-{"schema_version": "1.0.23", "type": "investigation", "search-txt": "domain:\"the.omas.in\"", "source": "Anastasiia Rozlyvan", "actions": "[{\"created-perf\":14635275000.000547,\"updated-perf\":14635275000.000547,\"type\":\"collect\",\"created\":\"2020-12-18T12:31:10.826Z\",\"state\":\"ok\",\"arg\":\"the.omas.in\",\"result\":[{\"value\":\"the.omas.in\",\"type\":\"domain\"}],\"id\":\"collect-b1b61a56\",\"uuid\":\"3f7d6cd9-9a15-4300-a6be-bbcd21240d15\"},{\"created-perf\":15166535000.000294,\"updated-perf\":15166535000.000294,\"type\":\"deliberate\",\"created\":\"2020-12-18T12:31:11.358Z\",\"state\":\"ok\",\"arg\":[{\"type\":\"domain\",\"value\":\"the.omas.in\"}],\"result\":{\"data\":[{\"module\":\"AMP File Reputation\",\"module_instance_id\":\"ddcf41a2-3ecb-43e8-b5b2-0e36ad2e16f3\",\"module_type_id\":\"1898d0e8-45f7-550d-8ab5-915f064426dd\",\"data\":{\"verdicts\":{\"count\":0,\"docs\":[]}}}]},\"id\":\"deliberate-78760619\",\"uuid\":\"b7f901fd-81dc-440f-9bdd-c63be7b6ac8b\"},{\"created-perf\":16053455000.001122,\"updated-perf\":16053460000.002815,\"type\":\"investigate\",\"created\":\"2020-12-18T12:31:12.245Z\",\"state\":\"ok\",\"arg\":{\"type\":\"domain\",\"value\":\"the.omas.in\"},\"result\":{\"data\":[{\"module\":\"APIVoid\",\"module_instance_id\":\"a23ffa9e-e71e-4101-889c-7974cf8b7341\",\"module_type_id\":\"0c96e5cd-2f93-4986-8042-4e26e664a032\",\"data\":{\"indicators\":{\"count\":2,\"docs\":[{\"valid_time\":{},\"producer\":\"APIVoid\",\"schema_version\":\"1.0.17\",\"type\":\"indicator\",\"short_description\":\"Feed: Threat Sourcing\",\"title\":\"Feed: Threat Sourcing\",\"id\":\"transient:indicator-a8c36453-d9fb-5633-bba9-d899f1ffdd4d\",\"tlp\":\"white\",\"confidence\":\"High\"},{\"valid_time\":{},\"producer\":\"APIVoid\",\"schema_version\":\"1.0.17\",\"type\":\"indicator\",\"short_description\":\"Feed: CRDF\",\"title\":\"Feed: CRDF\",\"id\":\"transient:indicator-e8309f4e-fec7-58c5-8fd3-e8b373eed39f\",\"tlp\":\"white\",\"confidence\":\"High\"}]},\"relationships\":{\"count\":2,\"docs\":[{\"schema_version\":\"1.0.17\",\"target_ref\":\"transient:indicator-a8c36453-d9fb-5633-bba9-d899f1ffdd4d\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-2c63ec9a-a750-4db0-90cf-ee8e190bf6c7\",\"id\":\"transient:relationship-fdeb4da4-725f-49c1-833d-fa835e77fc5a\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.17\",\"target_ref\":\"transient:indicator-e8309f4e-fec7-58c5-8fd3-e8b373eed39f\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-ad10d812-86f3-4c18-92f7-4077f4e273bd\",\"id\":\"transient:relationship-405e36da-ea3b-4951-8923-9248f172bba2\",\"relationship_type\":\"member-of\"}]},\"sightings\":{\"count\":2,\"docs\":[{\"description\":\"Detected on blocklist\",\"schema_version\":\"1.0.17\",\"observables\":[{\"value\":\"the.omas.in\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"CRDF\",\"source_uri\":\"https://threatcenter.crdf.fr/check.html\",\"id\":\"transient:sighting-ad10d812-86f3-4c18-92f7-4077f4e273bd\",\"count\":1,\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-03-01T12:31:12.232Z\",\"end_time\":\"2024-03-01T12:31:12.232Z\"}},{\"description\":\"Detected on blocklist\",\"schema_version\":\"1.0.17\",\"observables\":[{\"value\":\"the.omas.in\",\"type\":\"domain\"}],\"type\":\"sighting\",\"source\":\"Threat Sourcing\",\"source_uri\":\"https://www.threatsourcing.com/\",\"id\":\"transient:sighting-2c63ec9a-a750-4db0-90cf-ee8e190bf6c7\",\"count\":1,\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-03-01T12:31:12.233Z\",\"end_time\":\"2024-03-01T12:31:12.233Z\"}}]}}}]},\"id\":\"investigate-3d327d64\",\"uuid\":\"f0df4cbf-3df2-4d0a-8c3a-53ace2a553d6\"}]", "short_description": "Snapshot_APIVoid_Domain", "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-7759d60a-1ba4-4b76-9d16-3b53143823be", "tlp": "amber", "groups": ["32e22c6d-7624-477e-8bbd-989c979b552e"], "timestamp": "2020-12-18T12:32:01.680Z", "owner": "9d64bbce-2e7c-43f0-b9d7-0e2fa3c2d88d"}
0 commit comments