-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathSnapshot_IsItPhishing_URL_Suspisious.json
1 lines (1 loc) · 3.3 KB
/
Snapshot_IsItPhishing_URL_Suspisious.json
1
{"description": "IsItPhishing Suspicious", "schema_version": "1.0.19", "type": "investigation", "search-txt": "url:\"http://freedommms.space/demadel\"", "source": "Anastasiia Rozlyvan", "actions": "[{\"created-perf\":14179879999.999685,\"updated-perf\":14179879999.999685,\"type\":\"collect\",\"created\":\"2020-11-24T14:00:11.607Z\",\"state\":\"ok\",\"arg\":\"url:'http://freedommms.space/demadel'\",\"result\":[{\"value\":\"http://freedommms.space/demadel\",\"type\":\"url\"}],\"id\":\"collect-f45efa18\",\"uuid\":\"d3875f77-5348-4faa-bbad-550b03cbbc8b\"},{\"created-perf\":15183934999.997292,\"updated-perf\":15183934999.997292,\"type\":\"deliberate\",\"created\":\"2020-11-24T14:00:12.611Z\",\"state\":\"ok\",\"arg\":[{\"type\":\"url\",\"value\":\"http://freedommms.space/demadel\"}],\"result\":{\"data\":[{\"module\":\"AMP File Reputation\",\"module_instance_id\":\"ddcf41a2-3ecb-43e8-b5b2-0e36ad2e16f3\",\"module_type_id\":\"1898d0e8-45f7-550d-8ab5-915f064426dd\",\"data\":{\"verdicts\":{\"count\":0,\"docs\":[]}}},{\"module\":\"IsItPhishing\",\"module_instance_id\":\"ec0d130f-2b03-48fa-89de-864549ceff9f\",\"module_type_id\":\"73c4d670-963c-4ecb-82bc-bf747559c3b4\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":3,\"observable\":{\"value\":\"http://freedommms.space/demadel\",\"type\":\"url\"},\"disposition_name\":\"Suspicious\",\"valid_time\":{\"start_time\":\"2024-12-06T06:00:00.735Z\",\"end_time\":\"2024-12-13T06:00:00.735Z\"}}]}}}]},\"id\":\"deliberate-431bf6f1\",\"uuid\":\"bbefe3f7-ea3d-4049-809a-090f200a32fb\"},{\"created-perf\":16190514999.998413,\"updated-perf\":16190514999.998413,\"type\":\"investigate\",\"created\":\"2020-11-24T14:00:13.618Z\",\"state\":\"ok\",\"arg\":{\"type\":\"url\",\"value\":\"http://freedommms.space/demadel\"},\"result\":{\"data\":[{\"module\":\"urlscan. URL and website sandbox\",\"module_instance_id\":\"b158950e-9754-4e01-bc9c-4b66d241874d\",\"module_type_id\":\"a0d1f3ca-bc86-4b87-b6de-496d3c4b4d63\",\"data\":{}},{\"module\":\"IsItPhishing\",\"module_instance_id\":\"ec0d130f-2b03-48fa-89de-864549ceff9f\",\"module_type_id\":\"73c4d670-963c-4ecb-82bc-bf747559c3b4\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":3,\"observable\":{\"value\":\"http://freedommms.space/demadel\",\"type\":\"url\"},\"disposition_name\":\"Suspicious\",\"valid_time\":{\"start_time\":\"2024-12-06T06:00:00.735Z\",\"end_time\":\"2024-12-13T06:00:00.735Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-12-06T06:00:00.735Z\",\"end_time\":\"2024-12-13T06:00:00.735Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"http://freedommms.space/demadel\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"IsItPhishing\",\"disposition\":3,\"disposition_name\":\"Suspicious\",\"priority\":85,\"id\":\"transient:judgement-bcf0e901-2283-4261-b779-60ba57771d6c\",\"severity\":\"Medium\",\"confidence\":\"High\"}]}}}]},\"id\":\"investigate-dbe66399\",\"uuid\":\"0c624382-31f0-48cf-9f5a-7375503a18d0\"}]", "short_description": "Snapshot @ 20201124 14:00:35", "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-1d5ba36e-6e62-44df-b5c0-20cda3d8664b", "tlp": "amber", "groups": ["32e22c6d-7624-477e-8bbd-989c979b552e"], "timestamp": "2020-11-24T14:01:18.006Z", "owner": "9d64bbce-2e7c-43f0-b9d7-0e2fa3c2d88d"}