ctx-get-ip-report-batch
Get multiple IP reports from CTX service.
ctx-get-ip-report-batch [profile=PROFILE] [field=FIELD]
- profile=PROFILE
- Profile name of CTX
- field=FIELD
- ip by default.
Output Fields
Field | Type | Name | Description |
---|---|---|---|
profile | String | Connect profile | The identifier of CTX connect profile |
ip | IP address | IP address | e.g. 45.156.128.96 |
verdict | String | Verdict | e.g. MALICIOUS, BENIGN |
reverse_dns | String | Reverse DNS | |
country | String | Country | e.g. PT |
country_name | String | Country name | e.g. Portugal |
first_seen | Date | First seen | |
last_seen | Date | Last seen | |
threat_actors | String | Threat actors | e.g. Emotet Group |
urls | String | IoC URLs | |
ioc_files | String | IoC Files | |
ioc_ips | String | IoC IPs | |
ioc_domains | String | IoC Domains | |
ioc_urls | String | IoC URLs | |
campaign_count | Integer | Campaign count | |
threat_actor_count | Integer | Threat actor count | |
ioc_file_count | Integer | IoC file count | |
ioc_ip_count | Integer | IoC IP count | |
ioc_domain_count | Integer | IoC domain count | |
ioc_url_count | Integer | IoC URL count | |
campaign_link | String | Campaign link | |
whois | String | WHOIS response | e.g. inetnum: 45.156.128.0 - 45.156.128.255 |
ctx_api_version | String | CTX API version | v1.1 |
txid | String | Transaction ID | e.g. ctx-transaction--9c703489-94e8-5b1a-ab47-214cef14eff5 |
result_code | Integer | Result code | e.g. 200, 400, 404 |
result_msg | String | Result message | e.g. Invalid Parameter, Data does not exist |
req_time | Date | Request time | |
resp_time | Date | Response time |