{ "cells": [ { "cell_type": "markdown", "metadata": {}, "source": [ "# VT Graphs in Jupyter Notebook\n", "\n", "In this notebook we will explore how to obtain attributes and relationship for different entities using VirusTotal API v3. Finally we can render all the relationships we have obtained using VTGraph." ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "## Import libraries" ] }, { "cell_type": "code", "execution_count": 1, "metadata": { "ExecuteTime": { "end_time": "2020-10-27T21:14:26.577974Z", "start_time": "2020-10-27T21:14:26.563976Z" } }, "outputs": [], "source": [ "import os\n", "\n", "import networkx as nx\n", "import pandas as pd\n", "\n", "from msticpy.context.vtlookupv3 import VTLookupV3\n", "\n", "pd.set_option(\"max_colwidth\", 200)\n", "\n", "try:\n", " import nest_asyncio\n", "except ImportError as err:\n", " print(\"nest_asyncio is required for running VTLookup3 in notebooks.\")\n", " resp = input(\"Install now? (y/n)\")\n", " if resp.strip().lower().startswith(\"y\"):\n", " %pip install nest_asyncio\n", " import nest_asyncio\n", " else:\n", " raise err\n", "nest_asyncio.apply()" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "## Create Lookup instance" ] }, { "cell_type": "code", "execution_count": 2, "metadata": { "ExecuteTime": { "end_time": "2020-10-27T21:31:33.176432Z", "start_time": "2020-10-27T21:31:33.159512Z" } }, "outputs": [], "source": [ "from msticpy.common.provider_settings import get_provider_settings\n", "\n", "# Try to obtain key from env varaible\n", "vt_key = os.environ.get(\"VT_API_KEY\")\n", "if not vt_key:\n", " # if not try provider settings to get from msticpyconfig.yaml\n", " vt_key = get_provider_settings(\"TIProviders\")[\"VirusTotal\"].args[\"AuthKey\"]" ] }, { "cell_type": "code", "execution_count": 3, "metadata": { "ExecuteTime": { "end_time": "2020-10-27T21:31:46.681003Z", "start_time": "2020-10-27T21:31:46.663001Z" } }, "outputs": [], "source": [ "# Instantiate vt_lookup object\n", "vt_lookup = VTLookupV3(vt_key)" ] }, { "cell_type": "code", "execution_count": 5, "metadata": { "ExecuteTime": { "end_time": "2020-10-27T21:31:50.501013Z", "start_time": "2020-10-27T21:31:50.487012Z" } }, "outputs": [], "source": [ "# The ID (SHA256 hash) of the file to lookup\n", "FILE = \"ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa\"" ] }, { "cell_type": "code", "execution_count": 6, "metadata": { "ExecuteTime": { "end_time": "2020-10-27T21:31:51.751438Z", "start_time": "2020-10-27T21:31:51.212530Z" } }, "outputs": [ { "data": { "text/html": [ "
\n", "\n", "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
last_submission_datesizetimes_submittedmeaningful_nametype_descriptionfirst_submission_datedetectionsscansfirst_submissionlast_submissiontype
id
ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa160558279735143681325diskpart.exeWin32 EXE149457427067762017-05-12 07:31:10+00:002020-11-17 03:13:17+00:00file
\n", "
" ], "text/plain": [ " last_submission_date \\\n", "id \n", "ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa 1605582797 \n", "\n", " size \\\n", "id \n", "ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa 3514368 \n", "\n", " times_submitted \\\n", "id \n", "ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa 1325 \n", "\n", " meaningful_name \\\n", "id \n", "ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa diskpart.exe \n", "\n", " type_description \\\n", "id \n", "ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa Win32 EXE \n", "\n", " first_submission_date \\\n", "id \n", "ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa 1494574270 \n", "\n", " detections \\\n", "id \n", "ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa 67 \n", "\n", " scans \\\n", "id \n", "ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa 76 \n", "\n", " first_submission \\\n", "id \n", "ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa 2017-05-12 07:31:10+00:00 \n", "\n", " last_submission \\\n", "id \n", "ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa 2020-11-17 03:13:17+00:00 \n", "\n", " type \n", "id \n", "ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa file " ] }, "execution_count": 6, "metadata": {}, "output_type": "execute_result" } ], "source": [ "example_attribute_df = vt_lookup.lookup_ioc(observable=FILE, vt_type=\"file\")\n", "example_attribute_df" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "### Example showing all details for this ID\n", "We can use get_object to retrieve all details\n", "or just look it up directly at https://www.virustotal.com/gui/home/search" ] }, { "cell_type": "code", "execution_count": 34, "metadata": {}, "outputs": [ { "data": { "text/html": [ "
\n", "\n", "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
attributes
authentihash4b2c4c7f06f5ffaeea6efc537f0aa66b0a30c7ccd7979c86c7f4f996002b99fd
autostart_locations[{'entry': ' ', 'location': ' '}, {'entry': 'HKLM\\SYSTEM\\CurrentControlSet\\Control\\NetworkProvider\\Order\\ProviderOrder', 'location': 'HKLM\\SYSTEM\\CurrentControlSet\\Control\\NetworkProvider\\Order'},...
capabilities_tags[win_registry, str_win32_winsock2_library, win_files_operation]
creation_date1290243905
crowdsourced_yara_results[{'author': 'ReversingLabs', 'description': 'Yara rule that detects WannaCry ransomware.', 'rule_name': 'Win32_Ransomware_WannaCry', 'ruleset_id': '005e5fc7e3', 'ruleset_name': 'Win32.Ransomware.W...
downloadableTrue
exiftool{'CharacterSet': 'Unicode', 'CodeSize': '28672', 'CompanyName': 'Microsoft Corporation', 'EntryPoint': '0x77ba', 'FileDescription': 'DiskPart', 'FileFlagsMask': '0x003f', 'FileOS': 'Windows NT 32-...
first_seen_itw_date1578568742
first_submission_date1494574270
last_analysis_date1605638619
last_analysis_results{'ALYac': {'category': 'malicious', 'engine_name': 'ALYac', 'engine_update': '20201117', 'engine_version': '1.1.1.5', 'method': 'blacklist', 'result': 'Trojan.Ransom.WannaCryptor'}, 'APEX': {'cate...
last_analysis_stats{'confirmed-timeout': 0, 'failure': 0, 'harmless': 0, 'malicious': 67, 'suspicious': 0, 'timeout': 1, 'type-unsupported': 4, 'undetected': 4}
last_modification_date1605645885
last_submission_date1605582797
magicPE32 executable for MS Windows (GUI) Intel 80386 32-bit
md584c82835a5d21bbcf75a61706d8ab549
meaningful_namediskpart.exe
names[diskpart.exe, C:\\Users\\Work PC\\Downloads\\Test\\Ransomware\\Ransomware.WannaCry\\ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe, ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6...
packers{'PEiD': 'Microsoft Visual C++'}
pe_info{'compiler_product_versions': ['id: 12, version: 7291 count=2', 'id: 11, version: 8047 count=1', 'id: 14, version: 7299 count=4', 'id: 10, version: 8047 count=11', 'id: 4, version: 8047 count=4', ...
reputation-2633
sha15ff465afaabcbf0150d1a3ab2c2e74f3a4426467
sha256ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa
sigma_analysis_stats{'critical': 2, 'high': 0, 'low': 1, 'medium': 2}
sigma_analysis_summary{'Sigma Integrated Rule Set (GitHub)': {'critical': 2, 'high': 0, 'low': 1, 'medium': 2}}
signature_info{'copyright': '© Microsoft Corporation. All rights reserved.', 'description': 'DiskPart', 'file version': '6.1.7601.17514 (win7sp1_rtm.101119-1850)', 'internal name': 'diskpart.exe', 'original nam...
size3514368
ssdeep98304:QqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2g3x:QqPe1Cxcxk3ZAEUadzR8yc4gB
tags[peexe, self-delete, overlay, runtime-modules, direct-cpu-clock-access, via-tor, executes-dropped-file]
times_submitted1325
tlshT173F533F4E221B7ACF2550EF64855C59B6A9724B2EBEF1E26DA8001A70D44F7F8FC0491
total_votes{'harmless': 28, 'malicious': 292}
trid[{'file_type': 'Win32 Executable MS Visual C++ (generic)', 'probability': 38.5}, {'file_type': 'Microsoft Visual C++ compiled executable (generic)', 'probability': 20.4}, {'file_type': 'Win16 NE e...
type_descriptionWin32 EXE
type_extensionexe
type_tagpeexe
unique_sources980
vhash036046656d1570a8z3631lz1fz
zemana_behaviour[dll-injection]
\n", "
" ], "text/plain": [ " attributes\n", "authentihash 4b2c4c7f06f5ffaeea6efc537f0aa66b0a30c7ccd7979c86c7f4f996002b99fd\n", "autostart_locations [{'entry': ' ', 'location': ' '}, {'entry': 'HKLM\\SYSTEM\\CurrentControlSet\\Control\\NetworkProvider\\Order\\ProviderOrder', 'location': 'HKLM\\SYSTEM\\CurrentControlSet\\Control\\NetworkProvider\\Order'},...\n", "capabilities_tags [win_registry, str_win32_winsock2_library, win_files_operation]\n", "creation_date 1290243905\n", "crowdsourced_yara_results [{'author': 'ReversingLabs', 'description': 'Yara rule that detects WannaCry ransomware.', 'rule_name': 'Win32_Ransomware_WannaCry', 'ruleset_id': '005e5fc7e3', 'ruleset_name': 'Win32.Ransomware.W...\n", "downloadable True\n", "exiftool {'CharacterSet': 'Unicode', 'CodeSize': '28672', 'CompanyName': 'Microsoft Corporation', 'EntryPoint': '0x77ba', 'FileDescription': 'DiskPart', 'FileFlagsMask': '0x003f', 'FileOS': 'Windows NT 32-...\n", "first_seen_itw_date 1578568742\n", "first_submission_date 1494574270\n", "last_analysis_date 1605638619\n", "last_analysis_results {'ALYac': {'category': 'malicious', 'engine_name': 'ALYac', 'engine_update': '20201117', 'engine_version': '1.1.1.5', 'method': 'blacklist', 'result': 'Trojan.Ransom.WannaCryptor'}, 'APEX': {'cate...\n", "last_analysis_stats {'confirmed-timeout': 0, 'failure': 0, 'harmless': 0, 'malicious': 67, 'suspicious': 0, 'timeout': 1, 'type-unsupported': 4, 'undetected': 4}\n", "last_modification_date 1605645885\n", "last_submission_date 1605582797\n", "magic PE32 executable for MS Windows (GUI) Intel 80386 32-bit\n", "md5 84c82835a5d21bbcf75a61706d8ab549\n", "meaningful_name diskpart.exe\n", "names [diskpart.exe, C:\\Users\\Work PC\\Downloads\\Test\\Ransomware\\Ransomware.WannaCry\\ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe, ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6...\n", "packers {'PEiD': 'Microsoft Visual C++'}\n", "pe_info {'compiler_product_versions': ['id: 12, version: 7291 count=2', 'id: 11, version: 8047 count=1', 'id: 14, version: 7299 count=4', 'id: 10, version: 8047 count=11', 'id: 4, version: 8047 count=4', ...\n", "reputation -2633\n", "sha1 5ff465afaabcbf0150d1a3ab2c2e74f3a4426467\n", "sha256 ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa\n", "sigma_analysis_stats {'critical': 2, 'high': 0, 'low': 1, 'medium': 2}\n", "sigma_analysis_summary {'Sigma Integrated Rule Set (GitHub)': {'critical': 2, 'high': 0, 'low': 1, 'medium': 2}}\n", "signature_info {'copyright': '© Microsoft Corporation. All rights reserved.', 'description': 'DiskPart', 'file version': '6.1.7601.17514 (win7sp1_rtm.101119-1850)', 'internal name': 'diskpart.exe', 'original nam...\n", "size 3514368\n", "ssdeep 98304:QqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2g3x:QqPe1Cxcxk3ZAEUadzR8yc4gB\n", "tags [peexe, self-delete, overlay, runtime-modules, direct-cpu-clock-access, via-tor, executes-dropped-file]\n", "times_submitted 1325\n", "tlsh T173F533F4E221B7ACF2550EF64855C59B6A9724B2EBEF1E26DA8001A70D44F7F8FC0491\n", "total_votes {'harmless': 28, 'malicious': 292}\n", "trid [{'file_type': 'Win32 Executable MS Visual C++ (generic)', 'probability': 38.5}, {'file_type': 'Microsoft Visual C++ compiled executable (generic)', 'probability': 20.4}, {'file_type': 'Win16 NE e...\n", "type_description Win32 EXE\n", "type_extension exe\n", "type_tag peexe\n", "unique_sources 980\n", "vhash 036046656d1570a8z3631lz1fz\n", "zemana_behaviour [dll-injection]" ] }, "execution_count": 34, "metadata": {}, "output_type": "execute_result" } ], "source": [ "vt_lookup.get_object(FILE, \"file\")" ] }, { "cell_type": "code", "execution_count": 8, "metadata": { "ExecuteTime": { "end_time": "2020-10-27T21:31:54.161990Z", "start_time": "2020-10-27T21:31:52.118438Z" } }, "outputs": [ { "data": { "text/html": [ "
\n", "\n", "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
target_typesource_typerelationship_type
sourcetarget
ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327ffilefileexecution_parents
02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbdfilefileexecution_parents
06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaffilefileexecution_parents
06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00fffilefileexecution_parents
070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33dfilefileexecution_parents
............
f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68adfilefileexecution_parents
f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3cfilefileexecution_parents
fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2bfilefileexecution_parents
ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79badafilefileexecution_parents
0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03filefileexecution_parents
\n", "

106 rows × 3 columns

\n", "
" ], "text/plain": [ " target_type \\\n", "source target \n", "ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa 018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f file \n", " 02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd file \n", " 06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf file \n", " 06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff file \n", " 070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d file \n", "... ... \n", " f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad file \n", " f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c file \n", " fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b file \n", " ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada file \n", " 0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 file \n", "\n", " source_type \\\n", "source target \n", "ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa 018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f file \n", " 02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd file \n", " 06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf file \n", " 06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff file \n", " 070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d file \n", "... ... \n", " f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad file \n", " f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c file \n", " fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b file \n", " ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada file \n", " 0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 file \n", "\n", " relationship_type \n", "source target \n", "ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa 018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f execution_parents \n", " 02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd execution_parents \n", " 06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf execution_parents \n", " 06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff execution_parents \n", " 070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d execution_parents \n", "... ... \n", " f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad execution_parents \n", " f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c execution_parents \n", " fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b execution_parents \n", " ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada execution_parents \n", " 0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 execution_parents \n", "\n", "[106 rows x 3 columns]" ] }, "execution_count": 8, "metadata": {}, "output_type": "execute_result" } ], "source": [ "example_relationship_df = vt_lookup.lookup_ioc_relationships(\n", " observable=FILE, vt_type=\"file\", relationship=\"execution_parents\"\n", ")\n", "example_relationship_df" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "### Obtaining result for multiple entities\n", "\n", "The function `lookup_iocs` is able to obtain attributes for all the rows in a DataFrame. If no `observable_column` and `observable_type` parameters are specified, the function will obtain the attributes of all the entities that are in the column `target`, and will obtain their types from the `target_type` column.\n", "\n", "This function is especially useful when a user has obtained a set of relationships, and would like to obtain their attributes.\n", "\n", "> **Note:** it can take some time to fetch results, depending on the number of nodes and relationships." ] }, { "cell_type": "code", "execution_count": 9, "metadata": { "ExecuteTime": { "end_time": "2020-10-27T21:32:33.223063Z", "start_time": "2020-10-27T21:31:56.013858Z" } }, "outputs": [ { "data": { "text/html": [ "
\n", "\n", "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
last_submission_datesizetimes_submittedmeaningful_nametype_descriptionfirst_submission_datedetectionsscansfirst_submissionlast_submissiontype
id
018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f1526215996372326468479206ff1a47362199ddabebb7358d2.virusWin32 EXE149513941167742017-05-18 20:30:11+00:002018-05-13 12:53:16+00:00file
02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd157138707991648004=?UTF-8?B?572R5piT5bel5YW3566x56uv5ZCv5YqoLmV4ZQ==?=Win32 EXE157002011152752019-10-02 12:41:51+00:002019-10-18 08:24:39+00:00file
06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf158834216139912211Tender.pdf.exeWin32 EXE158834216155752020-05-01 14:09:21+00:002020-05-01 14:09:21+00:00file
06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff159547907345357041car.exeWin32 EXE159547907351762020-07-23 04:37:53+00:002020-07-23 04:37:53+00:00file
070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d160136329837232649lhdfrgui.exeWin32 EXE150468727068742017-09-06 08:41:10+00:002020-09-29 07:08:18+00:00file
....................................
f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad156399486537233921lhdfrgui.exeWin32 EXE156399486564722019-07-24 19:01:05+00:002019-07-24 19:01:05+00:00file
f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c151862440936766105acdsee.ultimate.10.x.unipatch_WannaCry.exeWin32 EXE149811582354692017-06-22 07:17:03+00:002018-02-14 16:06:49+00:00file
fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b157307394038115801Presentation.exeWin32 EXE157307394028722019-11-06 20:59:00+00:002019-11-06 20:59:00+00:00file
ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada157663448035971011ShieldPassword.exeWin32 EXE157663448022702019-12-18 02:01:20+00:002019-12-18 02:01:20+00:00file
0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03158331874237232641lhdfrgui.exeWin32 EXE158331874266752020-03-04 10:45:42+00:002020-03-04 10:45:42+00:00file
\n", "

106 rows × 11 columns

\n", "
" ], "text/plain": [ " last_submission_date \\\n", "id \n", "018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f 1526215996 \n", "02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd 1571387079 \n", "06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf 1588342161 \n", "06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff 1595479073 \n", "070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d 1601363298 \n", "... ... \n", "f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad 1563994865 \n", "f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c 1518624409 \n", "fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b 1573073940 \n", "ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada 1576634480 \n", "0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 1583318742 \n", "\n", " size \\\n", "id \n", "018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f 3723264 \n", "02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd 9164800 \n", "06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf 3991221 \n", "06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff 4535704 \n", "070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d 3723264 \n", "... ... \n", "f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad 3723392 \n", "f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c 3676610 \n", "fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b 3811580 \n", "ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada 3597101 \n", "0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 3723264 \n", "\n", " times_submitted \\\n", "id \n", "018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f 6 \n", "02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd 4 \n", "06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf 1 \n", "06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff 1 \n", "070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d 9 \n", "... ... \n", "f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad 1 \n", "f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c 5 \n", "fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b 1 \n", "ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada 1 \n", "0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 1 \n", "\n", " meaningful_name \\\n", "id \n", "018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f 8479206ff1a47362199ddabebb7358d2.virus \n", "02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd =?UTF-8?B?572R5piT5bel5YW3566x56uv5ZCv5YqoLmV4ZQ==?= \n", "06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf Tender.pdf.exe \n", "06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff car.exe \n", "070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d lhdfrgui.exe \n", "... ... \n", "f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad lhdfrgui.exe \n", "f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c acdsee.ultimate.10.x.unipatch_WannaCry.exe \n", "fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b Presentation.exe \n", "ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada ShieldPassword.exe \n", "0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 lhdfrgui.exe \n", "\n", " type_description \\\n", "id \n", "018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f Win32 EXE \n", "02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd Win32 EXE \n", "06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf Win32 EXE \n", "06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff Win32 EXE \n", "070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d Win32 EXE \n", "... ... \n", "f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad Win32 EXE \n", "f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c Win32 EXE \n", "fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b Win32 EXE \n", "ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada Win32 EXE \n", "0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 Win32 EXE \n", "\n", " first_submission_date \\\n", "id \n", "018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f 1495139411 \n", "02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd 1570020111 \n", "06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf 1588342161 \n", "06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff 1595479073 \n", "070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d 1504687270 \n", "... ... \n", "f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad 1563994865 \n", "f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c 1498115823 \n", "fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b 1573073940 \n", "ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada 1576634480 \n", "0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 1583318742 \n", "\n", " detections \\\n", "id \n", "018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f 67 \n", "02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd 52 \n", "06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf 55 \n", "06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff 51 \n", "070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d 68 \n", "... ... \n", "f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad 64 \n", "f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c 54 \n", "fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b 28 \n", "ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada 22 \n", "0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 66 \n", "\n", " scans \\\n", "id \n", "018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f 74 \n", "02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd 75 \n", "06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf 75 \n", "06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff 76 \n", "070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d 74 \n", "... ... \n", "f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad 72 \n", "f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c 69 \n", "fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b 72 \n", "ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada 70 \n", "0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 75 \n", "\n", " first_submission \\\n", "id \n", "018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f 2017-05-18 20:30:11+00:00 \n", "02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd 2019-10-02 12:41:51+00:00 \n", "06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf 2020-05-01 14:09:21+00:00 \n", "06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff 2020-07-23 04:37:53+00:00 \n", "070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d 2017-09-06 08:41:10+00:00 \n", "... ... \n", "f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad 2019-07-24 19:01:05+00:00 \n", "f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c 2017-06-22 07:17:03+00:00 \n", "fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b 2019-11-06 20:59:00+00:00 \n", "ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada 2019-12-18 02:01:20+00:00 \n", "0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 2020-03-04 10:45:42+00:00 \n", "\n", " last_submission \\\n", "id \n", "018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f 2018-05-13 12:53:16+00:00 \n", "02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd 2019-10-18 08:24:39+00:00 \n", "06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf 2020-05-01 14:09:21+00:00 \n", "06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff 2020-07-23 04:37:53+00:00 \n", "070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d 2020-09-29 07:08:18+00:00 \n", "... ... \n", "f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad 2019-07-24 19:01:05+00:00 \n", "f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c 2018-02-14 16:06:49+00:00 \n", "fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b 2019-11-06 20:59:00+00:00 \n", "ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada 2019-12-18 02:01:20+00:00 \n", "0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 2020-03-04 10:45:42+00:00 \n", "\n", " type \n", "id \n", "018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f file \n", "02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd file \n", "06b020a3fd3296bc4c7bf53307fe7b40638e7f445bdd43fac1d04547a429fdaf file \n", "06c676bf8f5c6af99172c1cf63a84348628ae3f39df9e523c42447e2045e00ff file \n", "070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d file \n", "... ... \n", "f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad file \n", "f2916486e380d0c0bbd31694b05509b91f0f622478595eba89b30031f9f64c3c file \n", "fbf74ee5d011dfb0d6c3357446ea3999ef62b088c553d665847aece28a1d3e2b file \n", "ff6af3f113f61f823e422b7eb9e379495b81bdbb66a4e4e159b4caee8a79bada file \n", "0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 file \n", "\n", "[106 rows x 11 columns]" ] }, "execution_count": 9, "metadata": {}, "output_type": "execute_result" } ], "source": [ "example_multiple_attribute_df = vt_lookup.lookup_iocs(example_relationship_df)\n", "example_multiple_attribute_df" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "Also, if we would like to obtain the relationships for a set of entities, we have the function `lookup_iocs_relationships`. Here also, if no `observable_column` and `observable_type` parameters are specified, the function will obtain the relationships of all the entities that are in the column `target`, and will obtain their types from the `target_type` column.\n", "\n", "> **Note:** it can take some time to fetch results" ] }, { "cell_type": "code", "execution_count": 11, "metadata": { "ExecuteTime": { "end_time": "2020-10-27T21:34:27.584273Z", "start_time": "2020-10-27T21:32:51.976469Z" } }, "outputs": [ { "data": { "text/html": [ "
\n", "\n", "\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
target_typesource_typerelationship_type
sourcetarget
018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327fwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comdomainfilecontacted_domains
02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbdfkksjobnn43.orgdomainfilecontacted_domains
070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33dwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comdomainfilecontacted_domains
76jdd2ir2embyv47.oniondomainfilecontacted_domains
xxlvbrloxvriy2c5.oniondomainfilecontacted_domains
...............
0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac0376jdd2ir2embyv47.oniondomainfilecontacted_domains
xxlvbrloxvriy2c5.oniondomainfilecontacted_domains
gx7ekbenv2riucmf.oniondomainfilecontacted_domains
57g7spgrzlojinas.oniondomainfilecontacted_domains
cwwnhwhlz52maqm7.oniondomainfilecontacted_domains
\n", "

202 rows × 3 columns

\n", "
" ], "text/plain": [ " target_type \\\n", "source target \n", "018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com domain \n", "02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd fkksjobnn43.org domain \n", "070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com domain \n", " 76jdd2ir2embyv47.onion domain \n", " xxlvbrloxvriy2c5.onion domain \n", "... ... \n", "0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 76jdd2ir2embyv47.onion domain \n", " xxlvbrloxvriy2c5.onion domain \n", " gx7ekbenv2riucmf.onion domain \n", " 57g7spgrzlojinas.onion domain \n", " cwwnhwhlz52maqm7.onion domain \n", "\n", " source_type \\\n", "source target \n", "018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com file \n", "02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd fkksjobnn43.org file \n", "070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com file \n", " 76jdd2ir2embyv47.onion file \n", " xxlvbrloxvriy2c5.onion file \n", "... ... \n", "0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 76jdd2ir2embyv47.onion file \n", " xxlvbrloxvriy2c5.onion file \n", " gx7ekbenv2riucmf.onion file \n", " 57g7spgrzlojinas.onion file \n", " cwwnhwhlz52maqm7.onion file \n", "\n", " relationship_type \n", "source target \n", "018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com contacted_domains \n", "02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd fkksjobnn43.org contacted_domains \n", "070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com contacted_domains \n", " 76jdd2ir2embyv47.onion contacted_domains \n", " xxlvbrloxvriy2c5.onion contacted_domains \n", "... ... \n", "0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03 76jdd2ir2embyv47.onion contacted_domains \n", " xxlvbrloxvriy2c5.onion contacted_domains \n", " gx7ekbenv2riucmf.onion contacted_domains \n", " 57g7spgrzlojinas.onion contacted_domains \n", " cwwnhwhlz52maqm7.onion contacted_domains \n", "\n", "[202 rows x 3 columns]" ] }, "execution_count": 11, "metadata": {}, "output_type": "execute_result" } ], "source": [ "example_multiple_relationship_df = vt_lookup.lookup_iocs_relationships(\n", " example_relationship_df, \"contacted_domains\"\n", ")\n", "example_multiple_relationship_df" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "## Simple plot of the relationships\n", "We can display a simple plot of the relataionships locally but it doesn't tell us much about what\n", "the nodes are and they types of relationships between them." ] }, { "cell_type": "code", "execution_count": 104, "metadata": {}, "outputs": [ { "data": { "text/html": [ "\n", "
\n", " \n", " Loading BokehJS ...\n", "
" ] }, "metadata": {}, "output_type": "display_data" }, { "data": { "application/javascript": "\n(function(root) {\n function now() {\n return new Date();\n }\n\n var force = true;\n\n if (typeof root._bokeh_onload_callbacks === \"undefined\" || force === true) {\n root._bokeh_onload_callbacks = [];\n root._bokeh_is_loading = undefined;\n }\n\n var JS_MIME_TYPE = 'application/javascript';\n var HTML_MIME_TYPE = 'text/html';\n var EXEC_MIME_TYPE = 'application/vnd.bokehjs_exec.v0+json';\n var CLASS_NAME = 'output_bokeh rendered_html';\n\n /**\n * Render data to the DOM node\n */\n function render(props, node) {\n var script = document.createElement(\"script\");\n node.appendChild(script);\n }\n\n /**\n * Handle when an output is cleared or removed\n */\n function handleClearOutput(event, handle) {\n var cell = handle.cell;\n\n var id = cell.output_area._bokeh_element_id;\n var server_id = cell.output_area._bokeh_server_id;\n // Clean up Bokeh references\n if (id != null && id in Bokeh.index) {\n Bokeh.index[id].model.document.clear();\n delete Bokeh.index[id];\n }\n\n if (server_id !== undefined) {\n // Clean up Bokeh references\n var cmd = \"from bokeh.io.state import curstate; print(curstate().uuid_to_server['\" + server_id + \"'].get_sessions()[0].document.roots[0]._id)\";\n cell.notebook.kernel.execute(cmd, {\n iopub: {\n output: function(msg) {\n var id = msg.content.text.trim();\n if (id in Bokeh.index) {\n Bokeh.index[id].model.document.clear();\n delete Bokeh.index[id];\n }\n }\n }\n });\n // Destroy server and session\n var cmd = \"import bokeh.io.notebook as ion; ion.destroy_server('\" + server_id + \"')\";\n cell.notebook.kernel.execute(cmd);\n }\n }\n\n /**\n * Handle when a new output is added\n */\n function handleAddOutput(event, handle) {\n var output_area = handle.output_area;\n var output = handle.output;\n\n // limit handleAddOutput to display_data with EXEC_MIME_TYPE content only\n if ((output.output_type != \"display_data\") || (!output.data.hasOwnProperty(EXEC_MIME_TYPE))) {\n return\n }\n\n var toinsert = output_area.element.find(\".\" + CLASS_NAME.split(' ')[0]);\n\n if (output.metadata[EXEC_MIME_TYPE][\"id\"] !== undefined) {\n toinsert[toinsert.length - 1].firstChild.textContent = output.data[JS_MIME_TYPE];\n // store reference to embed id on output_area\n output_area._bokeh_element_id = output.metadata[EXEC_MIME_TYPE][\"id\"];\n }\n if (output.metadata[EXEC_MIME_TYPE][\"server_id\"] !== undefined) {\n var bk_div = document.createElement(\"div\");\n bk_div.innerHTML = output.data[HTML_MIME_TYPE];\n var script_attrs = bk_div.children[0].attributes;\n for (var i = 0; i < script_attrs.length; i++) {\n toinsert[toinsert.length - 1].firstChild.setAttribute(script_attrs[i].name, script_attrs[i].value);\n toinsert[toinsert.length - 1].firstChild.textContent = bk_div.children[0].textContent\n }\n // store reference to server id on output_area\n output_area._bokeh_server_id = output.metadata[EXEC_MIME_TYPE][\"server_id\"];\n }\n }\n\n function register_renderer(events, OutputArea) {\n\n function append_mime(data, metadata, element) {\n // create a DOM node to render to\n var toinsert = this.create_output_subarea(\n metadata,\n CLASS_NAME,\n EXEC_MIME_TYPE\n );\n this.keyboard_manager.register_events(toinsert);\n // Render to node\n var props = {data: data, metadata: metadata[EXEC_MIME_TYPE]};\n render(props, toinsert[toinsert.length - 1]);\n element.append(toinsert);\n return toinsert\n }\n\n /* Handle when an output is cleared or removed */\n events.on('clear_output.CodeCell', handleClearOutput);\n events.on('delete.Cell', handleClearOutput);\n\n /* Handle when a new output is added */\n events.on('output_added.OutputArea', handleAddOutput);\n\n /**\n * Register the mime type and append_mime function with output_area\n */\n OutputArea.prototype.register_mime_type(EXEC_MIME_TYPE, append_mime, {\n /* Is output safe? */\n safe: true,\n /* Index of renderer in `output_area.display_order` */\n index: 0\n });\n }\n\n // register the mime type if in Jupyter Notebook environment and previously unregistered\n if (root.Jupyter !== undefined) {\n var events = require('base/js/events');\n var OutputArea = require('notebook/js/outputarea').OutputArea;\n\n if (OutputArea.prototype.mime_types().indexOf(EXEC_MIME_TYPE) == -1) {\n register_renderer(events, OutputArea);\n }\n }\n\n \n if (typeof (root._bokeh_timeout) === \"undefined\" || force === true) {\n root._bokeh_timeout = Date.now() + 5000;\n root._bokeh_failed_load = false;\n }\n\n var NB_LOAD_WARNING = {'data': {'text/html':\n \"
\\n\"+\n \"

\\n\"+\n \"BokehJS does not appear to have successfully loaded. If loading BokehJS from CDN, this \\n\"+\n \"may be due to a slow or bad network connection. Possible fixes:\\n\"+\n \"

\\n\"+\n \"\\n\"+\n \"\\n\"+\n \"from bokeh.resources import INLINE\\n\"+\n \"output_notebook(resources=INLINE)\\n\"+\n \"\\n\"+\n \"
\"}};\n\n function display_loaded() {\n var el = document.getElementById(\"2569\");\n if (el != null) {\n el.textContent = \"BokehJS is loading...\";\n }\n if (root.Bokeh !== undefined) {\n if (el != null) {\n el.textContent = \"BokehJS \" + root.Bokeh.version + \" successfully loaded.\";\n }\n } else if (Date.now() < root._bokeh_timeout) {\n setTimeout(display_loaded, 100)\n }\n }\n\n\n function run_callbacks() {\n try {\n root._bokeh_onload_callbacks.forEach(function(callback) {\n if (callback != null)\n callback();\n });\n } finally {\n delete root._bokeh_onload_callbacks\n }\n console.debug(\"Bokeh: all callbacks have finished\");\n }\n\n function load_libs(css_urls, js_urls, callback) {\n if (css_urls == null) css_urls = [];\n if (js_urls == null) js_urls = [];\n\n root._bokeh_onload_callbacks.push(callback);\n if (root._bokeh_is_loading > 0) {\n console.debug(\"Bokeh: BokehJS is being loaded, scheduling callback at\", now());\n return null;\n }\n if (js_urls == null || js_urls.length === 0) {\n run_callbacks();\n return null;\n }\n console.debug(\"Bokeh: BokehJS not loaded, scheduling load and callback at\", now());\n root._bokeh_is_loading = css_urls.length + js_urls.length;\n\n function on_load() {\n root._bokeh_is_loading--;\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: all BokehJS libraries/stylesheets loaded\");\n run_callbacks()\n }\n }\n\n function on_error() {\n console.error(\"failed to load \" + url);\n }\n\n for (var i = 0; i < css_urls.length; i++) {\n var url = css_urls[i];\n const element = document.createElement(\"link\");\n element.onload = on_load;\n element.onerror = on_error;\n element.rel = \"stylesheet\";\n element.type = \"text/css\";\n element.href = url;\n console.debug(\"Bokeh: injecting link tag for BokehJS stylesheet: \", url);\n document.body.appendChild(element);\n }\n\n const hashes = {\"https://cdn.bokeh.org/bokeh/release/bokeh-2.2.2.min.js\": \"JayppSWSRBsibIZqI8S4vAb1oFgLL0uhNvSn8cmArlOvYOwfFjYeyY5UWwJ+K0SU\", \"https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.2.2.min.js\": \"G0/Tv/Yy/zEPNsnW0Qif/FOsGesd+KIrKg/QLmvQmReuUW9qmSP7mAmr0VpiUNr3\", \"https://cdn.bokeh.org/bokeh/release/bokeh-tables-2.2.2.min.js\": \"VLYHEbLQDk5G1+/4ALU0myoJPMEUsngWry2fzYorFOUmarjGRPLLURaeK/on6JqX\"};\n\n for (var i = 0; i < js_urls.length; i++) {\n var url = js_urls[i];\n var element = document.createElement('script');\n element.onload = on_load;\n element.onerror = on_error;\n element.async = false;\n element.src = url;\n if (url in hashes) {\n element.crossOrigin = \"anonymous\";\n element.integrity = \"sha384-\" + hashes[url];\n }\n console.debug(\"Bokeh: injecting script tag for BokehJS library: \", url);\n document.head.appendChild(element);\n }\n };\n\n function inject_raw_css(css) {\n const element = document.createElement(\"style\");\n element.appendChild(document.createTextNode(css));\n document.body.appendChild(element);\n }\n\n \n var js_urls = [\"https://cdn.bokeh.org/bokeh/release/bokeh-2.2.2.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.2.2.min.js\", \"https://cdn.bokeh.org/bokeh/release/bokeh-tables-2.2.2.min.js\"];\n var css_urls = [];\n \n\n var inline_js = [\n function(Bokeh) {\n Bokeh.set_log_level(\"info\");\n },\n function(Bokeh) {\n \n \n }\n ];\n\n function run_inline_js() {\n \n if (root.Bokeh !== undefined || force === true) {\n \n for (var i = 0; i < inline_js.length; i++) {\n inline_js[i].call(root, root.Bokeh);\n }\n if (force === true) {\n display_loaded();\n }} else if (Date.now() < root._bokeh_timeout) {\n setTimeout(run_inline_js, 100);\n } else if (!root._bokeh_failed_load) {\n console.log(\"Bokeh: BokehJS failed to load within specified timeout.\");\n root._bokeh_failed_load = true;\n } else if (force !== true) {\n var cell = $(document.getElementById(\"2569\")).parents('.cell').data().cell;\n cell.output_area.append_execute_result(NB_LOAD_WARNING)\n }\n\n }\n\n if (root._bokeh_is_loading === 0) {\n console.debug(\"Bokeh: BokehJS loaded, going straight to plotting\");\n run_inline_js();\n } else {\n load_libs(css_urls, js_urls, function() {\n console.debug(\"Bokeh: BokehJS plotting callback run at\", now());\n run_inline_js();\n });\n }\n}(window));", "application/vnd.bokehjs_load.v0+json": "" }, "metadata": {}, "output_type": "display_data" }, { "data": { "text/html": [ "\n", "\n", "\n", "\n", "\n", "\n", "
\n" ] }, "metadata": {}, "output_type": "display_data" }, { "data": { "application/javascript": "(function(root) {\n function embed_document(root) {\n \n var docs_json = {\"44502671-1afb-4199-98a3-94af624af738\":{\"roots\":{\"references\":[{\"attributes\":{\"below\":[{\"id\":\"2548\"}],\"center\":[{\"id\":\"2551\"},{\"id\":\"2555\"}],\"left\":[{\"id\":\"2552\"}],\"renderers\":[{\"id\":\"2559\"}],\"title\":{\"id\":\"2538\"},\"toolbar\":{\"id\":\"2557\"},\"x_range\":{\"id\":\"2540\"},\"x_scale\":{\"id\":\"2544\"},\"y_range\":{\"id\":\"2542\"},\"y_scale\":{\"id\":\"2546\"}},\"id\":\"2537\",\"subtype\":\"Figure\",\"type\":\"Plot\"},{\"attributes\":{},\"id\":\"2710\",\"type\":\"NodesOnly\"},{\"attributes\":{},\"id\":\"2719\",\"type\":\"UnionRenderers\"},{\"attributes\":{\"text\":\"Simple graph plot\"},\"id\":\"2538\",\"type\":\"Title\"},{\"attributes\":{\"axis\":{\"id\":\"2552\"},\"dimension\":1,\"ticker\":null},\"id\":\"2555\",\"type\":\"Grid\"},{\"attributes\":{},\"id\":\"2718\",\"type\":\"Selection\"},{\"attributes\":{},\"id\":\"2546\",\"type\":\"LinearScale\"},{\"attributes\":{\"data\":{\"index\":[\"018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd\",\"fkksjobnn43.org\",\"070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d\",\"76jdd2ir2embyv47.onion\",\"xxlvbrloxvriy2c5.onion\",\"gx7ekbenv2riucmf.onion\",\"57g7spgrzlojinas.onion\",\"cwwnhwhlz52maqm7.onion\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"crl.microsoft.com\",\"www.microsoft.com-c-3.edgekey.net\",\"go.microsoft.com.edgekey.net\",\"a767.dscg3.akamai.net\",\"e11290.dspg.akamaiedge.net\",\"au.download.windowsupdate.com.edgesuite.net\",\"go.microsoft.com\",\"crl.www.ms.akadns.net\",\"genuine.microsoft.com\",\"au-bg-shim.trafficmanager.net\",\"genuine.microsoft.akadns.net\",\"ctldl.windowsupdate.com\",\"validation.sls.microsoft.com\",\"a1363.dscg.akamai.net\",\"www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net\",\"e13678.dspb.akamaiedge.net\",\"audownload.windowsupdate.nsatc.net\",\"validation.sls.trafficmanager.net\",\"www.microsoft.com\",\"19c570789e093cf18ae541875de261092e7405c0afa10cea643e10fde762eb6b\",\"1e06140672b73dfe337dfde7bc9dead5612bdbf4a8069be5de78fe68da6c75c4\",\"24d004a104d4d54034dbcffc2a4b19a11f39008a575aa614ea04703480b1022c\",\"2f4c58fd1ae5da5caac9b1425e4e03eaa40ab0b9cd82e5cc95b3238b021099da\",\"3176f3e73d8c3b8014deee94455b260530ab909a474853c58ac8b89b695b5364\",\"www.ifferfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"32f24601153be0885f11d62e0a8a2f0280a2034fc981d8184180c5d3b1b9e8cf\",\"3362cfab658f435fa2ba18c2ae36ab5ac376237d43bfba3cb19975d86aa49caa\",\"www.apple.com\",\"35ba6a17181a3a9c511e6145ce0d279663d50d56a83d27afdd4bfced31de36a6\",\"3847b8758c83dfa65e11cf01ce170eaffc0313bcd22ece3b4b2f3f7c280c2563\",\"3b1d735a140edac9954eba8bca0ad3a304b24f508cb5629054d5dbabec6861c3\",\"3dda654bdc5759a3c1f087b51dbc53b9f4ea3d330d0f13eb3d84e664ccb49ee1\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"freedns.afraid.org\",\"xred.mooo.com\",\"pki-goog.l.google.com\",\"cs9.wac.phicdn.net\",\"www.000webhost.com\",\"www.dropbox.com\",\"ocsp.digicert.com\",\"googlehosted.l.googleusercontent.com\",\"xred.site50.net\",\"ocsp.pki.goog\",\"docs.google.com\",\"www.dropbox-dns.com\",\"doc-14-14-docs.googleusercontent.com\",\"ocsp.comodoca.com\",\"64488ed709c5ca9bf23bf943711e85faea008b341fbf662c8982649240aa8203\",\"cs11.wpc.v0cdn.net\",\"hlb.apr-52dd2-0.edgecastdns.net\",\"wu.azureedge.net\",\"wu.ec.azureedge.net\",\"wu.wpc.apr-52dd2.edgecastdns.net\",\"6bcd0c739a1bd991fcf9b5ee981324dfb3e3128afab0b278d92214a53d00a544\",\"729a3e8afccebe0f182f28acf03694d3636a442aca666e3ec743ba1c481fed8f\",\"onlinestores.metaservices.microsoft.com\",\"redir.metaservices.microsoft.com\",\"xiaobaruanjian.tk\",\"8130720f3b4a2ca80ff2358a1ca35fe5244b7107b3e0b9f8caba47c9d270e0a5\",\"world-gen.g.aaplimg.com\",\"time-osx.g.aaplimg.com\",\"e673.dsce9.akamaiedge.net\",\"e6987.a.akamaiedge.net\",\"e6987.e9.akamaiedge.net\",\"init-p01st.push.apple.com\",\"85752b880ed330884044f5f8922821a5844065c0aa513020f6477e4902e655b2\",\"86d6d44fb26fc2ba0b2217467ee9309900120dc762b2748661dc3c164942efac\",\"iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"8caf408b67ae62f93c26d62d9ae7779368616452a43411be652d2edd09514606\",\"9021dd020a9b81172d24ed40fbbeacd54bf066c9061bed2d52057a48ef27560e\",\"www.iuqerxxxdp9ifjaposdfjhgosurijfaewrwergwea.com\",\"90620dbc8327f6ae81447094db0d0a18b8c10444afb8e38e64a70e517058612d\",\"95.197.23.50.in-addr.arpa\",\"92d0bdac61167bbf84199166b835b97e3279eb8fd1519c7157693e0adfeff225\",\"9a2e1e8da634aa1cce446a9ee8f4de2a357eb76debf27938e43f6ac0d6c71009\",\"dmitri.duckdns.org\",\"9e83a136f334202223cc0dfed8b40a0d6cdbcf255a6865fd0a7e1dcc3d6623bc\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwee.com\",\"9f35e3393e442b4a35422e4b927e530712bac8ee2034a884b6ef724f0d8ec0ef\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.cum\",\"a3ce898184fe3427f009240a826803e0ad65f32ae5257a343d4b6b3753081d40\",\"a5232682719d10bff9c388fd3828e359fa6c41c6b301a8fdae87e70fd16bf707\",\"xan0n-31447.portmap.host\",\"aa1df63850b8eee6ba39ed3e4255b4bfb462886847ee032d89815da6e44eef81\",\"tra03.t3ded.com\",\"aa95e0c81899df737c571c9908aa0ffa58602402309ca0c9a77d071e60a7c155\",\"vvv.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"ac5c1bdedeb1ae6bfa7a4b0e8165a1c76c10a7bd7042b3872e53cff4e770e24e\",\"google.com\",\"powertoolsforyou.com\",\"ac77675cb33daced52440cec5cf17d5512e73f2f6e7a047dd776bfa17c078cd2\",\"arizonacode.bplaced.net\",\"www.blockchain.com\",\"blockchain.info\",\"ae55d74a872e43887e742ff7116613f6d070a2e33d79f14cf9965faae431c3cf\",\"b6ea24b4a643ed01cd7a40596ad506730a2f1dfa13acfd98a28f82d77631707d\",\"bd927d915f19a89468391133465b1f2fb78d7a58178867933c44411f4d5de8eb\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.test\",\"c8a8a17085c23f1af0d39dd20083b8edcf7e0701e308ac02f0dbbf22c7956177\",\"www.iuqerfsodp9ifjap1sdfjhgosurijfaewrwergwea.com\",\"d2560b1043f7326569c3c9185fea1b5777053ea4e451e92bf3302461cda8ec0d\",\"d30ccc27daebfae57dae3d8a144ca613896053f191923da0b7911e96990ecacd\",\"dfcd41e8822635b6148d690bc600df588f4ca2ee55f36c8b183acff6560d0afa\",\"e072cd048cd5ead7d22047412bf876a16442f1bb4deeb0b92e57f9ba85dc3899\",\"e39667a48c73846a26e09c806e1ce72d25471906fc88485528830079c84aff1c\",\"e575a260b7f9efe98a3674eb7347d01d447cebce0e6ef2b9b2444bdd0a98b0a2\",\"e9096f62367546637fea9422a1996e2120c677c6115d1157f6cb23dde590e8a0\",\"ee3332f2a6f0315aac695f621bb0af937e2e1656a13bc0f1a0725f09dd14267f\",\"f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad\",\"0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03\"]},\"selected\":{\"id\":\"2720\"},\"selection_policy\":{\"id\":\"2721\"}},\"id\":\"2561\",\"type\":\"ColumnDataSource\"},{\"attributes\":{\"formatter\":{\"id\":\"2716\"},\"ticker\":{\"id\":\"2553\"}},\"id\":\"2552\",\"type\":\"LinearAxis\"},{\"attributes\":{},\"id\":\"2549\",\"type\":\"BasicTicker\"},{\"attributes\":{\"source\":{\"id\":\"2561\"}},\"id\":\"2563\",\"type\":\"CDSView\"},{\"attributes\":{\"graph_layout\":{\"018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f\":[0.35214644952914037,-0.47322107992782864],\"02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd\":[-1.3354956024528275,-0.6125953316467164],\"070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d\":[0.2901943671373673,-0.12354669654300182],\"0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03\":[0.3779225476934703,0.048805084528017385],\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\":[-0.38001563312076236,-0.12753171116571632],\"19c570789e093cf18ae541875de261092e7405c0afa10cea643e10fde762eb6b\":[0.22742295354311262,0.030731226963571667],\"1e06140672b73dfe337dfde7bc9dead5612bdbf4a8069be5de78fe68da6c75c4\":[0.5338772684451898,-0.37289213940527133],\"24d004a104d4d54034dbcffc2a4b19a11f39008a575aa614ea04703480b1022c\":[0.5775875624317951,-0.35342870297197243],\"2f4c58fd1ae5da5caac9b1425e4e03eaa40ab0b9cd82e5cc95b3238b021099da\":[-1.3211119496507095,-0.4668075372732326],\"3176f3e73d8c3b8014deee94455b260530ab909a474853c58ac8b89b695b5364\":[0.3667327621269475,0.06622597876554667],\"32f24601153be0885f11d62e0a8a2f0280a2034fc981d8184180c5d3b1b9e8cf\":[0.6191263881408554,0.27595439153141665],\"3362cfab658f435fa2ba18c2ae36ab5ac376237d43bfba3cb19975d86aa49caa\":[-0.9628468665746699,0.9161831581246114],\"35ba6a17181a3a9c511e6145ce0d279663d50d56a83d27afdd4bfced31de36a6\":[0.3478019083023451,-0.03201565690783633],\"3847b8758c83dfa65e11cf01ce170eaffc0313bcd22ece3b4b2f3f7c280c2563\":[0.32897665627281264,0.03286901674842231],\"3b1d735a140edac9954eba8bca0ad3a304b24f508cb5629054d5dbabec6861c3\":[-1.000118728795789,0.8581464018268559],\"3dda654bdc5759a3c1f087b51dbc53b9f4ea3d330d0f13eb3d84e664ccb49ee1\":[0.35344374288890756,-0.10591069207953731],\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\":[0.01949814717070991,0.14921634793161584],\"57g7spgrzlojinas.onion\":[0.2912323569982314,-0.021516550479494086],\"64488ed709c5ca9bf23bf943711e85faea008b341fbf662c8982649240aa8203\":[-0.3933189033354645,0.019538123981138075],\"6bcd0c739a1bd991fcf9b5ee981324dfb3e3128afab0b278d92214a53d00a544\":[0.3182911501476541,-0.1354236393659765],\"729a3e8afccebe0f182f28acf03694d3636a442aca666e3ec743ba1c481fed8f\":[1.5170806106793013,-1.056053690137548],\"76jdd2ir2embyv47.onion\":[0.272755316277075,-0.009730096451768845],\"8130720f3b4a2ca80ff2358a1ca35fe5244b7107b3e0b9f8caba47c9d270e0a5\":[-0.5963711217541342,0.7281882624355812],\"85752b880ed330884044f5f8922821a5844065c0aa513020f6477e4902e655b2\":[0.2766110157547561,0.061004475509242255],\"86d6d44fb26fc2ba0b2217467ee9309900120dc762b2748661dc3c164942efac\":[0.5159499814308858,-0.5025064456160073],\"8caf408b67ae62f93c26d62d9ae7779368616452a43411be652d2edd09514606\":[0.41571636417786606,-0.4873339900247729],\"9021dd020a9b81172d24ed40fbbeacd54bf066c9061bed2d52057a48ef27560e\":[1.572070846511274,0.1310526880482833],\"90620dbc8327f6ae81447094db0d0a18b8c10444afb8e38e64a70e517058612d\":[0.16373011621208008,0.5313137639872333],\"92d0bdac61167bbf84199166b835b97e3279eb8fd1519c7157693e0adfeff225\":[0.29507645106197067,-0.14184682381655456],\"95.197.23.50.in-addr.arpa\":[0.22266122266194255,0.6821507591161585],\"9a2e1e8da634aa1cce446a9ee8f4de2a357eb76debf27938e43f6ac0d6c71009\":[-0.9752038828224916,1.365286001068877],\"9e83a136f334202223cc0dfed8b40a0d6cdbcf255a6865fd0a7e1dcc3d6623bc\":[0.39290813078586184,-0.05112921075819268],\"9f35e3393e442b4a35422e4b927e530712bac8ee2034a884b6ef724f0d8ec0ef\":[1.89164027416657,0.2599617707039502],\"a1363.dscg.akamai.net\":[-0.4518135843267505,-0.022865032506967677],\"a3ce898184fe3427f009240a826803e0ad65f32ae5257a343d4b6b3753081d40\":[0.559472805205812,-0.41886381410772533],\"a5232682719d10bff9c388fd3828e359fa6c41c6b301a8fdae87e70fd16bf707\":[-0.8361362977225262,-1.5153298821912402],\"a767.dscg3.akamai.net\":[-0.16541382126181609,-0.016784955879855238],\"aa1df63850b8eee6ba39ed3e4255b4bfb462886847ee032d89815da6e44eef81\":[1.9798439899119027,-0.2877598229967718],\"aa95e0c81899df737c571c9908aa0ffa58602402309ca0c9a77d071e60a7c155\":[0.39761126160674537,0.020079975843390302],\"ac5c1bdedeb1ae6bfa7a4b0e8165a1c76c10a7bd7042b3872e53cff4e770e24e\":[-1.0603683595944946,0.33803607438901795],\"ac77675cb33daced52440cec5cf17d5512e73f2f6e7a047dd776bfa17c078cd2\":[-0.8837519368379747,0.5526639143952222],\"ae55d74a872e43887e742ff7116613f6d070a2e33d79f14cf9965faae431c3cf\":[0.4778706258298316,-0.5197830490742463],\"arizonacode.bplaced.net\":[-0.878055633376014,0.6465665043211681],\"au-bg-shim.trafficmanager.net\":[-0.2298465020609694,0.031786139860893826],\"au.download.windowsupdate.com.edgesuite.net\":[-0.1752985586528489,0.01320012930148818],\"audownload.windowsupdate.nsatc.net\":[-0.23919584409955924,0.05252007093229573],\"b6ea24b4a643ed01cd7a40596ad506730a2f1dfa13acfd98a28f82d77631707d\":[0.50873431663119,-0.42960735005896533],\"bd927d915f19a89468391133465b1f2fb78d7a58178867933c44411f4d5de8eb\":[-0.19952209509663868,-1.9999999999999998],\"blockchain.info\":[-0.7991423249924119,0.6213197265181737],\"c8a8a17085c23f1af0d39dd20083b8edcf7e0701e308ac02f0dbbf22c7956177\":[0.39845920744758306,-0.015177506639596813],\"crl.microsoft.com\":[-0.45572679125948745,-0.07188957709757382],\"crl.www.ms.akadns.net\":[-0.4862830660248353,-0.04433772272378663],\"cs11.wpc.v0cdn.net\":[-0.41245917403626287,-0.11243264902998264],\"cs9.wac.phicdn.net\":[-0.2893209140861885,0.4511329952081283],\"ctldl.windowsupdate.com\":[-0.2211029712919668,0.010769250719522776],\"cwwnhwhlz52maqm7.onion\":[0.29469187981084966,-0.007142745259574187],\"d2560b1043f7326569c3c9185fea1b5777053ea4e451e92bf3302461cda8ec0d\":[-0.9146970259107199,0.7986043536830755],\"d30ccc27daebfae57dae3d8a144ca613896053f191923da0b7911e96990ecacd\":[0.3263688275400971,-0.11501259136555272],\"dfcd41e8822635b6148d690bc600df588f4ca2ee55f36c8b183acff6560d0afa\":[0.38875172065692565,-0.44260432126657623],\"dmitri.duckdns.org\":[-1.0380636951963873,1.4768713591415508],\"doc-14-14-docs.googleusercontent.com\":[0.10951540601718285,0.2775570603692386],\"docs.google.com\":[-6.644771375460217e-05,0.3287327209464487],\"e072cd048cd5ead7d22047412bf876a16442f1bb4deeb0b92e57f9ba85dc3899\":[0.34591339939378196,0.07765151406132897],\"e11290.dspg.akamaiedge.net\":[-0.39725361318200386,-0.25849966913226124],\"e13678.dspb.akamaiedge.net\":[-0.4463333651087252,-0.29597084553912983],\"e39667a48c73846a26e09c806e1ce72d25471906fc88485528830079c84aff1c\":[0.4574820785846312,-0.44202771637166854],\"e575a260b7f9efe98a3674eb7347d01d447cebce0e6ef2b9b2444bdd0a98b0a2\":[0.21397641428996944,-0.040534178608098145],\"e673.dsce9.akamaiedge.net\":[-0.5517143455120374,0.8559637712549639],\"e6987.a.akamaiedge.net\":[-0.6712005981497206,0.8647402064763258],\"e6987.e9.akamaiedge.net\":[-0.6139524813436192,0.8371262958813845],\"e9096f62367546637fea9422a1996e2120c677c6115d1157f6cb23dde590e8a0\":[0.25673964204245625,-0.07551027989230259],\"ee3332f2a6f0315aac695f621bb0af937e2e1656a13bc0f1a0725f09dd14267f\":[0.6560823377593111,0.2280962196573554],\"f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad\":[0.34717409075720645,-0.12734664467200635],\"fkksjobnn43.org\":[-1.3279527938460467,-0.5397944749834541],\"freedns.afraid.org\":[0.08623368891978342,0.3857456699627653],\"genuine.microsoft.akadns.net\":[-0.4549067846676169,-0.23361883538465683],\"genuine.microsoft.com\":[-0.5026043706275596,-0.1911338220126146],\"go.microsoft.com\":[-0.49067818761443827,-0.2763885919311099],\"go.microsoft.com.edgekey.net\":[-0.5453524797779629,-0.11183022092358816],\"google.com\":[-1.0976210812888603,0.23795583866913567],\"googlehosted.l.googleusercontent.com\":[0.060406840706335466,0.22940875836397598],\"gx7ekbenv2riucmf.onion\":[0.27804657868216603,-0.021458452273043414],\"hlb.apr-52dd2-0.edgecastdns.net\":[-0.3412143374218051,-0.06481686348437021],\"init-p01st.push.apple.com\":[-0.7766380711150808,0.7732553109857768],\"iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\":[0.5469369397084884,-0.6202875930125367],\"ocsp.comodoca.com\":[-0.038377471832744744,0.23113547091697567],\"ocsp.digicert.com\":[0.006985875341234786,0.27477058120589426],\"ocsp.pki.goog\":[-0.05069664549469226,0.3094358984401887],\"onlinestores.metaservices.microsoft.com\":[1.5815283215146658,-1.1557152308744822],\"pki-goog.l.google.com\":[0.12446405764214657,0.22537583550449025],\"powertoolsforyou.com\":[-0.97938025508898,0.44400338145320145],\"redir.metaservices.microsoft.com\":[1.6292617126940283,-1.1063065202626816],\"time-osx.g.aaplimg.com\":[-0.6833110781002075,0.8102995191310051],\"tra03.t3ded.com\":[1.8937557849941007,-0.2753350060328964],\"validation.sls.microsoft.com\":[-0.3396360275688988,-0.26867266245399135],\"validation.sls.trafficmanager.net\":[-0.5253340762352403,-0.24623021520978708],\"vvv.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\":[0.5681400291407457,0.07328380450512556],\"world-gen.g.aaplimg.com\":[-0.6082035654051794,0.8891531160544868],\"wu.azureedge.net\":[-0.48744661140474826,0.12810155226509634],\"wu.ec.azureedge.net\":[-0.530329093447989,0.09312649550975963],\"wu.wpc.apr-52dd2.edgecastdns.net\":[-0.5571324253925454,0.04574369440901707],\"www.000webhost.com\":[0.05857188223265067,0.30277739321137404],\"www.apple.com\":[-0.8469125242242288,0.8167545569698116],\"www.blockchain.com\":[-0.9075973026504348,0.6019195810691853],\"www.dropbox-dns.com\":[-0.08538950046441998,0.2739292471414969],\"www.dropbox.com\":[-0.10152765239782685,0.2199928610926453],\"www.ifferfsodp9ifjaposdfjhgosurijfaewrwergwea.com\":[0.5000467398819355,0.16185949719968787],\"www.iuqerfsodp9ifjap1sdfjhgosurijfaewrwergwea.com\":[0.5757533287985444,-0.011734799737387763],\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\":[0.40910763970334735,-0.31488984822985794],\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.cum\":[1.787037875918472,0.23230971773604495],\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.test\":[-0.19018749780779967,-1.885786341079507],\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwee.com\":[0.5642493643008824,-0.09481581720848505],\"www.iuqerxxxdp9ifjaposdfjhgosurijfaewrwergwea.com\":[1.5094342423841374,0.10783725258602285],\"www.microsoft.com\":[-0.39212180826865317,-0.3076919553077852],\"www.microsoft.com-c-3.edgekey.net\":[-0.5531984681182013,-0.2050783146666536],\"www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net\":[-0.55631782844369,-0.1570985707028368],\"xan0n-31447.portmap.host\":[-0.891622143478162,-1.6176373134267759],\"xiaobaruanjian.tk\":[1.473185243465657,-0.9973714671872066],\"xred.mooo.com\":[0.12062686469355301,0.37167988928216994],\"xred.site50.net\":[-0.07352225890634592,0.15703428530802963],\"xxlvbrloxvriy2c5.onion\":[0.2834988716784441,-0.00027167783383264356]}},\"id\":\"2568\",\"type\":\"StaticLayoutProvider\"},{\"attributes\":{\"data\":{\"end\":[\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d\",\"1e06140672b73dfe337dfde7bc9dead5612bdbf4a8069be5de78fe68da6c75c4\",\"24d004a104d4d54034dbcffc2a4b19a11f39008a575aa614ea04703480b1022c\",\"3dda654bdc5759a3c1f087b51dbc53b9f4ea3d330d0f13eb3d84e664ccb49ee1\",\"6bcd0c739a1bd991fcf9b5ee981324dfb3e3128afab0b278d92214a53d00a544\",\"86d6d44fb26fc2ba0b2217467ee9309900120dc762b2748661dc3c164942efac\",\"8caf408b67ae62f93c26d62d9ae7779368616452a43411be652d2edd09514606\",\"92d0bdac61167bbf84199166b835b97e3279eb8fd1519c7157693e0adfeff225\",\"a3ce898184fe3427f009240a826803e0ad65f32ae5257a343d4b6b3753081d40\",\"ae55d74a872e43887e742ff7116613f6d070a2e33d79f14cf9965faae431c3cf\",\"b6ea24b4a643ed01cd7a40596ad506730a2f1dfa13acfd98a28f82d77631707d\",\"d30ccc27daebfae57dae3d8a144ca613896053f191923da0b7911e96990ecacd\",\"dfcd41e8822635b6148d690bc600df588f4ca2ee55f36c8b183acff6560d0afa\",\"e39667a48c73846a26e09c806e1ce72d25471906fc88485528830079c84aff1c\",\"f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad\",\"fkksjobnn43.org\",\"2f4c58fd1ae5da5caac9b1425e4e03eaa40ab0b9cd82e5cc95b3238b021099da\",\"76jdd2ir2embyv47.onion\",\"xxlvbrloxvriy2c5.onion\",\"gx7ekbenv2riucmf.onion\",\"57g7spgrzlojinas.onion\",\"cwwnhwhlz52maqm7.onion\",\"19c570789e093cf18ae541875de261092e7405c0afa10cea643e10fde762eb6b\",\"3176f3e73d8c3b8014deee94455b260530ab909a474853c58ac8b89b695b5364\",\"35ba6a17181a3a9c511e6145ce0d279663d50d56a83d27afdd4bfced31de36a6\",\"3847b8758c83dfa65e11cf01ce170eaffc0313bcd22ece3b4b2f3f7c280c2563\",\"3dda654bdc5759a3c1f087b51dbc53b9f4ea3d330d0f13eb3d84e664ccb49ee1\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"6bcd0c739a1bd991fcf9b5ee981324dfb3e3128afab0b278d92214a53d00a544\",\"85752b880ed330884044f5f8922821a5844065c0aa513020f6477e4902e655b2\",\"92d0bdac61167bbf84199166b835b97e3279eb8fd1519c7157693e0adfeff225\",\"9e83a136f334202223cc0dfed8b40a0d6cdbcf255a6865fd0a7e1dcc3d6623bc\",\"aa95e0c81899df737c571c9908aa0ffa58602402309ca0c9a77d071e60a7c155\",\"c8a8a17085c23f1af0d39dd20083b8edcf7e0701e308ac02f0dbbf22c7956177\",\"d30ccc27daebfae57dae3d8a144ca613896053f191923da0b7911e96990ecacd\",\"e072cd048cd5ead7d22047412bf876a16442f1bb4deeb0b92e57f9ba85dc3899\",\"e575a260b7f9efe98a3674eb7347d01d447cebce0e6ef2b9b2444bdd0a98b0a2\",\"e9096f62367546637fea9422a1996e2120c677c6115d1157f6cb23dde590e8a0\",\"f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad\",\"0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03\",\"19c570789e093cf18ae541875de261092e7405c0afa10cea643e10fde762eb6b\",\"3176f3e73d8c3b8014deee94455b260530ab909a474853c58ac8b89b695b5364\",\"35ba6a17181a3a9c511e6145ce0d279663d50d56a83d27afdd4bfced31de36a6\",\"3847b8758c83dfa65e11cf01ce170eaffc0313bcd22ece3b4b2f3f7c280c2563\",\"3dda654bdc5759a3c1f087b51dbc53b9f4ea3d330d0f13eb3d84e664ccb49ee1\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"6bcd0c739a1bd991fcf9b5ee981324dfb3e3128afab0b278d92214a53d00a544\",\"85752b880ed330884044f5f8922821a5844065c0aa513020f6477e4902e655b2\",\"92d0bdac61167bbf84199166b835b97e3279eb8fd1519c7157693e0adfeff225\",\"9e83a136f334202223cc0dfed8b40a0d6cdbcf255a6865fd0a7e1dcc3d6623bc\",\"aa95e0c81899df737c571c9908aa0ffa58602402309ca0c9a77d071e60a7c155\",\"c8a8a17085c23f1af0d39dd20083b8edcf7e0701e308ac02f0dbbf22c7956177\",\"d30ccc27daebfae57dae3d8a144ca613896053f191923da0b7911e96990ecacd\",\"e072cd048cd5ead7d22047412bf876a16442f1bb4deeb0b92e57f9ba85dc3899\",\"e575a260b7f9efe98a3674eb7347d01d447cebce0e6ef2b9b2444bdd0a98b0a2\",\"e9096f62367546637fea9422a1996e2120c677c6115d1157f6cb23dde590e8a0\",\"f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad\",\"0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03\",\"19c570789e093cf18ae541875de261092e7405c0afa10cea643e10fde762eb6b\",\"3176f3e73d8c3b8014deee94455b260530ab909a474853c58ac8b89b695b5364\",\"35ba6a17181a3a9c511e6145ce0d279663d50d56a83d27afdd4bfced31de36a6\",\"3847b8758c83dfa65e11cf01ce170eaffc0313bcd22ece3b4b2f3f7c280c2563\",\"3dda654bdc5759a3c1f087b51dbc53b9f4ea3d330d0f13eb3d84e664ccb49ee1\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"6bcd0c739a1bd991fcf9b5ee981324dfb3e3128afab0b278d92214a53d00a544\",\"85752b880ed330884044f5f8922821a5844065c0aa513020f6477e4902e655b2\",\"92d0bdac61167bbf84199166b835b97e3279eb8fd1519c7157693e0adfeff225\",\"9e83a136f334202223cc0dfed8b40a0d6cdbcf255a6865fd0a7e1dcc3d6623bc\",\"aa95e0c81899df737c571c9908aa0ffa58602402309ca0c9a77d071e60a7c155\",\"c8a8a17085c23f1af0d39dd20083b8edcf7e0701e308ac02f0dbbf22c7956177\",\"d30ccc27daebfae57dae3d8a144ca613896053f191923da0b7911e96990ecacd\",\"e072cd048cd5ead7d22047412bf876a16442f1bb4deeb0b92e57f9ba85dc3899\",\"e575a260b7f9efe98a3674eb7347d01d447cebce0e6ef2b9b2444bdd0a98b0a2\",\"e9096f62367546637fea9422a1996e2120c677c6115d1157f6cb23dde590e8a0\",\"f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad\",\"0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03\",\"19c570789e093cf18ae541875de261092e7405c0afa10cea643e10fde762eb6b\",\"3176f3e73d8c3b8014deee94455b260530ab909a474853c58ac8b89b695b5364\",\"35ba6a17181a3a9c511e6145ce0d279663d50d56a83d27afdd4bfced31de36a6\",\"3847b8758c83dfa65e11cf01ce170eaffc0313bcd22ece3b4b2f3f7c280c2563\",\"3dda654bdc5759a3c1f087b51dbc53b9f4ea3d330d0f13eb3d84e664ccb49ee1\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"6bcd0c739a1bd991fcf9b5ee981324dfb3e3128afab0b278d92214a53d00a544\",\"85752b880ed330884044f5f8922821a5844065c0aa513020f6477e4902e655b2\",\"92d0bdac61167bbf84199166b835b97e3279eb8fd1519c7157693e0adfeff225\",\"9e83a136f334202223cc0dfed8b40a0d6cdbcf255a6865fd0a7e1dcc3d6623bc\",\"aa95e0c81899df737c571c9908aa0ffa58602402309ca0c9a77d071e60a7c155\",\"c8a8a17085c23f1af0d39dd20083b8edcf7e0701e308ac02f0dbbf22c7956177\",\"d30ccc27daebfae57dae3d8a144ca613896053f191923da0b7911e96990ecacd\",\"e072cd048cd5ead7d22047412bf876a16442f1bb4deeb0b92e57f9ba85dc3899\",\"e575a260b7f9efe98a3674eb7347d01d447cebce0e6ef2b9b2444bdd0a98b0a2\",\"e9096f62367546637fea9422a1996e2120c677c6115d1157f6cb23dde590e8a0\",\"f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad\",\"0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03\",\"19c570789e093cf18ae541875de261092e7405c0afa10cea643e10fde762eb6b\",\"3176f3e73d8c3b8014deee94455b260530ab909a474853c58ac8b89b695b5364\",\"35ba6a17181a3a9c511e6145ce0d279663d50d56a83d27afdd4bfced31de36a6\",\"3847b8758c83dfa65e11cf01ce170eaffc0313bcd22ece3b4b2f3f7c280c2563\",\"3dda654bdc5759a3c1f087b51dbc53b9f4ea3d330d0f13eb3d84e664ccb49ee1\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"6bcd0c739a1bd991fcf9b5ee981324dfb3e3128afab0b278d92214a53d00a544\",\"85752b880ed330884044f5f8922821a5844065c0aa513020f6477e4902e655b2\",\"92d0bdac61167bbf84199166b835b97e3279eb8fd1519c7157693e0adfeff225\",\"9e83a136f334202223cc0dfed8b40a0d6cdbcf255a6865fd0a7e1dcc3d6623bc\",\"aa95e0c81899df737c571c9908aa0ffa58602402309ca0c9a77d071e60a7c155\",\"c8a8a17085c23f1af0d39dd20083b8edcf7e0701e308ac02f0dbbf22c7956177\",\"d30ccc27daebfae57dae3d8a144ca613896053f191923da0b7911e96990ecacd\",\"e072cd048cd5ead7d22047412bf876a16442f1bb4deeb0b92e57f9ba85dc3899\",\"e575a260b7f9efe98a3674eb7347d01d447cebce0e6ef2b9b2444bdd0a98b0a2\",\"e9096f62367546637fea9422a1996e2120c677c6115d1157f6cb23dde590e8a0\",\"f1aa23299987eed2173e83d26b6078232051f885586ebba35699143b83bc68ad\",\"0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03\",\"crl.microsoft.com\",\"www.microsoft.com-c-3.edgekey.net\",\"go.microsoft.com.edgekey.net\",\"a767.dscg3.akamai.net\",\"e11290.dspg.akamaiedge.net\",\"au.download.windowsupdate.com.edgesuite.net\",\"go.microsoft.com\",\"crl.www.ms.akadns.net\",\"genuine.microsoft.com\",\"au-bg-shim.trafficmanager.net\",\"genuine.microsoft.akadns.net\",\"ctldl.windowsupdate.com\",\"validation.sls.microsoft.com\",\"a1363.dscg.akamai.net\",\"www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net\",\"e13678.dspb.akamaiedge.net\",\"audownload.windowsupdate.nsatc.net\",\"validation.sls.trafficmanager.net\",\"www.microsoft.com\",\"64488ed709c5ca9bf23bf943711e85faea008b341fbf662c8982649240aa8203\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"64488ed709c5ca9bf23bf943711e85faea008b341fbf662c8982649240aa8203\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"64488ed709c5ca9bf23bf943711e85faea008b341fbf662c8982649240aa8203\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"64488ed709c5ca9bf23bf943711e85faea008b341fbf662c8982649240aa8203\",\"64488ed709c5ca9bf23bf943711e85faea008b341fbf662c8982649240aa8203\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"64488ed709c5ca9bf23bf943711e85faea008b341fbf662c8982649240aa8203\",\"www.ifferfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"32f24601153be0885f11d62e0a8a2f0280a2034fc981d8184180c5d3b1b9e8cf\",\"e072cd048cd5ead7d22047412bf876a16442f1bb4deeb0b92e57f9ba85dc3899\",\"ee3332f2a6f0315aac695f621bb0af937e2e1656a13bc0f1a0725f09dd14267f\",\"0d592a8d7e13210140f106a897a211b839608c2e9e86f20419e30d4087b7ac03\",\"www.apple.com\",\"3b1d735a140edac9954eba8bca0ad3a304b24f508cb5629054d5dbabec6861c3\",\"8130720f3b4a2ca80ff2358a1ca35fe5244b7107b3e0b9f8caba47c9d270e0a5\",\"d2560b1043f7326569c3c9185fea1b5777053ea4e451e92bf3302461cda8ec0d\",\"freedns.afraid.org\",\"xred.mooo.com\",\"pki-goog.l.google.com\",\"cs9.wac.phicdn.net\",\"www.000webhost.com\",\"www.dropbox.com\",\"ocsp.digicert.com\",\"googlehosted.l.googleusercontent.com\",\"xred.site50.net\",\"ocsp.pki.goog\",\"docs.google.com\",\"www.dropbox-dns.com\",\"doc-14-14-docs.googleusercontent.com\",\"ocsp.comodoca.com\",\"90620dbc8327f6ae81447094db0d0a18b8c10444afb8e38e64a70e517058612d\",\"90620dbc8327f6ae81447094db0d0a18b8c10444afb8e38e64a70e517058612d\",\"8130720f3b4a2ca80ff2358a1ca35fe5244b7107b3e0b9f8caba47c9d270e0a5\",\"cs11.wpc.v0cdn.net\",\"hlb.apr-52dd2-0.edgecastdns.net\",\"wu.azureedge.net\",\"wu.ec.azureedge.net\",\"wu.wpc.apr-52dd2.edgecastdns.net\",\"onlinestores.metaservices.microsoft.com\",\"redir.metaservices.microsoft.com\",\"xiaobaruanjian.tk\",\"world-gen.g.aaplimg.com\",\"time-osx.g.aaplimg.com\",\"e673.dsce9.akamaiedge.net\",\"e6987.a.akamaiedge.net\",\"e6987.e9.akamaiedge.net\",\"init-p01st.push.apple.com\",\"d2560b1043f7326569c3c9185fea1b5777053ea4e451e92bf3302461cda8ec0d\",\"iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"ae55d74a872e43887e742ff7116613f6d070a2e33d79f14cf9965faae431c3cf\",\"www.iuqerxxxdp9ifjaposdfjhgosurijfaewrwergwea.com\",\"95.197.23.50.in-addr.arpa\",\"dmitri.duckdns.org\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwee.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.cum\",\"xan0n-31447.portmap.host\",\"tra03.t3ded.com\",\"vvv.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"google.com\",\"powertoolsforyou.com\",\"ac77675cb33daced52440cec5cf17d5512e73f2f6e7a047dd776bfa17c078cd2\",\"arizonacode.bplaced.net\",\"www.blockchain.com\",\"blockchain.info\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.test\",\"www.iuqerfsodp9ifjap1sdfjhgosurijfaewrwergwea.com\"],\"relationship_type\":[\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\",\"contacted_domains\"],\"start\":[\"018ac8f95d5e14b92011cdbfc8c48056ca4891161ed6bdd268770a5b56bb327f\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"02a7977d1faf7bfc93a4b678a049c9495ea663e7065aa5a6caf0f69c5ff25dbd\",\"fkksjobnn43.org\",\"070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d\",\"070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d\",\"070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d\",\"070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d\",\"070f603e0443b1fae57425210fb3b27c2f77d8983cfefefb0ee185de572df33d\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"76jdd2ir2embyv47.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"xxlvbrloxvriy2c5.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"gx7ekbenv2riucmf.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"57g7spgrzlojinas.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"cwwnhwhlz52maqm7.onion\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"18e59a4f0492fcad0398c338000e5589950c9b700dddf662db6b594a7f816d9b\",\"crl.microsoft.com\",\"a767.dscg3.akamai.net\",\"au.download.windowsupdate.com.edgesuite.net\",\"crl.www.ms.akadns.net\",\"au-bg-shim.trafficmanager.net\",\"au-bg-shim.trafficmanager.net\",\"ctldl.windowsupdate.com\",\"ctldl.windowsupdate.com\",\"a1363.dscg.akamai.net\",\"audownload.windowsupdate.nsatc.net\",\"audownload.windowsupdate.nsatc.net\",\"3176f3e73d8c3b8014deee94455b260530ab909a474853c58ac8b89b695b5364\",\"www.ifferfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.ifferfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.ifferfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"www.ifferfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"3362cfab658f435fa2ba18c2ae36ab5ac376237d43bfba3cb19975d86aa49caa\",\"www.apple.com\",\"www.apple.com\",\"www.apple.com\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"531d5538eed80b78d1c6c2023aa7e78a905e047c1164bba293d5e4f57c690fa5\",\"freedns.afraid.org\",\"xred.mooo.com\",\"cs9.wac.phicdn.net\",\"64488ed709c5ca9bf23bf943711e85faea008b341fbf662c8982649240aa8203\",\"64488ed709c5ca9bf23bf943711e85faea008b341fbf662c8982649240aa8203\",\"64488ed709c5ca9bf23bf943711e85faea008b341fbf662c8982649240aa8203\",\"64488ed709c5ca9bf23bf943711e85faea008b341fbf662c8982649240aa8203\",\"64488ed709c5ca9bf23bf943711e85faea008b341fbf662c8982649240aa8203\",\"729a3e8afccebe0f182f28acf03694d3636a442aca666e3ec743ba1c481fed8f\",\"729a3e8afccebe0f182f28acf03694d3636a442aca666e3ec743ba1c481fed8f\",\"729a3e8afccebe0f182f28acf03694d3636a442aca666e3ec743ba1c481fed8f\",\"8130720f3b4a2ca80ff2358a1ca35fe5244b7107b3e0b9f8caba47c9d270e0a5\",\"8130720f3b4a2ca80ff2358a1ca35fe5244b7107b3e0b9f8caba47c9d270e0a5\",\"8130720f3b4a2ca80ff2358a1ca35fe5244b7107b3e0b9f8caba47c9d270e0a5\",\"8130720f3b4a2ca80ff2358a1ca35fe5244b7107b3e0b9f8caba47c9d270e0a5\",\"8130720f3b4a2ca80ff2358a1ca35fe5244b7107b3e0b9f8caba47c9d270e0a5\",\"8130720f3b4a2ca80ff2358a1ca35fe5244b7107b3e0b9f8caba47c9d270e0a5\",\"init-p01st.push.apple.com\",\"86d6d44fb26fc2ba0b2217467ee9309900120dc762b2748661dc3c164942efac\",\"iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com\",\"9021dd020a9b81172d24ed40fbbeacd54bf066c9061bed2d52057a48ef27560e\",\"90620dbc8327f6ae81447094db0d0a18b8c10444afb8e38e64a70e517058612d\",\"9a2e1e8da634aa1cce446a9ee8f4de2a357eb76debf27938e43f6ac0d6c71009\",\"9e83a136f334202223cc0dfed8b40a0d6cdbcf255a6865fd0a7e1dcc3d6623bc\",\"9f35e3393e442b4a35422e4b927e530712bac8ee2034a884b6ef724f0d8ec0ef\",\"a5232682719d10bff9c388fd3828e359fa6c41c6b301a8fdae87e70fd16bf707\",\"aa1df63850b8eee6ba39ed3e4255b4bfb462886847ee032d89815da6e44eef81\",\"aa95e0c81899df737c571c9908aa0ffa58602402309ca0c9a77d071e60a7c155\",\"ac5c1bdedeb1ae6bfa7a4b0e8165a1c76c10a7bd7042b3872e53cff4e770e24e\",\"ac5c1bdedeb1ae6bfa7a4b0e8165a1c76c10a7bd7042b3872e53cff4e770e24e\",\"powertoolsforyou.com\",\"ac77675cb33daced52440cec5cf17d5512e73f2f6e7a047dd776bfa17c078cd2\",\"ac77675cb33daced52440cec5cf17d5512e73f2f6e7a047dd776bfa17c078cd2\",\"ac77675cb33daced52440cec5cf17d5512e73f2f6e7a047dd776bfa17c078cd2\",\"bd927d915f19a89468391133465b1f2fb78d7a58178867933c44411f4d5de8eb\",\"c8a8a17085c23f1af0d39dd20083b8edcf7e0701e308ac02f0dbbf22c7956177\"]},\"selected\":{\"id\":\"2718\"},\"selection_policy\":{\"id\":\"2719\"}},\"id\":\"2565\",\"type\":\"ColumnDataSource\"},{\"attributes\":{\"data_source\":{\"id\":\"2565\"},\"glyph\":{\"id\":\"2564\"},\"hover_glyph\":null,\"muted_glyph\":null,\"view\":{\"id\":\"2567\"}},\"id\":\"2566\",\"type\":\"GlyphRenderer\"},{\"attributes\":{\"source\":{\"id\":\"2565\"}},\"id\":\"2567\",\"type\":\"CDSView\"},{\"attributes\":{},\"id\":\"2564\",\"type\":\"MultiLine\"},{\"attributes\":{\"axis\":{\"id\":\"2548\"},\"ticker\":null},\"id\":\"2551\",\"type\":\"Grid\"},{\"attributes\":{\"callback\":null},\"id\":\"2556\",\"type\":\"HoverTool\"},{\"attributes\":{},\"id\":\"2560\",\"type\":\"Circle\"},{\"attributes\":{},\"id\":\"2716\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{},\"id\":\"2720\",\"type\":\"Selection\"},{\"attributes\":{\"edge_renderer\":{\"id\":\"2566\"},\"inspection_policy\":{\"id\":\"2711\"},\"layout_provider\":{\"id\":\"2568\"},\"node_renderer\":{\"id\":\"2562\"},\"selection_policy\":{\"id\":\"2710\"}},\"id\":\"2559\",\"type\":\"GraphRenderer\"},{\"attributes\":{\"active_drag\":\"auto\",\"active_inspect\":\"auto\",\"active_multi\":null,\"active_scroll\":\"auto\",\"active_tap\":\"auto\",\"tools\":[{\"id\":\"2556\"}]},\"id\":\"2557\",\"type\":\"Toolbar\"},{\"attributes\":{},\"id\":\"2544\",\"type\":\"LinearScale\"},{\"attributes\":{\"data_source\":{\"id\":\"2561\"},\"glyph\":{\"id\":\"2560\"},\"hover_glyph\":null,\"muted_glyph\":null,\"view\":{\"id\":\"2563\"}},\"id\":\"2562\",\"type\":\"GlyphRenderer\"},{\"attributes\":{},\"id\":\"2553\",\"type\":\"BasicTicker\"},{\"attributes\":{},\"id\":\"2704\",\"type\":\"BasicTickFormatter\"},{\"attributes\":{},\"id\":\"2721\",\"type\":\"UnionRenderers\"},{\"attributes\":{\"end\":1.1,\"start\":-1.1},\"id\":\"2540\",\"type\":\"Range1d\"},{\"attributes\":{\"formatter\":{\"id\":\"2704\"},\"ticker\":{\"id\":\"2549\"}},\"id\":\"2548\",\"type\":\"LinearAxis\"},{\"attributes\":{\"end\":1.1,\"start\":-1.1},\"id\":\"2542\",\"type\":\"Range1d\"},{\"attributes\":{},\"id\":\"2711\",\"type\":\"NodesOnly\"}],\"root_ids\":[\"2537\"]},\"title\":\"Bokeh Application\",\"version\":\"2.2.2\"}};\n var render_items = [{\"docid\":\"44502671-1afb-4199-98a3-94af624af738\",\"root_ids\":[\"2537\"],\"roots\":{\"2537\":\"ca627f0b-ab19-482b-acc3-f77a04a27cd2\"}}];\n root.Bokeh.embed.embed_items_notebook(docs_json, render_items);\n\n }\n if (root.Bokeh !== undefined) {\n embed_document(root);\n } else {\n var attempts = 0;\n var timer = setInterval(function(root) {\n if (root.Bokeh !== undefined) {\n clearInterval(timer);\n embed_document(root);\n } else {\n attempts++;\n if (attempts > 100) {\n clearInterval(timer);\n console.log(\"Bokeh: ERROR: Unable to run BokehJS code because BokehJS library is missing\");\n }\n }\n }, 10, root)\n }\n})(window);", "application/vnd.bokehjs_exec.v0+json": "" }, "metadata": { "application/vnd.bokehjs_exec.v0+json": { "id": "2537" } }, "output_type": "display_data" } ], "source": [ "from bokeh.io import output_notebook, show\n", "from bokeh.plotting import figure, from_networkx\n", "\n", "graph = nx.from_pandas_edgelist(\n", " example_multiple_relationship_df.reset_index(),\n", " source=\"source\",\n", " target=\"target\",\n", " edge_attr=\"relationship_type\",\n", ")\n", "\n", "plot = figure(\n", " title=\"Simple graph plot\", x_range=(-1.1, 1.1), y_range=(-1.1, 1.1), tools=\"hover\"\n", ")\n", "g_plot = from_networkx(graph, nx.spring_layout, scale=2, center=(0, 0))\n", "plot.renderers.append(g_plot)\n", "\n", "output_notebook()\n", "show(plot)" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "## Integration with VTGraph\n", "\n", "Once we have some DataFrames with the relationships, we are able to generate and visualize a VT Graph in our notebook. The function `create_vt_graph` accepts as input a **list of Relationship DataFrames**.\n", "\n", "> **Note:** it can take some time to generate the graph, depending on the number of nodes and relationships.\n", "\n", "Unlike our local graph, this displays rich information about the nodes and relationship and allows us to expand our investigation with further searches or ad hoc nodes.\n", "\n", "> **Note:** - the inline graph displays node attributes but doesn't allow you edit or to add to the graph with further searches.
\n", "> Click on the link in the frame to go to the VirusTotal site to view." ] }, { "cell_type": "code", "execution_count": 12, "metadata": { "ExecuteTime": { "end_time": "2020-10-27T21:35:31.697172Z", "start_time": "2020-10-27T21:34:31.666782Z" } }, "outputs": [ { "data": { "text/plain": [ "'g20091e04457e441ab3d061480caf5e3c626208e1da5a41e08522f78b4e31b574'" ] }, "execution_count": 12, "metadata": {}, "output_type": "execute_result" } ], "source": [ "graph_id = vt_lookup.create_vt_graph(\n", " relationship_dfs=[example_relationship_df, example_multiple_relationship_df],\n", " name=\"My first Jupyter Notebook Graph\",\n", " private=False,\n", ")\n", "graph_id" ] }, { "cell_type": "code", "execution_count": 13, "metadata": { "ExecuteTime": { "end_time": "2020-10-27T21:52:51.571327Z", "start_time": "2020-10-27T21:52:51.558327Z" } }, "outputs": [ { "data": { "text/html": [ "\n", " \n", " \n", "\n", " " ], "text/plain": [ "" ] }, "metadata": {}, "output_type": "display_data" } ], "source": [ "vt_lookup.render_vt_graph(graph_id=graph_id, width=900, height=600)" ] }, { "cell_type": "code", "execution_count": null, "metadata": {}, "outputs": [], "source": [] } ], "metadata": { "hide_input": false, "kernelspec": { "display_name": "Python (condadev)", "language": "python", "name": "condadev" }, "language_info": { "codemirror_mode": { "name": "ipython", "version": 3 }, "file_extension": ".py", "mimetype": "text/x-python", "name": "python", "nbconvert_exporter": "python", "pygments_lexer": "ipython3", "version": "3.7.9" }, "latex_envs": { "LaTeX_envs_menu_present": true, "autoclose": false, "autocomplete": true, "bibliofile": "biblio.bib", "cite_by": "apalike", "current_citInitial": 1, "eqLabelWithNumbers": true, "eqNumInitial": 1, "hotkeys": { "equation": "Ctrl-E", "itemize": "Ctrl-I" }, "labels_anchors": false, "latex_user_defs": false, "report_style_numbering": false, "user_envs_cfg": false }, "toc": { "base_numbering": 1, "nav_menu": {}, "number_sections": false, "sideBar": true, "skip_h1_title": false, "title_cell": "Table of Contents", "title_sidebar": "Contents", "toc_cell": false, "toc_position": {}, "toc_section_display": true, "toc_window_display": true }, "varInspector": { "cols": { "lenName": 16, "lenType": 16, "lenVar": 40 }, "kernels_config": { "python": { "delete_cmd_postfix": "", "delete_cmd_prefix": "del ", "library": "var_list.py", "varRefreshCmd": "print(var_dic_list())" }, "r": { "delete_cmd_postfix": ") ", "delete_cmd_prefix": "rm(", "library": "var_list.r", "varRefreshCmd": "cat(var_dic_list()) " } }, "types_to_exclude": [ "module", "function", "builtin_function_or_method", "instance", "_Feature" ], "window_display": false }, "widgets": { "application/vnd.jupyter.widget-state+json": { "state": {}, "version_major": 2, "version_minor": 0 } } }, "nbformat": 4, "nbformat_minor": 4 }