", "type": "investigation", "search-txt": "ip:\"89.252.159.35\"", "source": "Anastasiia Rozlyvan", "actions": "[{\"created-perf\":1739295000.0003111,\"updated-perf\":1739295000.0003111,\"type\":\"collect\",\"created\":\"2021-02-04T07:43:44.292Z\",\"state\":\"ok\",\"arg\":\"89.252.159.35\",\"result\":[{\"value\":\"89.252.159.35\",\"type\":\"ip\"}],\"id\":\"collect-c9795919\",\"uuid\":\"94c076a2-cfa8-4992-81ef-afc3b5c4d3bf\"},{\"created-perf\":5319815000.000745,\"updated-perf\":5319815000.000745,\"type\":\"deliberate\",\"created\":\"2021-02-04T07:43:47.872Z\",\"state\":\"ok\",\"arg\":[{\"type\":\"ip\",\"value\":\"89.252.159.35\"}],\"result\":{\"data\":[{\"module\":\"AMP File Reputation\",\"module_instance_id\":\"ddcf41a2-3ecb-43e8-b5b2-0e36ad2e16f3\",\"module_type_id\":\"1898d0e8-45f7-550d-8ab5-915f064426dd\",\"data\":{\"verdicts\":{\"count\":0,\"docs\":[]}}}]},\"id\":\"deliberate-8f977ac7\",\"uuid\":\"d73f30a4-e80e-46fd-937b-73498c756211\"},{\"created-perf\":6021695000.000363,\"updated-perf\":6021695000.000363,\"type\":\"investigate\",\"created\":\"2021-02-04T07:43:48.574Z\",\"state\":\"ok\",\"arg\":{\"type\":\"ip\",\"value\":\"89.252.159.35\"},\"result\":{\"data\":[{\"module\":\"Pulsedive\",\"module_instance_id\":\"c53416a4-abf2-4e99-b9e9-826cc4f27c25\",\"module_type_id\":\"cb1f6d1c-f28b-4c50-82ba-11ab49fd39be\",\"data\":{\"indicators\":{\"count\":4,\"docs\":[{\"tags\":[\"malware\"],\"valid_time\":{\"start_time\":\"2032-01-19T12:23:05.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"Threat: Suppobox\",\"title\":\"Threat: Suppobox\",\"source_uri\":\"https://pulsedive.com/threat/?tid=19\",\"id\":\"transient:indicator-35d5f829-4341-55ff-912e-4b290c7d043e\",\"severity\":\"Low\",\"tlp\":\"white\"},{\"tags\":[\"malware\"],\"valid_time\":{\"start_time\":\"2032-01-19T12:23:05.000Z\"},\"producer\":\"Bambenek Consulting\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"Feed: C&C IPs\",\"title\":\"Feed: C&C IPs\",\"source_uri\":\"https://pulsedive.com/feed/?fid=4\",\"id\":\"transient:indicator-9b85934d-c739-5583-9b06-79ec5fed2c20\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-01-19T13:49:06.000Z\",\"end_time\":\"2032-04-19T19:49:06.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"returns PTR record\",\"title\":\"returns PTR record\",\"id\":\"transient:indicator-c8ce2607-78d1-5366-8354-3342bc6c7c27\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-01-19T13:49:06.000Z\",\"end_time\":\"2032-04-19T19:49:06.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"found in threat feeds\",\"title\":\"found in threat feeds\",\"id\":\"transient:indicator-de577757-b53c-5b49-8e8d-508420e9f63b\",\"tlp\":\"white\"}]},\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":3,\"observable\":{\"value\":\"89.252.159.35\",\"type\":\"ip\"},\"disposition_name\":\"Suspicious\",\"valid_time\":{\"start_time\":\"2032-01-19T13:49:06.000Z\",\"end_time\":\"2032-04-19T19:49:06.000Z\"}}]},\"relationships\":{\"count\":4,\"docs\":[{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-c8ce2607-78d1-5366-8354-3342bc6c7c27\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-67b5e181-de94-4679-a57a-3b9e425b9145\",\"id\":\"transient:relationship-ea5bbf0d-d0bd-4e67-92be-b867fae35ab4\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-9b85934d-c739-5583-9b06-79ec5fed2c20\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-88af4e38-5e25-4141-983e-42328b0b9615\",\"id\":\"transient:relationship-5320d05a-2be5-4027-8787-bee0b26f8d49\",\"relationship_type\":\"member-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-35d5f829-4341-55ff-912e-4b290c7d043e\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-f7f26f66-6ead-4d36-addb-50a5ad91cc78\",\"id\":\"transient:relationship-e71d08d5-6200-4402-9503-3f707f9d80ea\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-de577757-b53c-5b49-8e8d-508420e9f63b\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-b4215d9a-27f7-494e-86a8-9d1980a04336\",\"id\":\"transient:relationship-73cb63c2-2c64-4443-9dc2-30bd4efe6c88\",\"relationship_type\":\"sighting-of\"}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2032-01-19T13:49:06.000Z\",\"end_time\":\"2032-04-19T19:49:06.000Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"89.252.159.35\",\"type\":\"ip\"},\"type\":\"judgement\",\"source\":\"Pulsedive\",\"disposition\":3,\"source_uri\":\"https://pulsedive.com/indicator/?iid=17021492\",\"disposition_name\":\"Suspicious\",\"priority\":85,\"id\":\"transient:judgement-54b1166b-d491-4495-82ad-644f769a002c\",\"severity\":\"Low\",\"tlp\":\"white\",\"confidence\":\"Medium\"}]},\"sightings\":{\"count\":4,\"docs\":[{\"description\":\"returns PTR record\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"89.252.159.35\",\"type\":\"ip\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=17021492\",\"id\":\"transient:sighting-67b5e181-de94-4679-a57a-3b9e425b9145\",\"count\":1,\"severity\":\"Low\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T13:49:06.000Z\",\"end_time\":\"2032-01-19T13:49:06.000Z\"}},{\"description\":\"Feed: C&C IPs\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"89.252.159.35\",\"type\":\"ip\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/feed/?fid=4\",\"id\":\"transient:sighting-88af4e38-5e25-4141-983e-42328b0b9615\",\"count\":1,\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T12:23:05.000Z\",\"end_time\":\"2032-01-19T12:23:05.000Z\"}},{\"description\":\"Threat: Suppobox\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"89.252.159.35\",\"type\":\"ip\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/threat/?tid=19\",\"id\":\"transient:sighting-f7f26f66-6ead-4d36-addb-50a5ad91cc78\",\"count\":1,\"severity\":\"Low\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T12:23:05.000Z\",\"end_time\":\"2032-01-19T12:23:05.000Z\"}},{\"description\":\"found in threat feeds\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"89.252.159.35\",\"type\":\"ip\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=17021492\",\"id\":\"transient:sighting-b4215d9a-27f7-494e-86a8-9d1980a04336\",\"count\":1,\"severity\":\"Low\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T13:49:06.000Z\",\"end_time\":\"2032-01-19T13:49:06.000Z\"}}]}}}]},\"id\":\"investigate-f3baf0cd\",\"uuid\":\"2979134d-1efa-405d-9bd9-c1a9a24cb0a1\"}]", "short_description": "Snapshot @ 20210204 07:44:28", "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-003bfb99-69a6-4108-87eb-76d4c6a58c1a", "tlp": "amber", "groups": ["32e22c6d-7624-477e-8bbd-989c979b552e"], "timestamp": "2021-02-04T07:44:39.069Z", "owner": "9d64bbce-2e7c-43f0-b9d7-0e2fa3c2d88d"}
\ No newline at end of file
+{"description": "Pulsedive IP", "schema_version": "1.0.23", "type": "investigation", "search-txt": "ip:\"89.252.159.35\"", "source": "Anastasiia Rozlyvan", "actions": "[{\"created-perf\":1739295000.0003111,\"updated-perf\":1739295000.0003111,\"type\":\"collect\",\"created\":\"2021-02-04T07:43:44.292Z\",\"state\":\"ok\",\"arg\":\"89.252.159.35\",\"result\":[{\"value\":\"89.252.159.35\",\"type\":\"ip\"}],\"id\":\"collect-c9795919\",\"uuid\":\"94c076a2-cfa8-4992-81ef-afc3b5c4d3bf\"},{\"created-perf\":5319815000.000745,\"updated-perf\":5319815000.000745,\"type\":\"deliberate\",\"created\":\"2021-02-04T07:43:47.872Z\",\"state\":\"ok\",\"arg\":[{\"type\":\"ip\",\"value\":\"89.252.159.35\"}],\"result\":{\"data\":[{\"module\":\"AMP File Reputation\",\"module_instance_id\":\"ddcf41a2-3ecb-43e8-b5b2-0e36ad2e16f3\",\"module_type_id\":\"1898d0e8-45f7-550d-8ab5-915f064426dd\",\"data\":{\"verdicts\":{\"count\":0,\"docs\":[]}}}]},\"id\":\"deliberate-8f977ac7\",\"uuid\":\"d73f30a4-e80e-46fd-937b-73498c756211\"},{\"created-perf\":6021695000.000363,\"updated-perf\":6021695000.000363,\"type\":\"investigate\",\"created\":\"2021-02-04T07:43:48.574Z\",\"state\":\"ok\",\"arg\":{\"type\":\"ip\",\"value\":\"89.252.159.35\"},\"result\":{\"data\":[{\"module\":\"Pulsedive\",\"module_instance_id\":\"c53416a4-abf2-4e99-b9e9-826cc4f27c25\",\"module_type_id\":\"cb1f6d1c-f28b-4c50-82ba-11ab49fd39be\",\"data\":{\"indicators\":{\"count\":4,\"docs\":[{\"tags\":[\"malware\"],\"valid_time\":{\"start_time\":\"2032-04-19T12:23:05.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"Threat: Suppobox\",\"title\":\"Threat: Suppobox\",\"source_uri\":\"https://pulsedive.com/threat/?tid=19\",\"id\":\"transient:indicator-35d5f829-4341-55ff-912e-4b290c7d043e\",\"severity\":\"Low\",\"tlp\":\"white\"},{\"tags\":[\"malware\"],\"valid_time\":{\"start_time\":\"2032-04-19T12:23:05.000Z\"},\"producer\":\"Bambenek Consulting\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"Feed: C&C IPs\",\"title\":\"Feed: C&C IPs\",\"source_uri\":\"https://pulsedive.com/feed/?fid=4\",\"id\":\"transient:indicator-9b85934d-c739-5583-9b06-79ec5fed2c20\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-04-19T13:49:06.000Z\",\"end_time\":\"2032-07-19T19:49:06.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"returns PTR record\",\"title\":\"returns PTR record\",\"id\":\"transient:indicator-c8ce2607-78d1-5366-8354-3342bc6c7c27\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-04-19T13:49:06.000Z\",\"end_time\":\"2032-07-19T19:49:06.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"found in threat feeds\",\"title\":\"found in threat feeds\",\"id\":\"transient:indicator-de577757-b53c-5b49-8e8d-508420e9f63b\",\"tlp\":\"white\"}]},\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":3,\"observable\":{\"value\":\"89.252.159.35\",\"type\":\"ip\"},\"disposition_name\":\"Suspicious\",\"valid_time\":{\"start_time\":\"2032-04-19T13:49:06.000Z\",\"end_time\":\"2032-07-19T19:49:06.000Z\"}}]},\"relationships\":{\"count\":4,\"docs\":[{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-c8ce2607-78d1-5366-8354-3342bc6c7c27\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-67b5e181-de94-4679-a57a-3b9e425b9145\",\"id\":\"transient:relationship-ea5bbf0d-d0bd-4e67-92be-b867fae35ab4\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-9b85934d-c739-5583-9b06-79ec5fed2c20\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-88af4e38-5e25-4141-983e-42328b0b9615\",\"id\":\"transient:relationship-5320d05a-2be5-4027-8787-bee0b26f8d49\",\"relationship_type\":\"member-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-35d5f829-4341-55ff-912e-4b290c7d043e\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-f7f26f66-6ead-4d36-addb-50a5ad91cc78\",\"id\":\"transient:relationship-e71d08d5-6200-4402-9503-3f707f9d80ea\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-de577757-b53c-5b49-8e8d-508420e9f63b\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-b4215d9a-27f7-494e-86a8-9d1980a04336\",\"id\":\"transient:relationship-73cb63c2-2c64-4443-9dc2-30bd4efe6c88\",\"relationship_type\":\"sighting-of\"}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2032-04-19T13:49:06.000Z\",\"end_time\":\"2032-07-19T19:49:06.000Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"89.252.159.35\",\"type\":\"ip\"},\"type\":\"judgement\",\"source\":\"Pulsedive\",\"disposition\":3,\"source_uri\":\"https://pulsedive.com/indicator/?iid=17021492\",\"disposition_name\":\"Suspicious\",\"priority\":85,\"id\":\"transient:judgement-54b1166b-d491-4495-82ad-644f769a002c\",\"severity\":\"Low\",\"tlp\":\"white\",\"confidence\":\"Medium\"}]},\"sightings\":{\"count\":4,\"docs\":[{\"description\":\"returns PTR record\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"89.252.159.35\",\"type\":\"ip\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=17021492\",\"id\":\"transient:sighting-67b5e181-de94-4679-a57a-3b9e425b9145\",\"count\":1,\"severity\":\"Low\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T13:49:06.000Z\",\"end_time\":\"2032-04-19T13:49:06.000Z\"}},{\"description\":\"Feed: C&C IPs\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"89.252.159.35\",\"type\":\"ip\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/feed/?fid=4\",\"id\":\"transient:sighting-88af4e38-5e25-4141-983e-42328b0b9615\",\"count\":1,\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T12:23:05.000Z\",\"end_time\":\"2032-04-19T12:23:05.000Z\"}},{\"description\":\"Threat: Suppobox\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"89.252.159.35\",\"type\":\"ip\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/threat/?tid=19\",\"id\":\"transient:sighting-f7f26f66-6ead-4d36-addb-50a5ad91cc78\",\"count\":1,\"severity\":\"Low\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T12:23:05.000Z\",\"end_time\":\"2032-04-19T12:23:05.000Z\"}},{\"description\":\"found in threat feeds\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"89.252.159.35\",\"type\":\"ip\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=17021492\",\"id\":\"transient:sighting-b4215d9a-27f7-494e-86a8-9d1980a04336\",\"count\":1,\"severity\":\"Low\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T13:49:06.000Z\",\"end_time\":\"2032-04-19T13:49:06.000Z\"}}]}}}]},\"id\":\"investigate-f3baf0cd\",\"uuid\":\"2979134d-1efa-405d-9bd9-c1a9a24cb0a1\"}]", "short_description": "Snapshot @ 20210204 07:44:28", "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-003bfb99-69a6-4108-87eb-76d4c6a58c1a", "tlp": "amber", "groups": ["32e22c6d-7624-477e-8bbd-989c979b552e"], "timestamp": "2021-02-04T07:44:39.069Z", "owner": "9d64bbce-2e7c-43f0-b9d7-0e2fa3c2d88d"}
\ No newline at end of file
diff --git a/Pulsedive/Snapshot_Pulsedive_IPv6.json b/Pulsedive/Snapshot_Pulsedive_IPv6.json
index fe4eb7ae..4a839914 100644
--- a/Pulsedive/Snapshot_Pulsedive_IPv6.json
+++ b/Pulsedive/Snapshot_Pulsedive_IPv6.json
@@ -1 +1 @@
-{"description": "Pulsedive ipv6", "schema_version": "1.0.23", "type": "investigation", "search-txt": "ipv6:\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\"", "source": "Anastasiia Rozlyvan", "actions": "[{\"created-perf\":1991555000.000517,\"updated-perf\":1991555000.000517,\"type\":\"collect\",\"created\":\"2021-02-04T07:48:03.319Z\",\"state\":\"ok\",\"arg\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\\n\\n\",\"result\":[{\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\",\"type\":\"ipv6\"}],\"id\":\"collect-b230c168\",\"uuid\":\"82a4adc4-da76-44f7-826a-f342acef0a70\"},{\"created-perf\":2470430000.0003057,\"updated-perf\":2470435000.00018,\"type\":\"deliberate\",\"created\":\"2021-02-04T07:48:03.798Z\",\"state\":\"ok\",\"arg\":[{\"type\":\"ipv6\",\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\"}],\"result\":{\"data\":[{\"module\":\"AMP File Reputation\",\"module_instance_id\":\"ddcf41a2-3ecb-43e8-b5b2-0e36ad2e16f3\",\"module_type_id\":\"1898d0e8-45f7-550d-8ab5-915f064426dd\",\"data\":{\"verdicts\":{\"count\":0,\"docs\":[]}}}]},\"id\":\"deliberate-d2edd3d7\",\"uuid\":\"0ceafd39-7a38-40a2-8c11-a09fe7b7d518\"},{\"created-perf\":3237245000.0002575,\"updated-perf\":3237245000.0002575,\"type\":\"investigate\",\"created\":\"2021-02-04T07:48:04.565Z\",\"state\":\"ok\",\"arg\":{\"type\":\"ipv6\",\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\"},\"result\":{\"data\":[{\"module\":\"Pulsedive\",\"module_instance_id\":\"c53416a4-abf2-4e99-b9e9-826cc4f27c25\",\"module_type_id\":\"cb1f6d1c-f28b-4c50-82ba-11ab49fd39be\",\"data\":{\"indicators\":{\"count\":3,\"docs\":[{\"tags\":[\"proxy\"],\"valid_time\":{\"start_time\":\"2032-01-19T12:13:44.000Z\"},\"producer\":\"dan.me.uk\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"Feed: Tor IPs\",\"title\":\"Feed: Tor IPs\",\"source_uri\":\"https://pulsedive.com/feed/?fid=3\",\"id\":\"transient:indicator-9261765e-fcb5-5b47-9eb2-dd58c72b83dc\",\"tlp\":\"white\"},{\"tags\":[\"proxy\"],\"valid_time\":{\"start_time\":\"2032-01-19T12:13:44.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"Threat: Tor Proxy\",\"title\":\"Threat: Tor Proxy\",\"source_uri\":\"https://pulsedive.com/threat/?tid=3\",\"id\":\"transient:indicator-38c8f320-be00-5b46-9cd9-20b74d5d6765\",\"severity\":\"Medium\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-01-19T12:13:50.000Z\",\"end_time\":\"2032-04-19T18:13:50.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"found in threat feeds\",\"title\":\"found in threat feeds\",\"id\":\"transient:indicator-de577757-b53c-5b49-8e8d-508420e9f63b\",\"tlp\":\"white\"}]},\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":3,\"observable\":{\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\",\"type\":\"ipv6\"},\"disposition_name\":\"Suspicious\",\"valid_time\":{\"start_time\":\"2032-01-19T12:13:50.000Z\",\"end_time\":\"2032-04-19T18:13:50.000Z\"}}]},\"relationships\":{\"count\":3,\"docs\":[{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-38c8f320-be00-5b46-9cd9-20b74d5d6765\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-3d60d535-c9f1-4967-bc48-6fdc7e9450aa\",\"id\":\"transient:relationship-f33fea3e-4765-4f53-a932-a63db3256cc7\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-9261765e-fcb5-5b47-9eb2-dd58c72b83dc\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-e18dd798-89a3-4743-9841-310407392cf9\",\"id\":\"transient:relationship-ac424f4c-332d-4cf2-adcc-af6928b65455\",\"relationship_type\":\"member-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-de577757-b53c-5b49-8e8d-508420e9f63b\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-b3eb5ec0-160d-4126-b922-a4b75a16b2f5\",\"id\":\"transient:relationship-2c8ba0e6-d1e5-44c7-80d3-9d25a8932c57\",\"relationship_type\":\"sighting-of\"}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2032-01-19T12:13:50.000Z\",\"end_time\":\"2032-04-19T18:13:50.000Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\",\"type\":\"ipv6\"},\"type\":\"judgement\",\"source\":\"Pulsedive\",\"disposition\":3,\"source_uri\":\"https://pulsedive.com/indicator/?iid=21053132\",\"disposition_name\":\"Suspicious\",\"priority\":85,\"id\":\"transient:judgement-00085683-208b-406a-a309-379e175b2207\",\"severity\":\"Medium\",\"tlp\":\"white\",\"confidence\":\"Medium\"}]},\"sightings\":{\"count\":3,\"docs\":[{\"description\":\"found in threat feeds\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\",\"type\":\"ipv6\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=21053132\",\"id\":\"transient:sighting-b3eb5ec0-160d-4126-b922-a4b75a16b2f5\",\"count\":1,\"severity\":\"Medium\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T12:13:50.000Z\",\"end_time\":\"2032-01-19T12:13:50.000Z\"}},{\"description\":\"Threat: Tor Proxy\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\",\"type\":\"ipv6\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/threat/?tid=3\",\"id\":\"transient:sighting-3d60d535-c9f1-4967-bc48-6fdc7e9450aa\",\"count\":1,\"severity\":\"Medium\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T12:13:44.000Z\",\"end_time\":\"2032-01-19T12:13:44.000Z\"}},{\"description\":\"Feed: Tor IPs\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\",\"type\":\"ipv6\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/feed/?fid=3\",\"id\":\"transient:sighting-e18dd798-89a3-4743-9841-310407392cf9\",\"count\":1,\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T12:13:44.000Z\",\"end_time\":\"2032-01-19T12:13:44.000Z\"}}]}}}]},\"id\":\"investigate-d788b639\",\"uuid\":\"49300405-7a68-4572-be52-fe8e1120eb7e\"}]", "short_description": "Snapshot @ 20210204 07:49:01", "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-f7cd7b4c-1166-46af-b487-c88fa21906d8", "tlp": "amber", "groups": ["32e22c6d-7624-477e-8bbd-989c979b552e"], "timestamp": "2021-02-04T07:49:13.541Z", "owner": "9d64bbce-2e7c-43f0-b9d7-0e2fa3c2d88d"}
\ No newline at end of file
+{"description": "Pulsedive ipv6", "schema_version": "1.0.23", "type": "investigation", "search-txt": "ipv6:\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\"", "source": "Anastasiia Rozlyvan", "actions": "[{\"created-perf\":1991555000.000517,\"updated-perf\":1991555000.000517,\"type\":\"collect\",\"created\":\"2021-02-04T07:48:03.319Z\",\"state\":\"ok\",\"arg\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\\n\\n\",\"result\":[{\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\",\"type\":\"ipv6\"}],\"id\":\"collect-b230c168\",\"uuid\":\"82a4adc4-da76-44f7-826a-f342acef0a70\"},{\"created-perf\":2470430000.0003057,\"updated-perf\":2470435000.00018,\"type\":\"deliberate\",\"created\":\"2021-02-04T07:48:03.798Z\",\"state\":\"ok\",\"arg\":[{\"type\":\"ipv6\",\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\"}],\"result\":{\"data\":[{\"module\":\"AMP File Reputation\",\"module_instance_id\":\"ddcf41a2-3ecb-43e8-b5b2-0e36ad2e16f3\",\"module_type_id\":\"1898d0e8-45f7-550d-8ab5-915f064426dd\",\"data\":{\"verdicts\":{\"count\":0,\"docs\":[]}}}]},\"id\":\"deliberate-d2edd3d7\",\"uuid\":\"0ceafd39-7a38-40a2-8c11-a09fe7b7d518\"},{\"created-perf\":3237245000.0002575,\"updated-perf\":3237245000.0002575,\"type\":\"investigate\",\"created\":\"2021-02-04T07:48:04.565Z\",\"state\":\"ok\",\"arg\":{\"type\":\"ipv6\",\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\"},\"result\":{\"data\":[{\"module\":\"Pulsedive\",\"module_instance_id\":\"c53416a4-abf2-4e99-b9e9-826cc4f27c25\",\"module_type_id\":\"cb1f6d1c-f28b-4c50-82ba-11ab49fd39be\",\"data\":{\"indicators\":{\"count\":3,\"docs\":[{\"tags\":[\"proxy\"],\"valid_time\":{\"start_time\":\"2032-04-19T12:13:44.000Z\"},\"producer\":\"dan.me.uk\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"Feed: Tor IPs\",\"title\":\"Feed: Tor IPs\",\"source_uri\":\"https://pulsedive.com/feed/?fid=3\",\"id\":\"transient:indicator-9261765e-fcb5-5b47-9eb2-dd58c72b83dc\",\"tlp\":\"white\"},{\"tags\":[\"proxy\"],\"valid_time\":{\"start_time\":\"2032-04-19T12:13:44.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"Threat: Tor Proxy\",\"title\":\"Threat: Tor Proxy\",\"source_uri\":\"https://pulsedive.com/threat/?tid=3\",\"id\":\"transient:indicator-38c8f320-be00-5b46-9cd9-20b74d5d6765\",\"severity\":\"Medium\",\"tlp\":\"white\"},{\"valid_time\":{\"start_time\":\"2032-04-19T12:13:50.000Z\",\"end_time\":\"2032-07-19T18:13:50.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"found in threat feeds\",\"title\":\"found in threat feeds\",\"id\":\"transient:indicator-de577757-b53c-5b49-8e8d-508420e9f63b\",\"tlp\":\"white\"}]},\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":3,\"observable\":{\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\",\"type\":\"ipv6\"},\"disposition_name\":\"Suspicious\",\"valid_time\":{\"start_time\":\"2032-04-19T12:13:50.000Z\",\"end_time\":\"2032-07-19T18:13:50.000Z\"}}]},\"relationships\":{\"count\":3,\"docs\":[{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-38c8f320-be00-5b46-9cd9-20b74d5d6765\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-3d60d535-c9f1-4967-bc48-6fdc7e9450aa\",\"id\":\"transient:relationship-f33fea3e-4765-4f53-a932-a63db3256cc7\",\"relationship_type\":\"sighting-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-9261765e-fcb5-5b47-9eb2-dd58c72b83dc\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-e18dd798-89a3-4743-9841-310407392cf9\",\"id\":\"transient:relationship-ac424f4c-332d-4cf2-adcc-af6928b65455\",\"relationship_type\":\"member-of\"},{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-de577757-b53c-5b49-8e8d-508420e9f63b\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-b3eb5ec0-160d-4126-b922-a4b75a16b2f5\",\"id\":\"transient:relationship-2c8ba0e6-d1e5-44c7-80d3-9d25a8932c57\",\"relationship_type\":\"sighting-of\"}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2032-04-19T12:13:50.000Z\",\"end_time\":\"2032-07-19T18:13:50.000Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\",\"type\":\"ipv6\"},\"type\":\"judgement\",\"source\":\"Pulsedive\",\"disposition\":3,\"source_uri\":\"https://pulsedive.com/indicator/?iid=21053132\",\"disposition_name\":\"Suspicious\",\"priority\":85,\"id\":\"transient:judgement-00085683-208b-406a-a309-379e175b2207\",\"severity\":\"Medium\",\"tlp\":\"white\",\"confidence\":\"Medium\"}]},\"sightings\":{\"count\":3,\"docs\":[{\"description\":\"found in threat feeds\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\",\"type\":\"ipv6\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=21053132\",\"id\":\"transient:sighting-b3eb5ec0-160d-4126-b922-a4b75a16b2f5\",\"count\":1,\"severity\":\"Medium\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T12:13:50.000Z\",\"end_time\":\"2032-04-19T12:13:50.000Z\"}},{\"description\":\"Threat: Tor Proxy\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\",\"type\":\"ipv6\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/threat/?tid=3\",\"id\":\"transient:sighting-3d60d535-c9f1-4967-bc48-6fdc7e9450aa\",\"count\":1,\"severity\":\"Medium\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T12:13:44.000Z\",\"end_time\":\"2032-04-19T12:13:44.000Z\"}},{\"description\":\"Feed: Tor IPs\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"2001:0470:d93f:0020:c47e:568d:c12f:aef5\",\"type\":\"ipv6\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/feed/?fid=3\",\"id\":\"transient:sighting-e18dd798-89a3-4743-9841-310407392cf9\",\"count\":1,\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T12:13:44.000Z\",\"end_time\":\"2032-04-19T12:13:44.000Z\"}}]}}}]},\"id\":\"investigate-d788b639\",\"uuid\":\"49300405-7a68-4572-be52-fe8e1120eb7e\"}]", "short_description": "Snapshot @ 20210204 07:49:01", "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-f7cd7b4c-1166-46af-b487-c88fa21906d8", "tlp": "amber", "groups": ["32e22c6d-7624-477e-8bbd-989c979b552e"], "timestamp": "2021-02-04T07:49:13.541Z", "owner": "9d64bbce-2e7c-43f0-b9d7-0e2fa3c2d88d"}
\ No newline at end of file
diff --git a/Pulsedive/Snapshot_Pulsedive_URL.json b/Pulsedive/Snapshot_Pulsedive_URL.json
index d3c653cd..64c636c2 100644
--- a/Pulsedive/Snapshot_Pulsedive_URL.json
+++ b/Pulsedive/Snapshot_Pulsedive_URL.json
@@ -1 +1 @@
-{"description": "Pulsedive URL", "schema_version": "1.0.23", "type": "investigation", "search-txt": "url:\"http://149.224.44.184/Bauschild.jpg\"", "source": "Anastasiia Rozlyvan", "actions": "[{\"created-perf\":6883944999.999585,\"updated-perf\":6883950000.000368,\"type\":\"collect\",\"created\":\"2021-02-04T07:52:48.728Z\",\"state\":\"ok\",\"arg\":\"url:'http://149.224.44.184/Bauschild.jpg'\",\"result\":[{\"value\":\"http://149.224.44.184/Bauschild.jpg\",\"type\":\"url\"}],\"id\":\"collect-c6100132\",\"uuid\":\"35382053-9159-44c3-b91b-b3dd01aae37c\"},{\"created-perf\":7350339999.99996,\"updated-perf\":7350339999.99996,\"type\":\"deliberate\",\"created\":\"2021-02-04T07:52:49.195Z\",\"state\":\"ok\",\"arg\":[{\"type\":\"url\",\"value\":\"http://149.224.44.184/Bauschild.jpg\"}],\"result\":{\"data\":[{\"module\":\"AMP File Reputation\",\"module_instance_id\":\"ddcf41a2-3ecb-43e8-b5b2-0e36ad2e16f3\",\"module_type_id\":\"1898d0e8-45f7-550d-8ab5-915f064426dd\",\"data\":{\"verdicts\":{\"count\":0,\"docs\":[]}}},{\"module\":\"Talos Intelligence\",\"module_instance_id\":\"f14a7465-a77a-4e28-8b97-23706a56eab5\",\"module_type_id\":\"2460c99b-2f01-523b-a65d-30a3c6603245\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":5,\"observable\":{\"value\":\"http://149.224.44.184/Bauschild.jpg\",\"type\":\"url\"},\"disposition_name\":\"Unknown\",\"valid_time\":{\"start_time\":\"2032-01-22T07:52:49.095Z\",\"end_time\":\"2032-02-21T07:52:49.095Z\"}}]}}}]},\"id\":\"deliberate-d808f1a6\",\"uuid\":\"f6e16bf7-0441-4099-8fd6-2fda9cdc2014\"},{\"created-perf\":8052450000.000135,\"updated-perf\":8052455000.000009,\"type\":\"investigate\",\"created\":\"2021-02-04T07:52:49.898Z\",\"state\":\"ok\",\"arg\":{\"type\":\"url\",\"value\":\"http://149.224.44.184/Bauschild.jpg\"},\"result\":{\"data\":[{\"module\":\"Talos Intelligence\",\"module_instance_id\":\"f14a7465-a77a-4e28-8b97-23706a56eab5\",\"module_type_id\":\"2460c99b-2f01-523b-a65d-30a3c6603245\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":5,\"observable\":{\"value\":\"http://149.224.44.184/Bauschild.jpg\",\"type\":\"url\"},\"judgement_id\":\"transient:59a5f8d2-3b40-4fe2-a4d1-6473644f791e\",\"disposition_name\":\"Unknown\",\"valid_time\":{\"start_time\":\"2032-01-22T07:52:49.523Z\",\"end_time\":\"2032-02-21T07:52:49.523Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2032-01-22T07:52:49.523Z\",\"end_time\":\"2032-02-21T07:52:49.523Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"http://149.224.44.184/Bauschild.jpg\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Talos Intelligence\",\"disposition\":5,\"reason\":\"Neutral Talos Intelligence reputation score\",\"source_uri\":\"https://www.talosintelligence.com/reputation_center/lookup?search=http%3A%2F%2F149.224.44.184%2FBauschild.jpg\",\"disposition_name\":\"Unknown\",\"priority\":90,\"id\":\"transient:59a5f8d2-3b40-4fe2-a4d1-6473644f791e\",\"severity\":\"Low\",\"tlp\":\"white\",\"confidence\":\"High\"}]}}},{\"module\":\"Pulsedive\",\"module_instance_id\":\"c53416a4-abf2-4e99-b9e9-826cc4f27c25\",\"module_type_id\":\"cb1f6d1c-f28b-4c50-82ba-11ab49fd39be\",\"data\":{\"indicators\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2032-01-19T12:11:04.000Z\",\"end_time\":\"2032-04-19T18:11:04.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"direct-to-IP URL\",\"title\":\"direct-to-IP URL\",\"id\":\"transient:indicator-03bfce1b-b0d7-5db3-a8c9-d49a02762ed6\",\"tlp\":\"white\"}]},\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":2,\"observable\":{\"value\":\"http://149.224.44.184/Bauschild.jpg\",\"type\":\"url\"},\"disposition_name\":\"Malicious\",\"valid_time\":{\"start_time\":\"2032-01-19T12:11:04.000Z\",\"end_time\":\"2032-04-19T18:11:04.000Z\"}}]},\"relationships\":{\"count\":1,\"docs\":[{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-03bfce1b-b0d7-5db3-a8c9-d49a02762ed6\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-05c2fb83-fc00-4416-81a7-f3125877c285\",\"id\":\"transient:relationship-5b4ab255-01d9-44c0-99b3-ffad93966932\",\"relationship_type\":\"sighting-of\"}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2032-01-19T12:11:04.000Z\",\"end_time\":\"2032-04-19T18:11:04.000Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"http://149.224.44.184/Bauschild.jpg\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Pulsedive\",\"disposition\":2,\"source_uri\":\"https://pulsedive.com/indicator/?iid=21052898\",\"disposition_name\":\"Malicious\",\"priority\":85,\"id\":\"transient:judgement-74514a02-a85d-41a4-b62e-e1b9c3de5005\",\"severity\":\"High\",\"tlp\":\"white\",\"confidence\":\"Medium\"}]},\"sightings\":{\"count\":1,\"docs\":[{\"description\":\"direct-to-IP URL\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"http://149.224.44.184/Bauschild.jpg\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=21052898\",\"id\":\"transient:sighting-05c2fb83-fc00-4416-81a7-f3125877c285\",\"count\":1,\"severity\":\"High\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-01-19T12:11:04.000Z\",\"end_time\":\"2032-01-19T12:11:04.000Z\"}}]}}}]},\"id\":\"investigate-6495829d\",\"uuid\":\"54c99628-123a-4c01-abf1-25f83a62637d\"}]", "short_description": "Snapshot @ 20210204 07:53:25", "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-16ae34d1-5820-4b7b-88ef-1ba43387396b", "tlp": "amber", "groups": ["32e22c6d-7624-477e-8bbd-989c979b552e"], "timestamp": "2021-02-04T07:53:33.580Z", "owner": "9d64bbce-2e7c-43f0-b9d7-0e2fa3c2d88d"}
\ No newline at end of file
+{"description": "Pulsedive URL", "schema_version": "1.0.23", "type": "investigation", "search-txt": "url:\"http://149.224.44.184/Bauschild.jpg\"", "source": "Anastasiia Rozlyvan", "actions": "[{\"created-perf\":6883944999.999585,\"updated-perf\":6883950000.000368,\"type\":\"collect\",\"created\":\"2021-02-04T07:52:48.728Z\",\"state\":\"ok\",\"arg\":\"url:'http://149.224.44.184/Bauschild.jpg'\",\"result\":[{\"value\":\"http://149.224.44.184/Bauschild.jpg\",\"type\":\"url\"}],\"id\":\"collect-c6100132\",\"uuid\":\"35382053-9159-44c3-b91b-b3dd01aae37c\"},{\"created-perf\":7350339999.99996,\"updated-perf\":7350339999.99996,\"type\":\"deliberate\",\"created\":\"2021-02-04T07:52:49.195Z\",\"state\":\"ok\",\"arg\":[{\"type\":\"url\",\"value\":\"http://149.224.44.184/Bauschild.jpg\"}],\"result\":{\"data\":[{\"module\":\"AMP File Reputation\",\"module_instance_id\":\"ddcf41a2-3ecb-43e8-b5b2-0e36ad2e16f3\",\"module_type_id\":\"1898d0e8-45f7-550d-8ab5-915f064426dd\",\"data\":{\"verdicts\":{\"count\":0,\"docs\":[]}}},{\"module\":\"Talos Intelligence\",\"module_instance_id\":\"f14a7465-a77a-4e28-8b97-23706a56eab5\",\"module_type_id\":\"2460c99b-2f01-523b-a65d-30a3c6603245\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":5,\"observable\":{\"value\":\"http://149.224.44.184/Bauschild.jpg\",\"type\":\"url\"},\"disposition_name\":\"Unknown\",\"valid_time\":{\"start_time\":\"2032-04-22T07:52:49.095Z\",\"end_time\":\"2032-05-22T07:52:49.095Z\"}}]}}}]},\"id\":\"deliberate-d808f1a6\",\"uuid\":\"f6e16bf7-0441-4099-8fd6-2fda9cdc2014\"},{\"created-perf\":8052450000.000135,\"updated-perf\":8052455000.000009,\"type\":\"investigate\",\"created\":\"2021-02-04T07:52:49.898Z\",\"state\":\"ok\",\"arg\":{\"type\":\"url\",\"value\":\"http://149.224.44.184/Bauschild.jpg\"},\"result\":{\"data\":[{\"module\":\"Talos Intelligence\",\"module_instance_id\":\"f14a7465-a77a-4e28-8b97-23706a56eab5\",\"module_type_id\":\"2460c99b-2f01-523b-a65d-30a3c6603245\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":5,\"observable\":{\"value\":\"http://149.224.44.184/Bauschild.jpg\",\"type\":\"url\"},\"judgement_id\":\"transient:59a5f8d2-3b40-4fe2-a4d1-6473644f791e\",\"disposition_name\":\"Unknown\",\"valid_time\":{\"start_time\":\"2032-04-22T07:52:49.523Z\",\"end_time\":\"2032-05-22T07:52:49.523Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2032-04-22T07:52:49.523Z\",\"end_time\":\"2032-05-22T07:52:49.523Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"http://149.224.44.184/Bauschild.jpg\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Talos Intelligence\",\"disposition\":5,\"reason\":\"Neutral Talos Intelligence reputation score\",\"source_uri\":\"https://www.talosintelligence.com/reputation_center/lookup?search=http%3A%2F%2F149.224.44.184%2FBauschild.jpg\",\"disposition_name\":\"Unknown\",\"priority\":90,\"id\":\"transient:59a5f8d2-3b40-4fe2-a4d1-6473644f791e\",\"severity\":\"Low\",\"tlp\":\"white\",\"confidence\":\"High\"}]}}},{\"module\":\"Pulsedive\",\"module_instance_id\":\"c53416a4-abf2-4e99-b9e9-826cc4f27c25\",\"module_type_id\":\"cb1f6d1c-f28b-4c50-82ba-11ab49fd39be\",\"data\":{\"indicators\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2032-04-19T12:11:04.000Z\",\"end_time\":\"2032-07-19T18:11:04.000Z\"},\"producer\":\"Pulsedive\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"Pulsedive\",\"short_description\":\"direct-to-IP URL\",\"title\":\"direct-to-IP URL\",\"id\":\"transient:indicator-03bfce1b-b0d7-5db3-a8c9-d49a02762ed6\",\"tlp\":\"white\"}]},\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":2,\"observable\":{\"value\":\"http://149.224.44.184/Bauschild.jpg\",\"type\":\"url\"},\"disposition_name\":\"Malicious\",\"valid_time\":{\"start_time\":\"2032-04-19T12:11:04.000Z\",\"end_time\":\"2032-07-19T18:11:04.000Z\"}}]},\"relationships\":{\"count\":1,\"docs\":[{\"tlp\":\"white\",\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-03bfce1b-b0d7-5db3-a8c9-d49a02762ed6\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-05c2fb83-fc00-4416-81a7-f3125877c285\",\"id\":\"transient:relationship-5b4ab255-01d9-44c0-99b3-ffad93966932\",\"relationship_type\":\"sighting-of\"}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2032-04-19T12:11:04.000Z\",\"end_time\":\"2032-07-19T18:11:04.000Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"http://149.224.44.184/Bauschild.jpg\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Pulsedive\",\"disposition\":2,\"source_uri\":\"https://pulsedive.com/indicator/?iid=21052898\",\"disposition_name\":\"Malicious\",\"priority\":85,\"id\":\"transient:judgement-74514a02-a85d-41a4-b62e-e1b9c3de5005\",\"severity\":\"High\",\"tlp\":\"white\",\"confidence\":\"Medium\"}]},\"sightings\":{\"count\":1,\"docs\":[{\"description\":\"direct-to-IP URL\",\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"http://149.224.44.184/Bauschild.jpg\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Pulsedive\",\"source_uri\":\"https://pulsedive.com/indicator/?iid=21052898\",\"id\":\"transient:sighting-05c2fb83-fc00-4416-81a7-f3125877c285\",\"count\":1,\"severity\":\"High\",\"confidence\":\"Medium\",\"observed_time\":{\"start_time\":\"2032-04-19T12:11:04.000Z\",\"end_time\":\"2032-04-19T12:11:04.000Z\"}}]}}}]},\"id\":\"investigate-6495829d\",\"uuid\":\"54c99628-123a-4c01-abf1-25f83a62637d\"}]", "short_description": "Snapshot @ 20210204 07:53:25", "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-16ae34d1-5820-4b7b-88ef-1ba43387396b", "tlp": "amber", "groups": ["32e22c6d-7624-477e-8bbd-989c979b552e"], "timestamp": "2021-02-04T07:53:33.580Z", "owner": "9d64bbce-2e7c-43f0-b9d7-0e2fa3c2d88d"}
\ No newline at end of file