diff --git a/Palo_Alto_Autofocus/Snapshot-with-domain.json b/Palo_Alto_Autofocus/Snapshot-with-domain.json
index ceab6698..8ba74820 100644
--- a/Palo_Alto_Autofocus/Snapshot-with-domain.json
+++ b/Palo_Alto_Autofocus/Snapshot-with-domain.json
@@ -1 +1 @@
-{"description": "Palo Alto domain", "searchHistory": {"selectedObservables": [{"uuid": "5658bb5f-6eed-4d37-8ca8-aaa152969cfb", "observable": {"key": "77f96b8d-5cfa-4c34-a4a2-8c7a9d528d78", "value": "urirmpyp.top", "indicators": [], "type": "domain", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "urirmpyp.top", "id": "9b1dda72", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "schema_version": "1.0.22", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/domain/urirmpyp.top", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a", "severity": "High", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "schema_version": "1.1.3", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=urirmpyp.top", "disposition_name": "Suspicious", "priority": 90, "id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b", "severity": "Medium", "tlp": "white", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}], "sightings": [], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "domain", "value": "urirmpyp.top", "id": "9b1dda72"}], "omittedObservables": [], "archivedObservables": [{"key": "77f96b8d-5cfa-4c34-a4a2-8c7a9d528d78", "value": "urirmpyp.top", "indicators": [], "type": "domain", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "urirmpyp.top", "id": "9b1dda72", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "schema_version": "1.0.22", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/domain/urirmpyp.top", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a", "severity": "High", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "schema_version": "1.1.3", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=urirmpyp.top", "disposition_name": "Suspicious", "priority": 90, "id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b", "severity": "Medium", "tlp": "white", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}], "sightings": [], "revListOrder": 1}]}, "schema_version": "1.1.3", "type": "investigation", "search-txt": "domain:\"urirmpyp.top\"", "source": "Test_company Company_test", "actions": "[{\"created-perf\":89844685000.13463,\"updated-perf\":89844690000.1727,\"type\":\"collect\",\"created\":\"2021-03-05T10:31:34.884Z\",\"state\":\"ok\",\"arg\":\"domain:urirmpyp.top\",\"result\":[{\"value\":\"urirmpyp.top\",\"type\":\"domain\"}],\"id\":\"collect-9b1dda72\",\"uuid\":\"8ae2af80-ab01-46c4-8d1b-ef940ebb276f\"},{\"created-perf\":91774979999.98741,\"updated-perf\":91774979999.98741,\"type\":\"investigate\",\"created\":\"2021-03-05T10:31:36.814Z\",\"state\":\"ok\",\"arg\":{\"type\":\"domain\",\"value\":\"urirmpyp.top\"},\"result\":{\"data\":[{\"module\":\"Talos Intelligence\",\"module_instance_id\":\"f14a7465-a77a-4e28-8b97-23706a56eab5\",\"module_type_id\":\"2460c99b-2f01-523b-a65d-30a3c6603245\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":3,\"observable\":{\"value\":\"urirmpyp.top\",\"type\":\"domain\"},\"judgement_id\":\"transient:7628ea48-4563-4662-a92f-ed54be4fa94b\",\"disposition_name\":\"Suspicious\",\"valid_time\":{\"start_time\":\"2024-07-19T10:31:35.235Z\",\"end_time\":\"2024-08-18T10:31:35.235Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-19T10:31:35.235Z\",\"end_time\":\"2024-08-18T10:31:35.235Z\"},\"schema_version\":\"1.1.3\",\"observable\":{\"value\":\"urirmpyp.top\",\"type\":\"domain\"},\"type\":\"judgement\",\"source\":\"Talos Intelligence\",\"disposition\":3,\"reason\":\"Low Talos Intelligence reputation score\",\"source_uri\":\"https://www.talosintelligence.com/reputation_center/lookup?search=urirmpyp.top\",\"disposition_name\":\"Suspicious\",\"priority\":90,\"id\":\"transient:7628ea48-4563-4662-a92f-ed54be4fa94b\",\"severity\":\"Medium\",\"tlp\":\"white\",\"confidence\":\"High\"}]}}},{\"module\":\"Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest\",\"module_instance_id\":\"15802a02-e1c8-499a-beb5-27a1efe71a44\",\"module_type_id\":\"79343c94-d267-4c3f-b6d3-de96871c406a\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":2,\"observable\":{\"value\":\"urirmpyp.top\",\"type\":\"domain\"},\"judgement_id\":\"transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a\",\"disposition_name\":\"Malicious\",\"valid_time\":{\"start_time\":\"2024-07-19T10:31:36.748Z\",\"end_time\":\"2024-07-26T10:31:36.748Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-19T10:31:36.748Z\",\"end_time\":\"2024-07-26T10:31:36.748Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"urirmpyp.top\",\"type\":\"domain\"},\"type\":\"judgement\",\"source\":\"Palo Alto AutoFocus\",\"disposition\":2,\"reason\":\"MALWARE in AutoFocus\",\"source_uri\":\"https://autofocus.paloaltonetworks.com/#/search/indicator/domain/urirmpyp.top\",\"disposition_name\":\"Malicious\",\"priority\":85,\"id\":\"transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a\",\"severity\":\"High\",\"confidence\":\"High\"}]}}}]},\"id\":\"investigate-9c4a7f4e\",\"uuid\":\"d1c012db-7702-4547-89f1-1e08ce0ddf58\"}]", "short_description": "Snapshot @ 20210305 10:31:47", "omittedObservables": [], "archivedObservables": [{"key": "77f96b8d-5cfa-4c34-a4a2-8c7a9d528d78", "value": "urirmpyp.top", "indicators": [], "type": "domain", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "urirmpyp.top", "id": "9b1dda72", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "schema_version": "1.0.22", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/domain/urirmpyp.top", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a", "severity": "High", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "schema_version": "1.1.3", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=urirmpyp.top", "disposition_name": "Suspicious", "priority": 90, "id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b", "severity": "Medium", "tlp": "white", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}], "sightings": [], "revListOrder": 1}], "selectedObservables": [{"uuid": "5658bb5f-6eed-4d37-8ca8-aaa152969cfb", "observable": {"key": "77f96b8d-5cfa-4c34-a4a2-8c7a9d528d78", "value": "urirmpyp.top", "indicators": [], "type": "domain", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "urirmpyp.top", "id": "9b1dda72", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "schema_version": "1.0.22", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/domain/urirmpyp.top", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a", "severity": "High", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "schema_version": "1.1.3", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=urirmpyp.top", "disposition_name": "Suspicious", "priority": 90, "id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b", "severity": "Medium", "tlp": "white", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}], "sightings": [], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "domain", "value": "urirmpyp.top", "id": "9b1dda72"}], "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-43fb4f26-6896-42b8-8657-3a952a1993fa", "tlp": "amber", "groups": ["60c63e6e-a341-4990-8da8-9d432e8be7c0"], "timestamp": "2021-03-05T10:32:03.122Z", "owner": "d67071e5-7738-49a4-b315-4117b30a086b"}
\ No newline at end of file
+{"description": "Palo Alto domain", "searchHistory": {"selectedObservables": [{"uuid": "5658bb5f-6eed-4d37-8ca8-aaa152969cfb", "observable": {"key": "77f96b8d-5cfa-4c34-a4a2-8c7a9d528d78", "value": "urirmpyp.top", "indicators": [], "type": "domain", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "urirmpyp.top", "id": "9b1dda72", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "schema_version": "1.0.22", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/domain/urirmpyp.top", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a", "severity": "High", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "schema_version": "1.1.3", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=urirmpyp.top", "disposition_name": "Suspicious", "priority": 90, "id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b", "severity": "Medium", "tlp": "white", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}], "sightings": [], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "domain", "value": "urirmpyp.top", "id": "9b1dda72"}], "omittedObservables": [], "archivedObservables": [{"key": "77f96b8d-5cfa-4c34-a4a2-8c7a9d528d78", "value": "urirmpyp.top", "indicators": [], "type": "domain", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "urirmpyp.top", "id": "9b1dda72", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "schema_version": "1.0.22", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/domain/urirmpyp.top", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a", "severity": "High", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "schema_version": "1.1.3", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=urirmpyp.top", "disposition_name": "Suspicious", "priority": 90, "id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b", "severity": "Medium", "tlp": "white", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}], "sightings": [], "revListOrder": 1}]}, "schema_version": "1.1.3", "type": "investigation", "search-txt": "domain:\"urirmpyp.top\"", "source": "Test_company Company_test", "actions": "[{\"created-perf\":89844685000.13463,\"updated-perf\":89844690000.1727,\"type\":\"collect\",\"created\":\"2021-03-05T10:31:34.884Z\",\"state\":\"ok\",\"arg\":\"domain:urirmpyp.top\",\"result\":[{\"value\":\"urirmpyp.top\",\"type\":\"domain\"}],\"id\":\"collect-9b1dda72\",\"uuid\":\"8ae2af80-ab01-46c4-8d1b-ef940ebb276f\"},{\"created-perf\":91774979999.98741,\"updated-perf\":91774979999.98741,\"type\":\"investigate\",\"created\":\"2021-03-05T10:31:36.814Z\",\"state\":\"ok\",\"arg\":{\"type\":\"domain\",\"value\":\"urirmpyp.top\"},\"result\":{\"data\":[{\"module\":\"Talos Intelligence\",\"module_instance_id\":\"f14a7465-a77a-4e28-8b97-23706a56eab5\",\"module_type_id\":\"2460c99b-2f01-523b-a65d-30a3c6603245\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":3,\"observable\":{\"value\":\"urirmpyp.top\",\"type\":\"domain\"},\"judgement_id\":\"transient:7628ea48-4563-4662-a92f-ed54be4fa94b\",\"disposition_name\":\"Suspicious\",\"valid_time\":{\"start_time\":\"2024-07-26T10:31:35.235Z\",\"end_time\":\"2024-08-25T10:31:35.235Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-26T10:31:35.235Z\",\"end_time\":\"2024-08-25T10:31:35.235Z\"},\"schema_version\":\"1.1.3\",\"observable\":{\"value\":\"urirmpyp.top\",\"type\":\"domain\"},\"type\":\"judgement\",\"source\":\"Talos Intelligence\",\"disposition\":3,\"reason\":\"Low Talos Intelligence reputation score\",\"source_uri\":\"https://www.talosintelligence.com/reputation_center/lookup?search=urirmpyp.top\",\"disposition_name\":\"Suspicious\",\"priority\":90,\"id\":\"transient:7628ea48-4563-4662-a92f-ed54be4fa94b\",\"severity\":\"Medium\",\"tlp\":\"white\",\"confidence\":\"High\"}]}}},{\"module\":\"Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest\",\"module_instance_id\":\"15802a02-e1c8-499a-beb5-27a1efe71a44\",\"module_type_id\":\"79343c94-d267-4c3f-b6d3-de96871c406a\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":2,\"observable\":{\"value\":\"urirmpyp.top\",\"type\":\"domain\"},\"judgement_id\":\"transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a\",\"disposition_name\":\"Malicious\",\"valid_time\":{\"start_time\":\"2024-07-26T10:31:36.748Z\",\"end_time\":\"2024-08-02T10:31:36.748Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-26T10:31:36.748Z\",\"end_time\":\"2024-08-02T10:31:36.748Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"urirmpyp.top\",\"type\":\"domain\"},\"type\":\"judgement\",\"source\":\"Palo Alto AutoFocus\",\"disposition\":2,\"reason\":\"MALWARE in AutoFocus\",\"source_uri\":\"https://autofocus.paloaltonetworks.com/#/search/indicator/domain/urirmpyp.top\",\"disposition_name\":\"Malicious\",\"priority\":85,\"id\":\"transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a\",\"severity\":\"High\",\"confidence\":\"High\"}]}}}]},\"id\":\"investigate-9c4a7f4e\",\"uuid\":\"d1c012db-7702-4547-89f1-1e08ce0ddf58\"}]", "short_description": "Snapshot @ 20210305 10:31:47", "omittedObservables": [], "archivedObservables": [{"key": "77f96b8d-5cfa-4c34-a4a2-8c7a9d528d78", "value": "urirmpyp.top", "indicators": [], "type": "domain", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "urirmpyp.top", "id": "9b1dda72", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "schema_version": "1.0.22", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/domain/urirmpyp.top", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a", "severity": "High", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "schema_version": "1.1.3", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=urirmpyp.top", "disposition_name": "Suspicious", "priority": 90, "id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b", "severity": "Medium", "tlp": "white", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}], "sightings": [], "revListOrder": 1}], "selectedObservables": [{"uuid": "5658bb5f-6eed-4d37-8ca8-aaa152969cfb", "observable": {"key": "77f96b8d-5cfa-4c34-a4a2-8c7a9d528d78", "value": "urirmpyp.top", "indicators": [], "type": "domain", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:9b1dda72", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "judgement_id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "urirmpyp.top", "id": "9b1dda72", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:31:36.748Z", "end_time": "2021-03-12T10:31:36.748Z"}, "schema_version": "1.0.22", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/domain/urirmpyp.top", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-645d50cd-337d-4b78-a04c-685f7590599a", "severity": "High", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:31:35.235Z", "end_time": "2021-04-04T10:31:35.235Z"}, "schema_version": "1.1.3", "observable": {"value": "urirmpyp.top", "type": "domain"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=urirmpyp.top", "disposition_name": "Suspicious", "priority": 90, "id": "transient:7628ea48-4563-4662-a92f-ed54be4fa94b", "severity": "Medium", "tlp": "white", "action": "d1c012db-7702-4547-89f1-1e08ce0ddf58", "confidence": "High"}], "sightings": [], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "domain", "value": "urirmpyp.top", "id": "9b1dda72"}], "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-43fb4f26-6896-42b8-8657-3a952a1993fa", "tlp": "amber", "groups": ["60c63e6e-a341-4990-8da8-9d432e8be7c0"], "timestamp": "2021-03-05T10:32:03.122Z", "owner": "d67071e5-7738-49a4-b315-4117b30a086b"}
\ No newline at end of file
diff --git a/Palo_Alto_Autofocus/Snapshot-with-ip.json b/Palo_Alto_Autofocus/Snapshot-with-ip.json
index c37909d5..38702fbe 100644
--- a/Palo_Alto_Autofocus/Snapshot-with-ip.json
+++ b/Palo_Alto_Autofocus/Snapshot-with-ip.json
@@ -1 +1 @@
-{"description": "Palo Alto ip", "searchHistory": {"selectedObservables": [{"uuid": "92a9ab7d-68ed-43c9-93ac-f86e87d91446", "observable": {"key": "342910f7-347d-4d0c-b4c5-7c097d023825", "value": "103.110.84.196", "indicators": [], "type": "ip", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:311e2c3c", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "judgement_id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "103.110.84.196", "id": "311e2c3c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "schema_version": "1.0.22", "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv4_address/103.110.84.196", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2", "severity": "High", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "confidence": "High"}], "sightings": [], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "ip", "value": "103.110.84.196", "id": "311e2c3c"}], "omittedObservables": [], "archivedObservables": [{"key": "342910f7-347d-4d0c-b4c5-7c097d023825", "value": "103.110.84.196", "indicators": [], "type": "ip", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:311e2c3c", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "judgement_id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "103.110.84.196", "id": "311e2c3c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "schema_version": "1.0.22", "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv4_address/103.110.84.196", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2", "severity": "High", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "confidence": "High"}], "sightings": [], "revListOrder": 1}]}, "schema_version": "1.1.3", "type": "investigation", "search-txt": "ip:\"103.110.84.196\"", "source": "Test_company Company_test", "actions": "[{\"created-perf\":7622505000.093952,\"updated-perf\":7622510000.132025,\"type\":\"collect\",\"created\":\"2021-03-05T10:34:56.842Z\",\"state\":\"ok\",\"arg\":\"ip:103.110.84.196\",\"result\":[{\"value\":\"103.110.84.196\",\"type\":\"ip\"}],\"id\":\"collect-311e2c3c\",\"uuid\":\"94215c2a-a229-4798-b239-3759fed5a9a1\"},{\"created-perf\":9517359999.9398,\"updated-perf\":9517359999.9398,\"type\":\"investigate\",\"created\":\"2021-03-05T10:34:58.737Z\",\"state\":\"ok\",\"arg\":{\"type\":\"ip\",\"value\":\"103.110.84.196\"},\"result\":{\"data\":[{\"module\":\"Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest\",\"module_instance_id\":\"15802a02-e1c8-499a-beb5-27a1efe71a44\",\"module_type_id\":\"79343c94-d267-4c3f-b6d3-de96871c406a\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":2,\"observable\":{\"value\":\"103.110.84.196\",\"type\":\"ip\"},\"judgement_id\":\"transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2\",\"disposition_name\":\"Malicious\",\"valid_time\":{\"start_time\":\"2024-07-19T10:34:58.685Z\",\"end_time\":\"2024-07-26T10:34:58.685Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-19T10:34:58.685Z\",\"end_time\":\"2024-07-26T10:34:58.685Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"103.110.84.196\",\"type\":\"ip\"},\"type\":\"judgement\",\"source\":\"Palo Alto AutoFocus\",\"disposition\":2,\"reason\":\"MALWARE in AutoFocus\",\"source_uri\":\"https://autofocus.paloaltonetworks.com/#/search/indicator/ipv4_address/103.110.84.196\",\"disposition_name\":\"Malicious\",\"priority\":85,\"id\":\"transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2\",\"severity\":\"High\",\"confidence\":\"High\"}]}}}]},\"id\":\"investigate-ec463033\",\"uuid\":\"9d4015c3-aa5d-4658-9914-bc1c8dcd032d\"}]", "short_description": "Snapshot @ 20210305 10:35:21", "omittedObservables": [], "archivedObservables": [{"key": "342910f7-347d-4d0c-b4c5-7c097d023825", "value": "103.110.84.196", "indicators": [], "type": "ip", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:311e2c3c", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "judgement_id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "103.110.84.196", "id": "311e2c3c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "schema_version": "1.0.22", "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv4_address/103.110.84.196", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2", "severity": "High", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "confidence": "High"}], "sightings": [], "revListOrder": 1}], "selectedObservables": [{"uuid": "92a9ab7d-68ed-43c9-93ac-f86e87d91446", "observable": {"key": "342910f7-347d-4d0c-b4c5-7c097d023825", "value": "103.110.84.196", "indicators": [], "type": "ip", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:311e2c3c", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "judgement_id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "103.110.84.196", "id": "311e2c3c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "schema_version": "1.0.22", "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv4_address/103.110.84.196", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2", "severity": "High", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "confidence": "High"}], "sightings": [], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "ip", "value": "103.110.84.196", "id": "311e2c3c"}], "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-18646001-117f-41d0-81d1-61b9a00a49ea", "tlp": "amber", "groups": ["60c63e6e-a341-4990-8da8-9d432e8be7c0"], "timestamp": "2021-03-05T10:35:30.768Z", "owner": "d67071e5-7738-49a4-b315-4117b30a086b"}
\ No newline at end of file
+{"description": "Palo Alto ip", "searchHistory": {"selectedObservables": [{"uuid": "92a9ab7d-68ed-43c9-93ac-f86e87d91446", "observable": {"key": "342910f7-347d-4d0c-b4c5-7c097d023825", "value": "103.110.84.196", "indicators": [], "type": "ip", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:311e2c3c", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "judgement_id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "103.110.84.196", "id": "311e2c3c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "schema_version": "1.0.22", "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv4_address/103.110.84.196", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2", "severity": "High", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "confidence": "High"}], "sightings": [], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "ip", "value": "103.110.84.196", "id": "311e2c3c"}], "omittedObservables": [], "archivedObservables": [{"key": "342910f7-347d-4d0c-b4c5-7c097d023825", "value": "103.110.84.196", "indicators": [], "type": "ip", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:311e2c3c", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "judgement_id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "103.110.84.196", "id": "311e2c3c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "schema_version": "1.0.22", "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv4_address/103.110.84.196", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2", "severity": "High", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "confidence": "High"}], "sightings": [], "revListOrder": 1}]}, "schema_version": "1.1.3", "type": "investigation", "search-txt": "ip:\"103.110.84.196\"", "source": "Test_company Company_test", "actions": "[{\"created-perf\":7622505000.093952,\"updated-perf\":7622510000.132025,\"type\":\"collect\",\"created\":\"2021-03-05T10:34:56.842Z\",\"state\":\"ok\",\"arg\":\"ip:103.110.84.196\",\"result\":[{\"value\":\"103.110.84.196\",\"type\":\"ip\"}],\"id\":\"collect-311e2c3c\",\"uuid\":\"94215c2a-a229-4798-b239-3759fed5a9a1\"},{\"created-perf\":9517359999.9398,\"updated-perf\":9517359999.9398,\"type\":\"investigate\",\"created\":\"2021-03-05T10:34:58.737Z\",\"state\":\"ok\",\"arg\":{\"type\":\"ip\",\"value\":\"103.110.84.196\"},\"result\":{\"data\":[{\"module\":\"Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest\",\"module_instance_id\":\"15802a02-e1c8-499a-beb5-27a1efe71a44\",\"module_type_id\":\"79343c94-d267-4c3f-b6d3-de96871c406a\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":2,\"observable\":{\"value\":\"103.110.84.196\",\"type\":\"ip\"},\"judgement_id\":\"transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2\",\"disposition_name\":\"Malicious\",\"valid_time\":{\"start_time\":\"2024-07-26T10:34:58.685Z\",\"end_time\":\"2024-08-02T10:34:58.685Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-26T10:34:58.685Z\",\"end_time\":\"2024-08-02T10:34:58.685Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"103.110.84.196\",\"type\":\"ip\"},\"type\":\"judgement\",\"source\":\"Palo Alto AutoFocus\",\"disposition\":2,\"reason\":\"MALWARE in AutoFocus\",\"source_uri\":\"https://autofocus.paloaltonetworks.com/#/search/indicator/ipv4_address/103.110.84.196\",\"disposition_name\":\"Malicious\",\"priority\":85,\"id\":\"transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2\",\"severity\":\"High\",\"confidence\":\"High\"}]}}}]},\"id\":\"investigate-ec463033\",\"uuid\":\"9d4015c3-aa5d-4658-9914-bc1c8dcd032d\"}]", "short_description": "Snapshot @ 20210305 10:35:21", "omittedObservables": [], "archivedObservables": [{"key": "342910f7-347d-4d0c-b4c5-7c097d023825", "value": "103.110.84.196", "indicators": [], "type": "ip", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:311e2c3c", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "judgement_id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "103.110.84.196", "id": "311e2c3c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "schema_version": "1.0.22", "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv4_address/103.110.84.196", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2", "severity": "High", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "confidence": "High"}], "sightings": [], "revListOrder": 1}], "selectedObservables": [{"uuid": "92a9ab7d-68ed-43c9-93ac-f86e87d91446", "observable": {"key": "342910f7-347d-4d0c-b4c5-7c097d023825", "value": "103.110.84.196", "indicators": [], "type": "ip", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:311e2c3c", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "judgement_id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "103.110.84.196", "id": "311e2c3c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:34:58.685Z", "end_time": "2021-03-12T10:34:58.685Z"}, "schema_version": "1.0.22", "observable": {"value": "103.110.84.196", "type": "ip"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv4_address/103.110.84.196", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-28a9685d-0690-463b-98d1-4362a4b2adc2", "severity": "High", "action": "9d4015c3-aa5d-4658-9914-bc1c8dcd032d", "confidence": "High"}], "sightings": [], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "ip", "value": "103.110.84.196", "id": "311e2c3c"}], "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-18646001-117f-41d0-81d1-61b9a00a49ea", "tlp": "amber", "groups": ["60c63e6e-a341-4990-8da8-9d432e8be7c0"], "timestamp": "2021-03-05T10:35:30.768Z", "owner": "d67071e5-7738-49a4-b315-4117b30a086b"}
\ No newline at end of file
diff --git a/Palo_Alto_Autofocus/Snapshot-with-ipv6.json b/Palo_Alto_Autofocus/Snapshot-with-ipv6.json
index b95352ef..113acc70 100644
--- a/Palo_Alto_Autofocus/Snapshot-with-ipv6.json
+++ b/Palo_Alto_Autofocus/Snapshot-with-ipv6.json
@@ -1 +1 @@
-{"description": "Palo Alto ipv6", "searchHistory": {"selectedObservables": [{"uuid": "ffde2ea5-053b-42a6-978e-9333c1086292", "observable": {"key": "6d3af18e-6169-469d-8edc-e99958c08e21", "value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "indicators": [], "type": "ipv6", "state": "investigated", "targets": [], "disposition": 1, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "verdict", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Clean", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:d2710e74", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "judgement_id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605"}], "notifications": [], "disposition_name": "Clean", "obsListSortOrder": 5, "listOrder": 0, "label": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "id": "d2710e74", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "schema_version": "1.0.22", "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "BENIGN in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv6_address/2001:db8:85a3:8d3:1319:8a2e:370:7348", "disposition_name": "Clean", "priority": 85, "id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605", "severity": "High", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "confidence": "High"}], "sightings": [], "revListOrder": 5}, "notifications": [], "disposition_name": "Clean", "disposition": 1, "type": "ipv6", "value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "id": "d2710e74"}], "omittedObservables": [], "archivedObservables": [{"key": "6d3af18e-6169-469d-8edc-e99958c08e21", "value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "indicators": [], "type": "ipv6", "state": "investigated", "targets": [], "disposition": 1, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "verdict", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Clean", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:d2710e74", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "judgement_id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605"}], "notifications": [], "disposition_name": "Clean", "obsListSortOrder": 5, "listOrder": 0, "label": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "id": "d2710e74", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "schema_version": "1.0.22", "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "BENIGN in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv6_address/2001:db8:85a3:8d3:1319:8a2e:370:7348", "disposition_name": "Clean", "priority": 85, "id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605", "severity": "High", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "confidence": "High"}], "sightings": [], "revListOrder": 5}]}, "schema_version": "1.1.3", "type": "investigation", "search-txt": "ipv6:\"2001:db8:85a3:8d3:1319:8a2e:370:7348\"", "source": "Test_company Company_test", "actions": "[{\"created-perf\":47273354999.95388,\"updated-perf\":47273354999.95388,\"type\":\"collect\",\"created\":\"2021-03-05T10:38:24.254Z\",\"state\":\"ok\",\"arg\":\"ipv6:2001:db8:85a3:8d3:1319:8a2e:370:7348\",\"result\":[{\"value\":\"2001:db8:85a3:8d3:1319:8a2e:370:7348\",\"type\":\"ipv6\"}],\"id\":\"collect-d2710e74\",\"uuid\":\"191b2054-d57c-479d-8efd-e575d96b7ad9\"},{\"created-perf\":48816484999.84294,\"updated-perf\":48816484999.84294,\"type\":\"investigate\",\"created\":\"2021-03-05T10:38:25.797Z\",\"state\":\"ok\",\"arg\":{\"type\":\"ipv6\",\"value\":\"2001:db8:85a3:8d3:1319:8a2e:370:7348\"},\"result\":{\"data\":[{\"module\":\"Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest\",\"module_instance_id\":\"15802a02-e1c8-499a-beb5-27a1efe71a44\",\"module_type_id\":\"79343c94-d267-4c3f-b6d3-de96871c406a\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":1,\"observable\":{\"value\":\"2001:db8:85a3:8d3:1319:8a2e:370:7348\",\"type\":\"ipv6\"},\"judgement_id\":\"transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605\",\"disposition_name\":\"Clean\",\"valid_time\":{\"start_time\":\"2024-07-19T10:38:25.753Z\",\"end_time\":\"2024-07-26T10:38:25.753Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-19T10:38:25.753Z\",\"end_time\":\"2024-07-26T10:38:25.753Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"2001:db8:85a3:8d3:1319:8a2e:370:7348\",\"type\":\"ipv6\"},\"type\":\"judgement\",\"source\":\"Palo Alto AutoFocus\",\"disposition\":1,\"reason\":\"BENIGN in AutoFocus\",\"source_uri\":\"https://autofocus.paloaltonetworks.com/#/search/indicator/ipv6_address/2001:db8:85a3:8d3:1319:8a2e:370:7348\",\"disposition_name\":\"Clean\",\"priority\":85,\"id\":\"transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605\",\"severity\":\"High\",\"confidence\":\"High\"}]}}}]},\"id\":\"investigate-566dfb3a\",\"uuid\":\"0b747e54-b49d-4ad8-8775-754eb3ae44ff\"}]", "short_description": "Snapshot @ 20210305 10:38:43", "omittedObservables": [], "archivedObservables": [{"key": "6d3af18e-6169-469d-8edc-e99958c08e21", "value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "indicators": [], "type": "ipv6", "state": "investigated", "targets": [], "disposition": 1, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "verdict", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Clean", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:d2710e74", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "judgement_id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605"}], "notifications": [], "disposition_name": "Clean", "obsListSortOrder": 5, "listOrder": 0, "label": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "id": "d2710e74", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "schema_version": "1.0.22", "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "BENIGN in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv6_address/2001:db8:85a3:8d3:1319:8a2e:370:7348", "disposition_name": "Clean", "priority": 85, "id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605", "severity": "High", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "confidence": "High"}], "sightings": [], "revListOrder": 5}], "selectedObservables": [{"uuid": "ffde2ea5-053b-42a6-978e-9333c1086292", "observable": {"key": "6d3af18e-6169-469d-8edc-e99958c08e21", "value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "indicators": [], "type": "ipv6", "state": "investigated", "targets": [], "disposition": 1, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "verdict", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Clean", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:d2710e74", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "judgement_id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605"}], "notifications": [], "disposition_name": "Clean", "obsListSortOrder": 5, "listOrder": 0, "label": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "id": "d2710e74", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "schema_version": "1.0.22", "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "BENIGN in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv6_address/2001:db8:85a3:8d3:1319:8a2e:370:7348", "disposition_name": "Clean", "priority": 85, "id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605", "severity": "High", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "confidence": "High"}], "sightings": [], "revListOrder": 5}, "notifications": [], "disposition_name": "Clean", "disposition": 1, "type": "ipv6", "value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "id": "d2710e74"}], "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-874b1b16-e430-49f6-83b6-5e7e705058b8", "tlp": "amber", "groups": ["60c63e6e-a341-4990-8da8-9d432e8be7c0"], "timestamp": "2021-03-05T10:38:57.022Z", "owner": "d67071e5-7738-49a4-b315-4117b30a086b"}
\ No newline at end of file
+{"description": "Palo Alto ipv6", "searchHistory": {"selectedObservables": [{"uuid": "ffde2ea5-053b-42a6-978e-9333c1086292", "observable": {"key": "6d3af18e-6169-469d-8edc-e99958c08e21", "value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "indicators": [], "type": "ipv6", "state": "investigated", "targets": [], "disposition": 1, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "verdict", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Clean", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:d2710e74", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "judgement_id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605"}], "notifications": [], "disposition_name": "Clean", "obsListSortOrder": 5, "listOrder": 0, "label": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "id": "d2710e74", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "schema_version": "1.0.22", "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "BENIGN in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv6_address/2001:db8:85a3:8d3:1319:8a2e:370:7348", "disposition_name": "Clean", "priority": 85, "id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605", "severity": "High", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "confidence": "High"}], "sightings": [], "revListOrder": 5}, "notifications": [], "disposition_name": "Clean", "disposition": 1, "type": "ipv6", "value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "id": "d2710e74"}], "omittedObservables": [], "archivedObservables": [{"key": "6d3af18e-6169-469d-8edc-e99958c08e21", "value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "indicators": [], "type": "ipv6", "state": "investigated", "targets": [], "disposition": 1, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "verdict", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Clean", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:d2710e74", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "judgement_id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605"}], "notifications": [], "disposition_name": "Clean", "obsListSortOrder": 5, "listOrder": 0, "label": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "id": "d2710e74", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "schema_version": "1.0.22", "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "BENIGN in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv6_address/2001:db8:85a3:8d3:1319:8a2e:370:7348", "disposition_name": "Clean", "priority": 85, "id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605", "severity": "High", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "confidence": "High"}], "sightings": [], "revListOrder": 5}]}, "schema_version": "1.1.3", "type": "investigation", "search-txt": "ipv6:\"2001:db8:85a3:8d3:1319:8a2e:370:7348\"", "source": "Test_company Company_test", "actions": "[{\"created-perf\":47273354999.95388,\"updated-perf\":47273354999.95388,\"type\":\"collect\",\"created\":\"2021-03-05T10:38:24.254Z\",\"state\":\"ok\",\"arg\":\"ipv6:2001:db8:85a3:8d3:1319:8a2e:370:7348\",\"result\":[{\"value\":\"2001:db8:85a3:8d3:1319:8a2e:370:7348\",\"type\":\"ipv6\"}],\"id\":\"collect-d2710e74\",\"uuid\":\"191b2054-d57c-479d-8efd-e575d96b7ad9\"},{\"created-perf\":48816484999.84294,\"updated-perf\":48816484999.84294,\"type\":\"investigate\",\"created\":\"2021-03-05T10:38:25.797Z\",\"state\":\"ok\",\"arg\":{\"type\":\"ipv6\",\"value\":\"2001:db8:85a3:8d3:1319:8a2e:370:7348\"},\"result\":{\"data\":[{\"module\":\"Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest\",\"module_instance_id\":\"15802a02-e1c8-499a-beb5-27a1efe71a44\",\"module_type_id\":\"79343c94-d267-4c3f-b6d3-de96871c406a\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":1,\"observable\":{\"value\":\"2001:db8:85a3:8d3:1319:8a2e:370:7348\",\"type\":\"ipv6\"},\"judgement_id\":\"transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605\",\"disposition_name\":\"Clean\",\"valid_time\":{\"start_time\":\"2024-07-26T10:38:25.753Z\",\"end_time\":\"2024-08-02T10:38:25.753Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-26T10:38:25.753Z\",\"end_time\":\"2024-08-02T10:38:25.753Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"2001:db8:85a3:8d3:1319:8a2e:370:7348\",\"type\":\"ipv6\"},\"type\":\"judgement\",\"source\":\"Palo Alto AutoFocus\",\"disposition\":1,\"reason\":\"BENIGN in AutoFocus\",\"source_uri\":\"https://autofocus.paloaltonetworks.com/#/search/indicator/ipv6_address/2001:db8:85a3:8d3:1319:8a2e:370:7348\",\"disposition_name\":\"Clean\",\"priority\":85,\"id\":\"transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605\",\"severity\":\"High\",\"confidence\":\"High\"}]}}}]},\"id\":\"investigate-566dfb3a\",\"uuid\":\"0b747e54-b49d-4ad8-8775-754eb3ae44ff\"}]", "short_description": "Snapshot @ 20210305 10:38:43", "omittedObservables": [], "archivedObservables": [{"key": "6d3af18e-6169-469d-8edc-e99958c08e21", "value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "indicators": [], "type": "ipv6", "state": "investigated", "targets": [], "disposition": 1, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "verdict", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Clean", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:d2710e74", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "judgement_id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605"}], "notifications": [], "disposition_name": "Clean", "obsListSortOrder": 5, "listOrder": 0, "label": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "id": "d2710e74", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "schema_version": "1.0.22", "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "BENIGN in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv6_address/2001:db8:85a3:8d3:1319:8a2e:370:7348", "disposition_name": "Clean", "priority": 85, "id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605", "severity": "High", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "confidence": "High"}], "sightings": [], "revListOrder": 5}], "selectedObservables": [{"uuid": "ffde2ea5-053b-42a6-978e-9333c1086292", "observable": {"key": "6d3af18e-6169-469d-8edc-e99958c08e21", "value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "indicators": [], "type": "ipv6", "state": "investigated", "targets": [], "disposition": 1, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "verdict", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Clean", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:d2710e74", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "judgement_id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605"}], "notifications": [], "disposition_name": "Clean", "obsListSortOrder": 5, "listOrder": 0, "label": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "id": "d2710e74", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:38:25.753Z", "end_time": "2021-03-12T10:38:25.753Z"}, "schema_version": "1.0.22", "observable": {"value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "type": "ipv6"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 1, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "BENIGN in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/ipv6_address/2001:db8:85a3:8d3:1319:8a2e:370:7348", "disposition_name": "Clean", "priority": 85, "id": "transient:judgement-3e841c7a-d9f4-486a-994b-3489f14f6605", "severity": "High", "action": "0b747e54-b49d-4ad8-8775-754eb3ae44ff", "confidence": "High"}], "sightings": [], "revListOrder": 5}, "notifications": [], "disposition_name": "Clean", "disposition": 1, "type": "ipv6", "value": "2001:db8:85a3:8d3:1319:8a2e:370:7348", "id": "d2710e74"}], "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-874b1b16-e430-49f6-83b6-5e7e705058b8", "tlp": "amber", "groups": ["60c63e6e-a341-4990-8da8-9d432e8be7c0"], "timestamp": "2021-03-05T10:38:57.022Z", "owner": "d67071e5-7738-49a4-b315-4117b30a086b"}
\ No newline at end of file
diff --git a/Palo_Alto_Autofocus/Snapshot-with-sha256.json b/Palo_Alto_Autofocus/Snapshot-with-sha256.json
index 50aa80a7..c4d6dcac 100644
--- a/Palo_Alto_Autofocus/Snapshot-with-sha256.json
+++ b/Palo_Alto_Autofocus/Snapshot-with-sha256.json
@@ -1 +1 @@
-{"description": "Palo Alto sha-256", "searchHistory": {"selectedObservables": [{"uuid": "72ace5b0-7172-439e-afe1-33cee137a5d0", "observable": {"key": "8b6f5c4e-2d14-4257-b8b2-b20341f9cef8", "value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "indicators": [], "type": "sha256", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "judgement_id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "disposition_name": "Malicious", "id": "verdict:AMP File Reputation:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "id": "f5be0d0c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.0.22", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "GRAYWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/sha256/7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "disposition_name": "Suspicious", "priority": 85, "id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877", "severity": "High", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.1.3", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "AMP Protect DB", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "reason": "AMP ProtectDB Conviction", "disposition_name": "Malicious", "priority": 90, "id": "transient:1ee760b0-a07f-4c0d-98ea-8dee9d7d6581", "severity": "High", "tlp": "amber", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}], "sightings": [], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "sha256", "value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "id": "f5be0d0c"}], "omittedObservables": [], "archivedObservables": [{"key": "8b6f5c4e-2d14-4257-b8b2-b20341f9cef8", "value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "indicators": [], "type": "sha256", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "judgement_id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "disposition_name": "Malicious", "id": "verdict:AMP File Reputation:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "id": "f5be0d0c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.0.22", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "GRAYWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/sha256/7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "disposition_name": "Suspicious", "priority": 85, "id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877", "severity": "High", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.1.3", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "AMP Protect DB", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "reason": "AMP ProtectDB Conviction", "disposition_name": "Malicious", "priority": 90, "id": "transient:1ee760b0-a07f-4c0d-98ea-8dee9d7d6581", "severity": "High", "tlp": "amber", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}], "sightings": [], "revListOrder": 1}]}, "schema_version": "1.1.3", "type": "investigation", "search-txt": "sha256:\"7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\"", "source": "Test_company Company_test", "actions": "[{\"created-perf\":17939685000.106693,\"updated-perf\":17939695000.18284,\"type\":\"collect\",\"created\":\"2021-03-05T10:40:16.273Z\",\"state\":\"ok\",\"arg\":\"sha256:7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\",\"result\":[{\"value\":\"7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\",\"type\":\"sha256\"}],\"id\":\"collect-f5be0d0c\",\"uuid\":\"2c21a88d-89e9-4fd5-b2ab-686aecdaacf1\"},{\"created-perf\":19711345000.192524,\"updated-perf\":19711345000.192524,\"type\":\"investigate\",\"created\":\"2021-03-05T10:40:18.045Z\",\"state\":\"ok\",\"arg\":{\"type\":\"sha256\",\"value\":\"7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\"},\"result\":{\"data\":[{\"module\":\"AMP File Reputation\",\"module_instance_id\":\"ddcf41a2-3ecb-43e8-b5b2-0e36ad2e16f3\",\"module_type_id\":\"1898d0e8-45f7-550d-8ab5-915f064426dd\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":2,\"observable\":{\"value\":\"7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\",\"type\":\"sha256\"},\"disposition_name\":\"Malicious\",\"valid_time\":{\"start_time\":\"2024-07-19T10:40:16.698Z\",\"end_time\":\"2528-05-17T00:00:00.000Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-19T10:40:16.698Z\",\"end_time\":\"2528-05-17T00:00:00.000Z\"},\"schema_version\":\"1.1.3\",\"observable\":{\"value\":\"7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\",\"type\":\"sha256\"},\"type\":\"judgement\",\"source\":\"AMP Protect DB\",\"disposition\":2,\"reason\":\"AMP ProtectDB Conviction\",\"disposition_name\":\"Malicious\",\"priority\":90,\"id\":\"transient:1ee760b0-a07f-4c0d-98ea-8dee9d7d6581\",\"severity\":\"High\",\"tlp\":\"amber\",\"confidence\":\"High\"}]}}},{\"module\":\"Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest\",\"module_instance_id\":\"15802a02-e1c8-499a-beb5-27a1efe71a44\",\"module_type_id\":\"79343c94-d267-4c3f-b6d3-de96871c406a\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":3,\"observable\":{\"value\":\"7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\",\"type\":\"sha256\"},\"judgement_id\":\"transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877\",\"disposition_name\":\"Suspicious\",\"valid_time\":{\"start_time\":\"2024-07-19T10:40:18.001Z\",\"end_time\":\"2528-05-17T00:00:00.000Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-19T10:40:18.001Z\",\"end_time\":\"2528-05-17T00:00:00.000Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\",\"type\":\"sha256\"},\"type\":\"judgement\",\"source\":\"Palo Alto AutoFocus\",\"disposition\":3,\"reason\":\"GRAYWARE in AutoFocus\",\"source_uri\":\"https://autofocus.paloaltonetworks.com/#/search/indicator/sha256/7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\",\"disposition_name\":\"Suspicious\",\"priority\":85,\"id\":\"transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877\",\"severity\":\"High\",\"confidence\":\"High\"}]}}}]},\"id\":\"investigate-de05c691\",\"uuid\":\"6a492b35-3201-4758-8a9b-2c74e72e0c76\"}]", "short_description": "Snapshot @ 20210305 10:40:22", "omittedObservables": [], "archivedObservables": [{"key": "8b6f5c4e-2d14-4257-b8b2-b20341f9cef8", "value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "indicators": [], "type": "sha256", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "judgement_id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "disposition_name": "Malicious", "id": "verdict:AMP File Reputation:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "id": "f5be0d0c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.0.22", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "GRAYWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/sha256/7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "disposition_name": "Suspicious", "priority": 85, "id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877", "severity": "High", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.1.3", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "AMP Protect DB", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "reason": "AMP ProtectDB Conviction", "disposition_name": "Malicious", "priority": 90, "id": "transient:1ee760b0-a07f-4c0d-98ea-8dee9d7d6581", "severity": "High", "tlp": "amber", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}], "sightings": [], "revListOrder": 1}], "selectedObservables": [{"uuid": "72ace5b0-7172-439e-afe1-33cee137a5d0", "observable": {"key": "8b6f5c4e-2d14-4257-b8b2-b20341f9cef8", "value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "indicators": [], "type": "sha256", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "judgement_id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "disposition_name": "Malicious", "id": "verdict:AMP File Reputation:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "id": "f5be0d0c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.0.22", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "GRAYWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/sha256/7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "disposition_name": "Suspicious", "priority": 85, "id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877", "severity": "High", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.1.3", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "AMP Protect DB", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "reason": "AMP ProtectDB Conviction", "disposition_name": "Malicious", "priority": 90, "id": "transient:1ee760b0-a07f-4c0d-98ea-8dee9d7d6581", "severity": "High", "tlp": "amber", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}], "sightings": [], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "sha256", "value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "id": "f5be0d0c"}], "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-1fb9f165-a830-428c-9d28-ca6bd1865083", "tlp": "amber", "groups": ["60c63e6e-a341-4990-8da8-9d432e8be7c0"], "timestamp": "2021-03-05T10:40:45.391Z", "owner": "d67071e5-7738-49a4-b315-4117b30a086b"}
\ No newline at end of file
+{"description": "Palo Alto sha-256", "searchHistory": {"selectedObservables": [{"uuid": "72ace5b0-7172-439e-afe1-33cee137a5d0", "observable": {"key": "8b6f5c4e-2d14-4257-b8b2-b20341f9cef8", "value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "indicators": [], "type": "sha256", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "judgement_id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "disposition_name": "Malicious", "id": "verdict:AMP File Reputation:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "id": "f5be0d0c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.0.22", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "GRAYWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/sha256/7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "disposition_name": "Suspicious", "priority": 85, "id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877", "severity": "High", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.1.3", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "AMP Protect DB", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "reason": "AMP ProtectDB Conviction", "disposition_name": "Malicious", "priority": 90, "id": "transient:1ee760b0-a07f-4c0d-98ea-8dee9d7d6581", "severity": "High", "tlp": "amber", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}], "sightings": [], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "sha256", "value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "id": "f5be0d0c"}], "omittedObservables": [], "archivedObservables": [{"key": "8b6f5c4e-2d14-4257-b8b2-b20341f9cef8", "value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "indicators": [], "type": "sha256", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "judgement_id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "disposition_name": "Malicious", "id": "verdict:AMP File Reputation:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "id": "f5be0d0c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.0.22", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "GRAYWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/sha256/7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "disposition_name": "Suspicious", "priority": 85, "id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877", "severity": "High", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.1.3", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "AMP Protect DB", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "reason": "AMP ProtectDB Conviction", "disposition_name": "Malicious", "priority": 90, "id": "transient:1ee760b0-a07f-4c0d-98ea-8dee9d7d6581", "severity": "High", "tlp": "amber", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}], "sightings": [], "revListOrder": 1}]}, "schema_version": "1.1.3", "type": "investigation", "search-txt": "sha256:\"7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\"", "source": "Test_company Company_test", "actions": "[{\"created-perf\":17939685000.106693,\"updated-perf\":17939695000.18284,\"type\":\"collect\",\"created\":\"2021-03-05T10:40:16.273Z\",\"state\":\"ok\",\"arg\":\"sha256:7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\",\"result\":[{\"value\":\"7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\",\"type\":\"sha256\"}],\"id\":\"collect-f5be0d0c\",\"uuid\":\"2c21a88d-89e9-4fd5-b2ab-686aecdaacf1\"},{\"created-perf\":19711345000.192524,\"updated-perf\":19711345000.192524,\"type\":\"investigate\",\"created\":\"2021-03-05T10:40:18.045Z\",\"state\":\"ok\",\"arg\":{\"type\":\"sha256\",\"value\":\"7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\"},\"result\":{\"data\":[{\"module\":\"AMP File Reputation\",\"module_instance_id\":\"ddcf41a2-3ecb-43e8-b5b2-0e36ad2e16f3\",\"module_type_id\":\"1898d0e8-45f7-550d-8ab5-915f064426dd\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":2,\"observable\":{\"value\":\"7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\",\"type\":\"sha256\"},\"disposition_name\":\"Malicious\",\"valid_time\":{\"start_time\":\"2024-07-26T10:40:16.698Z\",\"end_time\":\"2528-05-24T00:00:00.000Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-26T10:40:16.698Z\",\"end_time\":\"2528-05-24T00:00:00.000Z\"},\"schema_version\":\"1.1.3\",\"observable\":{\"value\":\"7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\",\"type\":\"sha256\"},\"type\":\"judgement\",\"source\":\"AMP Protect DB\",\"disposition\":2,\"reason\":\"AMP ProtectDB Conviction\",\"disposition_name\":\"Malicious\",\"priority\":90,\"id\":\"transient:1ee760b0-a07f-4c0d-98ea-8dee9d7d6581\",\"severity\":\"High\",\"tlp\":\"amber\",\"confidence\":\"High\"}]}}},{\"module\":\"Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest\",\"module_instance_id\":\"15802a02-e1c8-499a-beb5-27a1efe71a44\",\"module_type_id\":\"79343c94-d267-4c3f-b6d3-de96871c406a\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":3,\"observable\":{\"value\":\"7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\",\"type\":\"sha256\"},\"judgement_id\":\"transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877\",\"disposition_name\":\"Suspicious\",\"valid_time\":{\"start_time\":\"2024-07-26T10:40:18.001Z\",\"end_time\":\"2528-05-24T00:00:00.000Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-26T10:40:18.001Z\",\"end_time\":\"2528-05-24T00:00:00.000Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\",\"type\":\"sha256\"},\"type\":\"judgement\",\"source\":\"Palo Alto AutoFocus\",\"disposition\":3,\"reason\":\"GRAYWARE in AutoFocus\",\"source_uri\":\"https://autofocus.paloaltonetworks.com/#/search/indicator/sha256/7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b\",\"disposition_name\":\"Suspicious\",\"priority\":85,\"id\":\"transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877\",\"severity\":\"High\",\"confidence\":\"High\"}]}}}]},\"id\":\"investigate-de05c691\",\"uuid\":\"6a492b35-3201-4758-8a9b-2c74e72e0c76\"}]", "short_description": "Snapshot @ 20210305 10:40:22", "omittedObservables": [], "archivedObservables": [{"key": "8b6f5c4e-2d14-4257-b8b2-b20341f9cef8", "value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "indicators": [], "type": "sha256", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "judgement_id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "disposition_name": "Malicious", "id": "verdict:AMP File Reputation:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "id": "f5be0d0c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.0.22", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "GRAYWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/sha256/7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "disposition_name": "Suspicious", "priority": 85, "id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877", "severity": "High", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.1.3", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "AMP Protect DB", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "reason": "AMP ProtectDB Conviction", "disposition_name": "Malicious", "priority": 90, "id": "transient:1ee760b0-a07f-4c0d-98ea-8dee9d7d6581", "severity": "High", "tlp": "amber", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}], "sightings": [], "revListOrder": 1}], "selectedObservables": [{"uuid": "72ace5b0-7172-439e-afe1-33cee137a5d0", "observable": {"key": "8b6f5c4e-2d14-4257-b8b2-b20341f9cef8", "value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "indicators": [], "type": "sha256", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "judgement_id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "verdict", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "disposition_name": "Malicious", "id": "verdict:AMP File Reputation:f5be0d0c", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "id": "f5be0d0c", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:40:18.001Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.0.22", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 3, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "GRAYWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/sha256/7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "disposition_name": "Suspicious", "priority": 85, "id": "transient:judgement-096ebfe7-946a-4d8c-aea2-ac3102cda877", "severity": "High", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:40:16.698Z", "end_time": "2525-01-01T00:00:00.000Z"}, "schema_version": "1.1.3", "observable": {"value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "type": "sha256"}, "type": "judgement", "source": "AMP Protect DB", "disposition": 2, "module": "AMP File Reputation", "module-type": null, "reason": "AMP ProtectDB Conviction", "disposition_name": "Malicious", "priority": 90, "id": "transient:1ee760b0-a07f-4c0d-98ea-8dee9d7d6581", "severity": "High", "tlp": "amber", "action": "6a492b35-3201-4758-8a9b-2c74e72e0c76", "confidence": "High"}], "sightings": [], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "sha256", "value": "7fa2c54d7dabb0503d75bdd13cc4d6a6520516a990fb7879ae052bad9520763b", "id": "f5be0d0c"}], "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-1fb9f165-a830-428c-9d28-ca6bd1865083", "tlp": "amber", "groups": ["60c63e6e-a341-4990-8da8-9d432e8be7c0"], "timestamp": "2021-03-05T10:40:45.391Z", "owner": "d67071e5-7738-49a4-b315-4117b30a086b"}
\ No newline at end of file
diff --git a/Palo_Alto_Autofocus/Snapshot-with-url.json b/Palo_Alto_Autofocus/Snapshot-with-url.json
index 4dc96625..cc59c822 100644
--- a/Palo_Alto_Autofocus/Snapshot-with-url.json
+++ b/Palo_Alto_Autofocus/Snapshot-with-url.json
@@ -1 +1 @@
-{"description": "Palo Alto url", "searchHistory": {"selectedObservables": [{"uuid": "9d3d1b62-4702-4c98-9e11-4283b9accd97", "observable": {"key": "ce8f0870-1456-41ff-889e-7ce2ffbe9721", "value": "http://0win365.com/wp-admin/sites/", "indicators": [{"description": "URLhaus is a project operated by abuse.ch with thepurpose of sharing malicious URLs that are being usedfor malware distribution.", "valid_time": {"start_time": "2020-08-06T03:42:26.362Z", "end_time": "2525-01-01T00:00:00.000Z"}, "producer": "Abuse.ch", "schema_version": "1.0.16", "type": "indicator", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-495e8322a86ba11f771a0fa1a4c8dc2680559eea453c99382588830fe5eb8718"], "short_description": "Abuse.ch URLhaus Malware URL Exchange", "title": "Abuse.ch URLhaus DB Feed", "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-06T04:36:09.833Z"}], "type": "url", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "http://0win365.com/wp-admin/sites/", "id": "1bac5cca", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "schema_version": "1.0.22", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/url/http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F/summary", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881", "severity": "High", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "schema_version": "1.1.3", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F", "disposition_name": "Suspicious", "priority": 90, "id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8", "severity": "Medium", "tlp": "white", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-27T03:42:23.679Z", "end_time": "2020-09-26T03:42:23.679Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0c9a87422c7833ee49035928c849f9636968992e094322e803d33ffb3ec1b419"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0f4ea20e-605c-4089-910c-bab8f7025843", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-13T03:42:15.863Z", "end_time": "2020-10-13T03:42:15.863Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0ba84d907a0a309b0e65a87aea46a5ea56a5fbbb5a1b6699780473c84f7b701b"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-dd2ea1df-c35f-4179-badd-de8a6eeea695", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-11T03:44:06.846Z", "end_time": "2020-10-11T03:44:06.846Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cf0c4fb472d41c3c49288e2a5b78ce5277732e4d03fa137c04861cb035117c8f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-77d73961-0cac-4640-b5d4-e1d3a74f7456", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-09T03:44:11.567Z", "end_time": "2020-10-09T03:44:11.567Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4df6110cd7b8f0b4a7b487b6239c0b7d40853404e9bdd6c17d343ce231772db8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f7a88969-e90f-4297-8dbf-7356b802fff1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-30T03:42:16.197Z", "end_time": "2020-09-29T03:42:16.197Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c2e2dbb2ce411c484fa7d5bcfa39589b5ef9c83295c815a5110b6d854a1d946d"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-9bf5aa39-28df-46b3-9a21-6175356911d5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-26T03:42:21.692Z", "end_time": "2020-09-25T03:42:21.692Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a2670912ec05f302c51e0e48d6e2cc9b9ea4a7b076a46ba205f716ee69086539"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-50b88817-cd08-48af-bd16-86dee2af8520", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-18T03:42:16.304Z", "end_time": "2020-09-17T03:42:16.304Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a9bec042ce0bfa3ad7fec262fd5a810ef3d1044a38df3a691c3ddddf99e4e54f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b7e28f6c-c16c-46e4-bc5c-c29a1349c006", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-05T03:42:13.794Z", "end_time": "2020-10-05T03:42:13.794Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-92aaeab133a2671f2b2560f3f36123e4242e2652abd0be54e6b7ab36b6fa5a74"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0bc944d3-70ee-4ade-8100-00c8954513b4", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-20T03:42:18.290Z", "end_time": "2020-09-19T03:42:18.290Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0b49c77e991bd3dae139e0d0003d0ccc64ac28b9fb530f4d65193187bc7c257f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-38b5af39-5fa4-4b7d-b5c9-565b5563632a", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-29T03:42:17.844Z", "end_time": "2020-09-28T03:42:17.844Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2d6d243a94aba36a312f7a3bba47821d2be0534ce40a14254eef0173f48dd739"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-456759c9-0387-4530-bce3-bf148c3b8594", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-10T03:44:07.777Z", "end_time": "2020-10-10T03:44:07.777Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d57ecdbd717fcf95bd7afa03ec497a62a5de738108b686bad476d2152289c8fe"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b5bb11be-1742-4b0c-93ce-fc2547e02d1b", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-02T03:42:19.580Z", "end_time": "2020-10-02T03:42:19.580Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-097f1439cfd0002db60be0543f5c60218741bb4c829ddc2aee8d1277a1bbae76"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-e804c536-3031-4dc0-9d7c-f13df622837f", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-14T03:44:11.699Z", "end_time": "2020-10-14T03:44:11.699Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d52ac55cd2579fa04ffb2ceb16b8923ca01ff3e1c30838ab7534580a2fac42a6"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-88588aef-2ade-4a31-93d7-c2e36b0d4034", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-08T03:44:09.487Z", "end_time": "2020-10-08T03:44:09.487Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-db1ae1eca16aeb5256b2ce1c8743c60bbc0c683cd63802b477055835ac61d599"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fedb9822-599d-4fb0-b468-be0f862103d9", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-25T03:42:20.275Z", "end_time": "2020-09-24T03:42:20.275Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0a0237d5d3def521eeb5f95e46867feb47f3a35eac7922c8a9a4e1b4598de73e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-4a7eae43-7ee1-41f6-bbe9-5f243c62debe", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-06T03:44:04.841Z", "end_time": "2020-10-06T03:44:04.841Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3563b7e120ccdbfa13eb93876dce997382f8f5bd1d3d7fb479516a5572cdf760"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8807d8e0-373f-4d9c-a1c3-5cced0f07d8c", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-04T03:44:05.365Z", "end_time": "2020-10-04T03:44:05.365Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bea9e6709f8925ffabda87dd03ec3c2965e1968d045e2a9ad3029a31e65b1187"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-27134e8d-b3e9-4ffa-b8f2-5c2387f1d9a2", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-03T03:42:17.572Z", "end_time": "2020-10-03T03:42:17.572Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-95728fa592a408b8d172655bf6ffbdb82e8560fc32f0dffa17497916f82e7aab"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-05917599-b89e-44fd-ad38-c0ca86c55284", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-15T03:44:07.613Z", "end_time": "2020-10-15T03:44:07.613Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c194e629581c938811c02963758d8a267fc64084c057302ac5b71b00209f7ff8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-24a2b6ef-eaca-42bc-8b72-10939e82a5e5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-01T03:42:17.484Z", "end_time": "2020-10-01T03:42:17.484Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-061613d6bc4db484985687c0d132d3b0ec9765fbe78e438cbf60c5b4b05f0820"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8d79391f-ccce-4370-b2de-3a9ba3ba5223", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-07T03:44:09.031Z", "end_time": "2020-10-07T03:44:09.031Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-9d8ce679c673e9dc14068827ede03d0855245552c371c2eb5b17eed8891dc89a"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f41eaef8-6681-4453-bc18-e761dbaf1188", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-12T03:44:07.198Z", "end_time": "2020-10-12T03:44:07.198Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-abe595e32c080b469c305e0ad7d1a62121fdf768d1ed79cea114a6ba07229de8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-78f51b61-921e-4da7-8c8e-baccf7eea503", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-16T03:44:03.541Z", "end_time": "2020-10-16T03:44:03.541Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7c49c163daa78d00b9f5a92e7db3b77975ffe590c2bf014a9f356a110359d1e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b4a27d52-4b30-4e47-979d-e840e1f0b123", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-24T03:42:19.035Z", "end_time": "2020-09-23T03:42:19.035Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-37e10fd140dde5516c179fe87a6c2a7e9fba2f06622f7e84f38be61f196880e7"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fa98a557-4038-46da-b484-c06f8ff26cba", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-22T03:42:20.082Z", "end_time": "2020-09-21T03:42:20.082Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f6d53a24e78217737a3f7f1afedd43c980708649d5dbeeea891809f5360146d9"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8371f552-8047-481f-b6f0-5c127e265a50", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-21T03:42:17.195Z", "end_time": "2020-09-20T03:42:17.195Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f432a7f6a8c7bf5ce5eee3e0726519fc4e9e2af318952e4b9af219a11c6a1baa"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-344e2d02-b1fc-4a1e-96fd-a792382e82d1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-23T03:42:14.255Z", "end_time": "2020-09-22T03:42:14.255Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b5b21d47f50dc2cbb50381f869dc39f2c3eb809e745f5544d168b350872dd9e0"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-bf037577-c045-410c-a711-ae9fccdc86c1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-19T03:42:17.389Z", "end_time": "2020-09-18T03:42:17.389Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c1080f31bc1a4986a1ad87a9c2ca65b066fd312218ab12442fffebad88a0e25c"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-3e1fbc4b-87d9-495c-9201-d2873a82e7a3", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-28T03:42:14.950Z", "end_time": "2020-09-27T03:42:14.950Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-1ea4a178ac57556b3ea8922a5678f8982f34391ed4628f01cbb0d91c201e027f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-690c5818-d742-4a4a-9090-59b5f4f4a7d7", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-31T03:42:19.101Z", "end_time": "2020-09-30T03:42:19.101Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-174820c73e61c6a34d745c20c4841bd7912417c1f8114d2cd6bc42da35540162"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-a9f6c620-8ea8-4d02-ab62-8843a382b949", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High"}], "sightings": [{"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-e9979ee698bba926de30c903b825044bdb6fb6fbb0f7a4a28da470b07e167f68"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-dab40bc7-359a-4ece-8c85-18b269ef50f5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High", "observed_time": {"start_time": "2020-08-22T03:42:20.082Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bb2e5c7fa59980443bf24e1b5f59271a4880257cc4f475f3066f7862cde7cf96"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ffc75cf7-1793-4ee1-a8d6-afaa81926b62", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High", "observed_time": {"start_time": "2020-09-07T03:44:09.031Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-7705128231e9ba796191bbf0908f6299a4eed20dcdc0d88630ce60919fe1d8aa"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-2112dc04-e8d1-4090-97f2-cfe6a0807712", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High", "observed_time": {"start_time": "2020-09-11T03:44:06.846Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-444cde78bbe44723f6a35f2ff7515bedc9ff63737335575be086221eb4f6c333"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-177ad514-08af-4f0a-b1bc-a1c062a59e5f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High", "observed_time": {"start_time": "2020-09-05T03:42:13.794Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2196aeefea16b8e3dda0d6b7f2e28859a52735872ba7aa3852c53962f7817e1e"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-f073d02b-73d8-46d8-a079-cb818301c19e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High", "observed_time": {"start_time": "2020-08-31T03:42:19.101Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-561a01fc837a7202f65757d77406ec7a7ae4fa570d0a98ea680b350965f86871"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-12621160-29d0-4f0b-95a9-14b9c0f4d46f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High", "observed_time": {"start_time": "2020-08-21T03:42:17.195Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ceb72ba9c47a916b4cc26114a5b73013d2f669f6d5e80f20e3496be3c756b307"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-e43d7ca8-11c0-473c-870f-970fc460c361", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High", "observed_time": {"start_time": "2020-09-16T03:44:03.541Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c43d3c3492838fde791edeeac428f779750aeb9aea450221ba1b3599f5d62606"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-a74ae08c-ceae-4de9-9429-7f1bdcdef394", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High", "observed_time": {"start_time": "2020-09-15T03:44:07.613Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6b6b2bbea6523155c38f4bd60182a11e853a941a098612f46e8a4ff2cf9d1403"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-993a3f14-eb9e-40f6-87a0-b713e2e8dbec", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High", "observed_time": {"start_time": "2020-09-09T03:44:11.567Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-fc4d14e9d9c06a67af99b34dfbd276fdc1ae4fbe26b6e0449a53100c50b39f8c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5bc7df70-2b0c-4cc8-9ed0-69c3e5d0284b", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High", "observed_time": {"start_time": "2020-08-19T03:42:17.389Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8d6133774a33636b52c44c349c4e0c7f68d16c9eaaa7b858c33975c38388ed9c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-232b63cf-2225-420d-95c8-fe2e54b54a55", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High", "observed_time": {"start_time": "2020-09-13T03:42:15.863Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a4b0f0059823c1c51ff32370f5d024617785be418f6ba9da48b6dc797eea68f8"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-30471cfd-e315-42e3-92cd-764ca2a1051d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High", "observed_time": {"start_time": "2020-09-01T03:42:17.484Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-43aa9a45cc68cf7b65555df701a4b948824caab5b45657050332dda88cc7a513"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ba078f92-e0e1-4373-9b50-eb420deb89fe", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High", "observed_time": {"start_time": "2020-09-02T03:42:19.580Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0e05bcf1688e4656fc3a11e24e7fedf70272a4246ad5e422c07c1f88d06dc3c2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-aeeccfa9-eed1-4e30-b107-e784409fbfd6", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High", "observed_time": {"start_time": "2020-09-04T03:44:05.365Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8f5c9a98e882e6716413280083db7086e6fe3eaa61327a0a6e025e7336541dac"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5a876588-69c9-4ff1-8f6d-4c1abd9092dc", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High", "observed_time": {"start_time": "2020-08-20T03:42:18.290Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2cfd2330d4cc336e408c087c975e1ef9374e7cf1b6529411050d64e46f80a6a1"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-19703b03-ff26-4f17-abb6-9f8786d90c45", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High", "observed_time": {"start_time": "2020-08-29T03:42:17.844Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-01d35037c1091f331b4de66ead171686aa93629a0a8efaaa23a94fd050ec79e0"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-bb5727fc-7c49-482b-a613-1e17790079ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High", "observed_time": {"start_time": "2020-08-26T03:42:21.692Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8720903f4fe59b6fc5c323108f10613878c29fc15ebc4381cc2a6e27edbd46b2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-7bd32a64-8184-492d-90f4-7b70d79af22f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High", "observed_time": {"start_time": "2020-09-08T03:44:09.487Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-dc04395c0899812b7d91cd4cedca33c02f9f97c5cfeff74c77016c07e2b014bf"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-4b2bd88e-8127-4ea1-8865-b020bf4f7f1d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High", "observed_time": {"start_time": "2020-09-06T03:44:04.841Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3176c1ae80f97fe362e4050fd3d1f0d970a35d6e389de37629633f3297a401cc"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-db133606-fcf8-4be7-b8b4-f60e4889c1b2", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High", "observed_time": {"start_time": "2020-09-14T03:44:11.699Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-825ea0c267a73292817583b0bdeb743a07182cf58ca1dd717131efff3badab61"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-50a3d2f3-843b-40df-93e0-5fc088df3d7d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High", "observed_time": {"start_time": "2020-08-28T03:42:14.950Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cbe0a3a703d1fc937d6152caa998aefe12c9a1fd3208625b23185439125246ba"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-8eb0f036-70bf-43aa-8244-1be38fcd3ff5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High", "observed_time": {"start_time": "2020-08-23T03:42:14.255Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-505565c8aac275b3b4c6973cf4dbf0b5ee2b6bd3b86ac93ab73970835cf099bd"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-6667a3f8-3d44-4f3e-8b0c-725641c4c8ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High", "observed_time": {"start_time": "2020-09-12T03:44:07.198Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6101dca3c3466fe655354a794c8c5fa4cfe8fe23fff37f38231338f69ed50d75"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-34116ba7-bfdd-4523-a2fd-1a4f858dcc6d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High", "observed_time": {"start_time": "2020-08-18T03:42:16.304Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7fe52732eecfc45850e3604e605835d70dcad3ff8ebccd6ff586f106ef06902"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-1d4239d2-5921-4890-9a7d-e1755aa6ef04", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High", "observed_time": {"start_time": "2020-08-30T03:42:16.197Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-adb4aeb9e59034e41e5e2afe753110cf09f980393621092e045d2849d2943c13"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-63134800-b966-4610-89d1-2331b973dc77", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High", "observed_time": {"start_time": "2020-09-10T03:44:07.777Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ad513ebee2c522c99c152784b97f4b27abf7899834292cf779ad2bc8bd20e75c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-0be9605f-faca-4ed3-bf12-408cf04b697e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High", "observed_time": {"start_time": "2020-08-25T03:42:20.275Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3cda5a8af7ce5757a33e7707c3c133f3c5fd85fee7f31c7856a21fdb9d8729ae"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-13ecdd06-3655-4502-b900-10a298ef3126", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High", "observed_time": {"start_time": "2020-08-27T03:42:23.679Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-494eb2c4dc7dcc1117118b2a4595d61f3993aa8f1b13800879abce14fa05efea"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-10ffe439-3a12-48e8-a48c-b21a1c6e4183", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High", "observed_time": {"start_time": "2020-08-24T03:42:19.035Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4c4b36725fa004ef5a44ab2efe13ccdf6cc3368624bdd21828ce3a3cbcb0b45d"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-d4aacead-6007-4320-8696-b1a99ac1c114", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High", "observed_time": {"start_time": "2020-09-03T03:42:17.572Z"}}], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "url", "value": "http://0win365.com/wp-admin/sites/", "id": "1bac5cca"}], "omittedObservables": [], "archivedObservables": [{"key": "ce8f0870-1456-41ff-889e-7ce2ffbe9721", "value": "http://0win365.com/wp-admin/sites/", "indicators": [{"description": "URLhaus is a project operated by abuse.ch with thepurpose of sharing malicious URLs that are being usedfor malware distribution.", "valid_time": {"start_time": "2020-08-06T03:42:26.362Z", "end_time": "2525-01-01T00:00:00.000Z"}, "producer": "Abuse.ch", "schema_version": "1.0.16", "type": "indicator", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-495e8322a86ba11f771a0fa1a4c8dc2680559eea453c99382588830fe5eb8718"], "short_description": "Abuse.ch URLhaus Malware URL Exchange", "title": "Abuse.ch URLhaus DB Feed", "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-06T04:36:09.833Z"}], "type": "url", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "http://0win365.com/wp-admin/sites/", "id": "1bac5cca", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "schema_version": "1.0.22", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/url/http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F/summary", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881", "severity": "High", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "schema_version": "1.1.3", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F", "disposition_name": "Suspicious", "priority": 90, "id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8", "severity": "Medium", "tlp": "white", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-27T03:42:23.679Z", "end_time": "2020-09-26T03:42:23.679Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0c9a87422c7833ee49035928c849f9636968992e094322e803d33ffb3ec1b419"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0f4ea20e-605c-4089-910c-bab8f7025843", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-13T03:42:15.863Z", "end_time": "2020-10-13T03:42:15.863Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0ba84d907a0a309b0e65a87aea46a5ea56a5fbbb5a1b6699780473c84f7b701b"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-dd2ea1df-c35f-4179-badd-de8a6eeea695", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-11T03:44:06.846Z", "end_time": "2020-10-11T03:44:06.846Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cf0c4fb472d41c3c49288e2a5b78ce5277732e4d03fa137c04861cb035117c8f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-77d73961-0cac-4640-b5d4-e1d3a74f7456", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-09T03:44:11.567Z", "end_time": "2020-10-09T03:44:11.567Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4df6110cd7b8f0b4a7b487b6239c0b7d40853404e9bdd6c17d343ce231772db8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f7a88969-e90f-4297-8dbf-7356b802fff1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-30T03:42:16.197Z", "end_time": "2020-09-29T03:42:16.197Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c2e2dbb2ce411c484fa7d5bcfa39589b5ef9c83295c815a5110b6d854a1d946d"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-9bf5aa39-28df-46b3-9a21-6175356911d5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-26T03:42:21.692Z", "end_time": "2020-09-25T03:42:21.692Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a2670912ec05f302c51e0e48d6e2cc9b9ea4a7b076a46ba205f716ee69086539"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-50b88817-cd08-48af-bd16-86dee2af8520", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-18T03:42:16.304Z", "end_time": "2020-09-17T03:42:16.304Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a9bec042ce0bfa3ad7fec262fd5a810ef3d1044a38df3a691c3ddddf99e4e54f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b7e28f6c-c16c-46e4-bc5c-c29a1349c006", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-05T03:42:13.794Z", "end_time": "2020-10-05T03:42:13.794Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-92aaeab133a2671f2b2560f3f36123e4242e2652abd0be54e6b7ab36b6fa5a74"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0bc944d3-70ee-4ade-8100-00c8954513b4", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-20T03:42:18.290Z", "end_time": "2020-09-19T03:42:18.290Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0b49c77e991bd3dae139e0d0003d0ccc64ac28b9fb530f4d65193187bc7c257f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-38b5af39-5fa4-4b7d-b5c9-565b5563632a", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-29T03:42:17.844Z", "end_time": "2020-09-28T03:42:17.844Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2d6d243a94aba36a312f7a3bba47821d2be0534ce40a14254eef0173f48dd739"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-456759c9-0387-4530-bce3-bf148c3b8594", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-10T03:44:07.777Z", "end_time": "2020-10-10T03:44:07.777Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d57ecdbd717fcf95bd7afa03ec497a62a5de738108b686bad476d2152289c8fe"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b5bb11be-1742-4b0c-93ce-fc2547e02d1b", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-02T03:42:19.580Z", "end_time": "2020-10-02T03:42:19.580Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-097f1439cfd0002db60be0543f5c60218741bb4c829ddc2aee8d1277a1bbae76"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-e804c536-3031-4dc0-9d7c-f13df622837f", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-14T03:44:11.699Z", "end_time": "2020-10-14T03:44:11.699Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d52ac55cd2579fa04ffb2ceb16b8923ca01ff3e1c30838ab7534580a2fac42a6"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-88588aef-2ade-4a31-93d7-c2e36b0d4034", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-08T03:44:09.487Z", "end_time": "2020-10-08T03:44:09.487Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-db1ae1eca16aeb5256b2ce1c8743c60bbc0c683cd63802b477055835ac61d599"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fedb9822-599d-4fb0-b468-be0f862103d9", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-25T03:42:20.275Z", "end_time": "2020-09-24T03:42:20.275Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0a0237d5d3def521eeb5f95e46867feb47f3a35eac7922c8a9a4e1b4598de73e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-4a7eae43-7ee1-41f6-bbe9-5f243c62debe", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-06T03:44:04.841Z", "end_time": "2020-10-06T03:44:04.841Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3563b7e120ccdbfa13eb93876dce997382f8f5bd1d3d7fb479516a5572cdf760"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8807d8e0-373f-4d9c-a1c3-5cced0f07d8c", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-04T03:44:05.365Z", "end_time": "2020-10-04T03:44:05.365Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bea9e6709f8925ffabda87dd03ec3c2965e1968d045e2a9ad3029a31e65b1187"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-27134e8d-b3e9-4ffa-b8f2-5c2387f1d9a2", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-03T03:42:17.572Z", "end_time": "2020-10-03T03:42:17.572Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-95728fa592a408b8d172655bf6ffbdb82e8560fc32f0dffa17497916f82e7aab"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-05917599-b89e-44fd-ad38-c0ca86c55284", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-15T03:44:07.613Z", "end_time": "2020-10-15T03:44:07.613Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c194e629581c938811c02963758d8a267fc64084c057302ac5b71b00209f7ff8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-24a2b6ef-eaca-42bc-8b72-10939e82a5e5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-01T03:42:17.484Z", "end_time": "2020-10-01T03:42:17.484Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-061613d6bc4db484985687c0d132d3b0ec9765fbe78e438cbf60c5b4b05f0820"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8d79391f-ccce-4370-b2de-3a9ba3ba5223", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-07T03:44:09.031Z", "end_time": "2020-10-07T03:44:09.031Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-9d8ce679c673e9dc14068827ede03d0855245552c371c2eb5b17eed8891dc89a"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f41eaef8-6681-4453-bc18-e761dbaf1188", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-12T03:44:07.198Z", "end_time": "2020-10-12T03:44:07.198Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-abe595e32c080b469c305e0ad7d1a62121fdf768d1ed79cea114a6ba07229de8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-78f51b61-921e-4da7-8c8e-baccf7eea503", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-16T03:44:03.541Z", "end_time": "2020-10-16T03:44:03.541Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7c49c163daa78d00b9f5a92e7db3b77975ffe590c2bf014a9f356a110359d1e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b4a27d52-4b30-4e47-979d-e840e1f0b123", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-24T03:42:19.035Z", "end_time": "2020-09-23T03:42:19.035Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-37e10fd140dde5516c179fe87a6c2a7e9fba2f06622f7e84f38be61f196880e7"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fa98a557-4038-46da-b484-c06f8ff26cba", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-22T03:42:20.082Z", "end_time": "2020-09-21T03:42:20.082Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f6d53a24e78217737a3f7f1afedd43c980708649d5dbeeea891809f5360146d9"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8371f552-8047-481f-b6f0-5c127e265a50", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-21T03:42:17.195Z", "end_time": "2020-09-20T03:42:17.195Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f432a7f6a8c7bf5ce5eee3e0726519fc4e9e2af318952e4b9af219a11c6a1baa"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-344e2d02-b1fc-4a1e-96fd-a792382e82d1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-23T03:42:14.255Z", "end_time": "2020-09-22T03:42:14.255Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b5b21d47f50dc2cbb50381f869dc39f2c3eb809e745f5544d168b350872dd9e0"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-bf037577-c045-410c-a711-ae9fccdc86c1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-19T03:42:17.389Z", "end_time": "2020-09-18T03:42:17.389Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c1080f31bc1a4986a1ad87a9c2ca65b066fd312218ab12442fffebad88a0e25c"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-3e1fbc4b-87d9-495c-9201-d2873a82e7a3", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-28T03:42:14.950Z", "end_time": "2020-09-27T03:42:14.950Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-1ea4a178ac57556b3ea8922a5678f8982f34391ed4628f01cbb0d91c201e027f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-690c5818-d742-4a4a-9090-59b5f4f4a7d7", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-31T03:42:19.101Z", "end_time": "2020-09-30T03:42:19.101Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-174820c73e61c6a34d745c20c4841bd7912417c1f8114d2cd6bc42da35540162"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-a9f6c620-8ea8-4d02-ab62-8843a382b949", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High"}], "sightings": [{"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-e9979ee698bba926de30c903b825044bdb6fb6fbb0f7a4a28da470b07e167f68"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-dab40bc7-359a-4ece-8c85-18b269ef50f5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High", "observed_time": {"start_time": "2020-08-22T03:42:20.082Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bb2e5c7fa59980443bf24e1b5f59271a4880257cc4f475f3066f7862cde7cf96"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ffc75cf7-1793-4ee1-a8d6-afaa81926b62", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High", "observed_time": {"start_time": "2020-09-07T03:44:09.031Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-7705128231e9ba796191bbf0908f6299a4eed20dcdc0d88630ce60919fe1d8aa"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-2112dc04-e8d1-4090-97f2-cfe6a0807712", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High", "observed_time": {"start_time": "2020-09-11T03:44:06.846Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-444cde78bbe44723f6a35f2ff7515bedc9ff63737335575be086221eb4f6c333"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-177ad514-08af-4f0a-b1bc-a1c062a59e5f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High", "observed_time": {"start_time": "2020-09-05T03:42:13.794Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2196aeefea16b8e3dda0d6b7f2e28859a52735872ba7aa3852c53962f7817e1e"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-f073d02b-73d8-46d8-a079-cb818301c19e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High", "observed_time": {"start_time": "2020-08-31T03:42:19.101Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-561a01fc837a7202f65757d77406ec7a7ae4fa570d0a98ea680b350965f86871"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-12621160-29d0-4f0b-95a9-14b9c0f4d46f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High", "observed_time": {"start_time": "2020-08-21T03:42:17.195Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ceb72ba9c47a916b4cc26114a5b73013d2f669f6d5e80f20e3496be3c756b307"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-e43d7ca8-11c0-473c-870f-970fc460c361", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High", "observed_time": {"start_time": "2020-09-16T03:44:03.541Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c43d3c3492838fde791edeeac428f779750aeb9aea450221ba1b3599f5d62606"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-a74ae08c-ceae-4de9-9429-7f1bdcdef394", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High", "observed_time": {"start_time": "2020-09-15T03:44:07.613Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6b6b2bbea6523155c38f4bd60182a11e853a941a098612f46e8a4ff2cf9d1403"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-993a3f14-eb9e-40f6-87a0-b713e2e8dbec", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High", "observed_time": {"start_time": "2020-09-09T03:44:11.567Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-fc4d14e9d9c06a67af99b34dfbd276fdc1ae4fbe26b6e0449a53100c50b39f8c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5bc7df70-2b0c-4cc8-9ed0-69c3e5d0284b", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High", "observed_time": {"start_time": "2020-08-19T03:42:17.389Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8d6133774a33636b52c44c349c4e0c7f68d16c9eaaa7b858c33975c38388ed9c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-232b63cf-2225-420d-95c8-fe2e54b54a55", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High", "observed_time": {"start_time": "2020-09-13T03:42:15.863Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a4b0f0059823c1c51ff32370f5d024617785be418f6ba9da48b6dc797eea68f8"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-30471cfd-e315-42e3-92cd-764ca2a1051d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High", "observed_time": {"start_time": "2020-09-01T03:42:17.484Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-43aa9a45cc68cf7b65555df701a4b948824caab5b45657050332dda88cc7a513"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ba078f92-e0e1-4373-9b50-eb420deb89fe", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High", "observed_time": {"start_time": "2020-09-02T03:42:19.580Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0e05bcf1688e4656fc3a11e24e7fedf70272a4246ad5e422c07c1f88d06dc3c2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-aeeccfa9-eed1-4e30-b107-e784409fbfd6", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High", "observed_time": {"start_time": "2020-09-04T03:44:05.365Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8f5c9a98e882e6716413280083db7086e6fe3eaa61327a0a6e025e7336541dac"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5a876588-69c9-4ff1-8f6d-4c1abd9092dc", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High", "observed_time": {"start_time": "2020-08-20T03:42:18.290Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2cfd2330d4cc336e408c087c975e1ef9374e7cf1b6529411050d64e46f80a6a1"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-19703b03-ff26-4f17-abb6-9f8786d90c45", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High", "observed_time": {"start_time": "2020-08-29T03:42:17.844Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-01d35037c1091f331b4de66ead171686aa93629a0a8efaaa23a94fd050ec79e0"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-bb5727fc-7c49-482b-a613-1e17790079ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High", "observed_time": {"start_time": "2020-08-26T03:42:21.692Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8720903f4fe59b6fc5c323108f10613878c29fc15ebc4381cc2a6e27edbd46b2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-7bd32a64-8184-492d-90f4-7b70d79af22f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High", "observed_time": {"start_time": "2020-09-08T03:44:09.487Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-dc04395c0899812b7d91cd4cedca33c02f9f97c5cfeff74c77016c07e2b014bf"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-4b2bd88e-8127-4ea1-8865-b020bf4f7f1d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High", "observed_time": {"start_time": "2020-09-06T03:44:04.841Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3176c1ae80f97fe362e4050fd3d1f0d970a35d6e389de37629633f3297a401cc"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-db133606-fcf8-4be7-b8b4-f60e4889c1b2", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High", "observed_time": {"start_time": "2020-09-14T03:44:11.699Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-825ea0c267a73292817583b0bdeb743a07182cf58ca1dd717131efff3badab61"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-50a3d2f3-843b-40df-93e0-5fc088df3d7d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High", "observed_time": {"start_time": "2020-08-28T03:42:14.950Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cbe0a3a703d1fc937d6152caa998aefe12c9a1fd3208625b23185439125246ba"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-8eb0f036-70bf-43aa-8244-1be38fcd3ff5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High", "observed_time": {"start_time": "2020-08-23T03:42:14.255Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-505565c8aac275b3b4c6973cf4dbf0b5ee2b6bd3b86ac93ab73970835cf099bd"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-6667a3f8-3d44-4f3e-8b0c-725641c4c8ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High", "observed_time": {"start_time": "2020-09-12T03:44:07.198Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6101dca3c3466fe655354a794c8c5fa4cfe8fe23fff37f38231338f69ed50d75"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-34116ba7-bfdd-4523-a2fd-1a4f858dcc6d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High", "observed_time": {"start_time": "2020-08-18T03:42:16.304Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7fe52732eecfc45850e3604e605835d70dcad3ff8ebccd6ff586f106ef06902"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-1d4239d2-5921-4890-9a7d-e1755aa6ef04", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High", "observed_time": {"start_time": "2020-08-30T03:42:16.197Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-adb4aeb9e59034e41e5e2afe753110cf09f980393621092e045d2849d2943c13"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-63134800-b966-4610-89d1-2331b973dc77", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High", "observed_time": {"start_time": "2020-09-10T03:44:07.777Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ad513ebee2c522c99c152784b97f4b27abf7899834292cf779ad2bc8bd20e75c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-0be9605f-faca-4ed3-bf12-408cf04b697e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High", "observed_time": {"start_time": "2020-08-25T03:42:20.275Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3cda5a8af7ce5757a33e7707c3c133f3c5fd85fee7f31c7856a21fdb9d8729ae"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-13ecdd06-3655-4502-b900-10a298ef3126", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High", "observed_time": {"start_time": "2020-08-27T03:42:23.679Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-494eb2c4dc7dcc1117118b2a4595d61f3993aa8f1b13800879abce14fa05efea"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-10ffe439-3a12-48e8-a48c-b21a1c6e4183", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High", "observed_time": {"start_time": "2020-08-24T03:42:19.035Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4c4b36725fa004ef5a44ab2efe13ccdf6cc3368624bdd21828ce3a3cbcb0b45d"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-d4aacead-6007-4320-8696-b1a99ac1c114", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High", "observed_time": {"start_time": "2020-09-03T03:42:17.572Z"}}], "revListOrder": 1}]}, "schema_version": "1.1.3", "type": "investigation", "search-txt": "url:\"http://0win365.com/wp-admin/sites/\"", "source": "Test_company Company_test", "actions": "[{\"created-perf\":10466454999.987036,\"updated-perf\":10466454999.987036,\"type\":\"collect\",\"created\":\"2021-03-05T10:42:05.171Z\",\"state\":\"ok\",\"arg\":\"url:http://0win365.com/wp-admin/sites/\",\"result\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"id\":\"collect-1bac5cca\",\"uuid\":\"291fe374-ad0d-44ba-a16f-176a2a4d248c\"},{\"created-perf\":15801470000.064001,\"updated-perf\":15801470000.064001,\"type\":\"investigate\",\"created\":\"2021-03-05T10:42:10.506Z\",\"state\":\"ok\",\"arg\":{\"type\":\"url\",\"value\":\"http://0win365.com/wp-admin/sites/\"},\"result\":{\"data\":[{\"module\":\"AMP Global Intelligence\",\"module_instance_id\":\"b37ff2ee-0ca1-4dbc-936d-a35bf7d5e18f\",\"module_type_id\":\"87563e81-ddc5-5f61-b4f8-dbe71252c922\",\"data\":{\"indicators\":{\"count\":1,\"docs\":[{\"description\":\"URLhaus is a project operated by abuse.ch with thepurpose of sharing malicious URLs that are being usedfor malware distribution.\",\"valid_time\":{\"start_time\":\"2023-12-21T03:42:26.362Z\",\"end_time\":\"2528-05-17T00:00:00.000Z\"},\"producer\":\"Abuse.ch\",\"schema_version\":\"1.0.16\",\"type\":\"indicator\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-495e8322a86ba11f771a0fa1a4c8dc2680559eea453c99382588830fe5eb8718\"],\"short_description\":\"Abuse.ch URLhaus Malware URL Exchange\",\"title\":\"Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"tlp\":\"green\",\"timestamp\":\"2020-08-06T04:36:09.833Z\"}]},\"relationships\":{\"count\":60,\"docs\":[{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-c309ad64961f1a743b8d08c7b9672fab7a68ef7c873e2642f4238edb0f14ea33\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-f073d02b-73d8-46d8-a079-cb818301c19e\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-62aeb961-dbb2-4540-975d-0a8a55626b5a\",\"tlp\":\"green\",\"timestamp\":\"2020-08-31T04:30:41.302Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-7230e4970fa80704e538d2a8b521ccc77828f015ac08b32223c8b25208664f7e\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-8eb0f036-70bf-43aa-8244-1be38fcd3ff5\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-46b25ba0-049e-47a3-b347-ba8cba3e5488\",\"tlp\":\"green\",\"timestamp\":\"2020-08-23T04:21:40.357Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-60be1784cbcf3573a200f123fd3403f995b7a6d31c30d2118f0222aba7e83870\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-6667a3f8-3d44-4f3e-8b0c-725641c4c8ae\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-83d11a7b-1139-41bf-af7a-f9c0f623e6bf\",\"tlp\":\"green\",\"timestamp\":\"2020-09-12T04:57:07.056Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-a7fe886b8f70b85ba9645e46dcd86dc2eaa7a9610852f8e2ca5e1ecc6a6eee22\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-dd2ea1df-c35f-4179-badd-de8a6eeea695\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-d2790987-cf25-413f-b9dd-1d68137fe975\",\"tlp\":\"green\",\"timestamp\":\"2020-09-13T05:00:43.672Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-6c5540025cae8d0fe20ffbaf945887fc15734211149f45b4c1f87cc4b81d3c44\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-78f51b61-921e-4da7-8c8e-baccf7eea503\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-bb9f99d0-c29c-4d67-b83d-eed00f846d39\",\"tlp\":\"green\",\"timestamp\":\"2020-09-12T04:57:07.056Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-f1431051921fdacb212b2fd030140fce1c753891dd90e3aa8223486e7ede765a\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-f41eaef8-6681-4453-bc18-e761dbaf1188\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-cdbf82d4-0ef7-4788-98f7-f2aef7cadcff\",\"tlp\":\"green\",\"timestamp\":\"2020-09-07T04:44:51.461Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-f3a77124480bd37f0b5d2f4bd5eee0735ba3ce9443ded047dbfcceb544ab669d\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-50b88817-cd08-48af-bd16-86dee2af8520\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-336d97d2-ff0f-474f-a7d1-b260bf72e181\",\"tlp\":\"green\",\"timestamp\":\"2020-08-26T04:30:17.552Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-51d645f2790502cd7d15a4a7f3b232a54087ef9c13401901c0f45eaefbeca5de\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-4b2bd88e-8127-4ea1-8865-b020bf4f7f1d\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-e9fca00f-6726-41b1-8613-e0210f0f1adf\",\"tlp\":\"green\",\"timestamp\":\"2020-09-06T04:49:33.839Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-6320487cbbcea951d7d4680bf1799f9ef54f8f0996e28431555c36fb9e82d2db\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-bb5727fc-7c49-482b-a613-1e17790079ae\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-493ca187-cc84-4259-b67b-73664410d49c\",\"tlp\":\"green\",\"timestamp\":\"2020-08-26T04:30:17.546Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-58635145dd11039df70abedc6f0001a7db5cdb73c46f0baa6c3c981183cdc9d1\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-30471cfd-e315-42e3-92cd-764ca2a1051d\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-68249d93-92d5-4a29-9ff2-a6825846f135\",\"tlp\":\"green\",\"timestamp\":\"2020-09-01T04:35:22.688Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-a1fa3cbbe9ed5c6d26b079daea0d0680043613ad7d59ecebf866d11512bb9f1a\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-a9f6c620-8ea8-4d02-ab62-8843a382b949\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-ff0879c4-1f62-43fb-bb10-57b04693052f\",\"tlp\":\"green\",\"timestamp\":\"2020-08-31T04:30:41.306Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-4a3e499109783d99c6659d0fe5e2e00884dd0bb63f3664700549a0ea6e686a0a\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-24a2b6ef-eaca-42bc-8b72-10939e82a5e5\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-b20d07dc-2d09-490d-ad32-49ec58ba29c6\",\"tlp\":\"green\",\"timestamp\":\"2020-09-15T06:07:48.992Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-e901e60cb78d8804e5d0ed3416e84ea1a39b68956860429514813a75e5c25580\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-a74ae08c-ceae-4de9-9429-7f1bdcdef394\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-15d2baec-8e3c-45d9-bc9a-29479ef8eb61\",\"tlp\":\"green\",\"timestamp\":\"2020-09-15T06:07:48.995Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-584820e5241738bd311da13a8b468769be439028d4c0665d5e5a1a1c584b4aa8\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-88588aef-2ade-4a31-93d7-c2e36b0d4034\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-f3d166d7-123d-402a-9a19-55517e296137\",\"tlp\":\"green\",\"timestamp\":\"2020-09-14T05:28:34.342Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-ca0d06f1fa77a78a8a6eb46de9893abe14dc8cba64ea0735d5d102da1befa487\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-50a3d2f3-843b-40df-93e0-5fc088df3d7d\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-97b96ab9-90a7-4777-94ef-335067f0845e\",\"tlp\":\"green\",\"timestamp\":\"2020-08-28T04:32:25.045Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.16\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-52e9ee05e566327449e8f541eebacd5b83a5df827acec5936707d9e3afd23f83\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-5bc7df70-2b0c-4cc8-9ed0-69c3e5d0284b\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-194cc017-d1a7-4e4e-bc3c-91a9162ec34d\",\"tlp\":\"green\",\"timestamp\":\"2020-08-19T04:24:14.186Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-cc81a5ede81adbdd5c5d021793e654e183feae0986b478f21887d9033d0a6da5\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-db133606-fcf8-4be7-b8b4-f60e4889c1b2\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-54316db1-c3c4-470d-9290-f96859a906b7\",\"tlp\":\"green\",\"timestamp\":\"2020-09-14T05:28:34.343Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-c79f9b8ef29bd5b8f65668edd780d30e23604b174183ed7a323b6d546d0d996e\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-dab40bc7-359a-4ece-8c85-18b269ef50f5\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-0893f1f7-43aa-4a46-b84c-6ba932a206db\",\"tlp\":\"green\",\"timestamp\":\"2020-08-22T04:22:28.849Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-46daa46a121fe42470a86719b60bedc2e50c979a0f92c55a8f480d908ef91819\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-12621160-29d0-4f0b-95a9-14b9c0f4d46f\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-6cad96c1-6164-4f74-8444-fefa2b6ea3bd\",\"tlp\":\"green\",\"timestamp\":\"2020-08-21T04:26:03.736Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-060b7f8570451c4e9c63b0226aedf7c33f6b8f1991d02b43d8aae53e44ef8e4e\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-27134e8d-b3e9-4ffa-b8f2-5c2387f1d9a2\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-29f01494-3b90-4ff9-be9d-163e54fb5eb4\",\"tlp\":\"green\",\"timestamp\":\"2020-09-04T04:42:11.796Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-d42881b44d7e46360f235e1133859dd2e77c8218fda11f64ad9eea5b673ce3ad\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-344e2d02-b1fc-4a1e-96fd-a792382e82d1\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-d844b398-5aa8-4c1c-b8be-cb9f448c6638\",\"tlp\":\"green\",\"timestamp\":\"2020-08-21T04:26:03.739Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-0c56232eaae3acb9c20324f92b966e60bcc6ca1e01a2dbd37bba62e470854a51\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-fa98a557-4038-46da-b484-c06f8ff26cba\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-04bbd8c3-bf31-4af6-9008-0e5520f3a4f7\",\"tlp\":\"green\",\"timestamp\":\"2020-08-24T04:21:53.366Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-7c864ba20adb9212169c138de4ef6d07773fde76112207c363648233bd42be9a\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-0be9605f-faca-4ed3-bf12-408cf04b697e\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-d56f43cd-c0c7-4ad6-95d7-cc228ef66812\",\"tlp\":\"green\",\"timestamp\":\"2020-08-25T04:23:57.282Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-13173434c3928891f9730d57c5a7b1e2ce986f6737ad4eab9c2de78afdc0a804\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-e43d7ca8-11c0-473c-870f-970fc460c361\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-1c66e3f7-b950-4693-bf7c-b46985928e3c\",\"tlp\":\"green\",\"timestamp\":\"2020-09-16T04:58:46.114Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-d0ccc19782a3a2350c78db11fe51224b255b6db3c88f974017a48807c975d55a\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-bf037577-c045-410c-a711-ae9fccdc86c1\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-3cc6b25a-d507-4f8e-92ba-4a83dbacdae6\",\"tlp\":\"green\",\"timestamp\":\"2020-08-23T04:21:40.352Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-693c33fad84921dd8f071815c809f8f31c4f1c520ea7a63cb828a6ae7067873b\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-d4aacead-6007-4320-8696-b1a99ac1c114\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-8d1c90a2-6f5a-4b9c-9cfe-9586a8b575fa\",\"tlp\":\"green\",\"timestamp\":\"2020-09-03T05:08:48.749Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b38a9ca1ffb3b270abfe142776856934dd3f87a0990a02187775671aba91b0f0\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-fedb9822-599d-4fb0-b468-be0f862103d9\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-44aa9d23-5676-4b76-904a-e15a74d6128a\",\"tlp\":\"green\",\"timestamp\":\"2020-09-08T04:39:40.035Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-87f14be87f25d74332bb813188a9a98e78da2119b26d1e50cb09c349fcbd63d9\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-b5bb11be-1742-4b0c-93ce-fc2547e02d1b\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-5e48422b-61a2-44c7-b436-d59c03bafba8\",\"tlp\":\"green\",\"timestamp\":\"2020-09-10T04:40:40.138Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b45028d0c7969cef5ae1e9c674f19e7196b8dbd2bd17cbd0b7bd0fc8daa39b8f\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-232b63cf-2225-420d-95c8-fe2e54b54a55\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-d027b20c-589e-49a7-8137-449da57faee1\",\"tlp\":\"green\",\"timestamp\":\"2020-09-13T05:00:43.668Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-eab7161e507d134ecc8d79440a1e0f3978ae4e2e5ac770f6d0c75126cc6b370a\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-9bf5aa39-28df-46b3-9a21-6175356911d5\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-3ab2ea13-c501-47b9-8be4-e2c68b35d931\",\"tlp\":\"green\",\"timestamp\":\"2020-08-30T04:28:10.207Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-37f08c9f57afdaaa28d3a5c43c19deeb8a8888365b8daec06ff8e4c9306436aa\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-10ffe439-3a12-48e8-a48c-b21a1c6e4183\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-3e57c001-9bec-4ff0-ba19-86481320cfd8\",\"tlp\":\"green\",\"timestamp\":\"2020-08-24T04:21:53.361Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b8be2ffcb1c6037beef0540fdb21547e8c00481d6b4b37c73c7a7f07d4d751dd\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-ffc75cf7-1793-4ee1-a8d6-afaa81926b62\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-4a231fd8-3c54-45a4-b1a8-ad9cb386bae2\",\"tlp\":\"green\",\"timestamp\":\"2020-09-07T04:44:51.462Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-bf0852d66f7ca56c084b591cbd26a2a18768996859bacd53a9ccccbd1c40aac6\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-13ecdd06-3655-4502-b900-10a298ef3126\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-5387ea96-bf58-4cc5-88a6-a5dd7052e372\",\"tlp\":\"green\",\"timestamp\":\"2020-08-27T04:30:02.062Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-90ed7f9f587f326b81d4897576f9419c972a5e917ffef500fac7885c75c5ad4d\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-b4a27d52-4b30-4e47-979d-e840e1f0b123\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-3bf1ea0c-7737-475f-b98e-3c062a884ea8\",\"tlp\":\"green\",\"timestamp\":\"2020-09-16T04:58:46.115Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-ecadfed8edf0c27dd7610ad0148d27e9f6cba64695450fa795e7e419e23e9b70\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-e804c536-3031-4dc0-9d7c-f13df622837f\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-c618f3fd-4558-4fca-8b5e-d333f8131929\",\"tlp\":\"green\",\"timestamp\":\"2020-09-02T04:35:49.072Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.16\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-1ff904d7a9f67ba78512a9ece70db8ec87fa89700de46d17aa4225a23866c284\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-5a876588-69c9-4ff1-8f6d-4c1abd9092dc\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-e3b4307b-feae-4552-ae67-40da5b5a910a\",\"tlp\":\"green\",\"timestamp\":\"2020-08-20T04:27:27.003Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-0dde75a804606de924f2a0443d04ccb9748768135538f5331a3852cc9081e7f4\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-690c5818-d742-4a4a-9090-59b5f4f4a7d7\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-8b929cbb-2639-40f1-9acd-aa0692fea09e\",\"tlp\":\"green\",\"timestamp\":\"2020-08-28T04:32:25.048Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-5eeaf45666411d9e7e323fe8eeb443a1f5e8049f31da21b916b12c979d3277b3\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-8371f552-8047-481f-b6f0-5c127e265a50\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-31b4d034-0007-4634-a5c1-75f60fcb7ba0\",\"tlp\":\"green\",\"timestamp\":\"2020-08-22T04:22:28.850Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-449b530431de3b6765f066f2d7226593a217f512ea8cb4185c95c2fe382eeb30\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-1d4239d2-5921-4890-9a7d-e1755aa6ef04\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-6074966b-b8d8-4c98-b10e-992b00a97748\",\"tlp\":\"green\",\"timestamp\":\"2020-08-30T04:28:10.203Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-dae3886cb940d7439da2b42cac46babda228afcdb8cc463da4baa7336f79ee8a\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-63134800-b966-4610-89d1-2331b973dc77\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-a292b20d-6ae7-402c-8a37-166ba3cdc029\",\"tlp\":\"green\",\"timestamp\":\"2020-09-10T04:40:40.134Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.16\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b57b946139937b098cf7e74bddcb29ba704e6e2c310861442b2962ae89be4ebd\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-b7e28f6c-c16c-46e4-bc5c-c29a1349c006\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-d29f7eba-c3af-4d1a-a6c1-85379d679fe1\",\"tlp\":\"green\",\"timestamp\":\"2020-08-18T04:23:01.526Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-1324281492803470900c85bfefd257aff0ac8f38bd41ffb9c0f99f62d3294cd7\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-456759c9-0387-4530-bce3-bf148c3b8594\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-f2dbdf68-d3ea-402d-8b43-12ef9df656b7\",\"tlp\":\"green\",\"timestamp\":\"2020-08-29T04:28:36.273Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-22a47fa0995ccaa1670281664654c02bd65839c7ea427e768fc7fbf46f1513a7\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-77d73961-0cac-4640-b5d4-e1d3a74f7456\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-361acbc6-593b-45b0-9b25-dbb0f6f272d4\",\"tlp\":\"green\",\"timestamp\":\"2020-09-11T04:48:45.598Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.16\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b032bc43e9f400fdf1ff71e1f58baa7af4ce0f3c842978c8a147a3bdf13cb006\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-38b5af39-5fa4-4b7d-b5c9-565b5563632a\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-f3f61c8c-6d9e-4760-9093-d23c780c81fb\",\"tlp\":\"green\",\"timestamp\":\"2020-08-20T04:27:26.998Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-5c196b0c8713d5cdaa5f48f9a09f9f2c093f1432167ebd54d8566ce9470beb23\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-4a7eae43-7ee1-41f6-bbe9-5f243c62debe\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-b0b69a88-b220-4a01-aea0-510598599461\",\"tlp\":\"green\",\"timestamp\":\"2020-08-25T04:23:57.283Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-fd21c450508c72958e9e83e2fb97387c974a6d0673611652f96f8d6d18cee923\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-0bc944d3-70ee-4ade-8100-00c8954513b4\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-d85d734e-ee4b-4f60-a41a-00be299f1348\",\"tlp\":\"green\",\"timestamp\":\"2020-09-05T04:39:45.536Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-e70130e37d33fc102f8340dc0f2f897b81411fe2d66d156a496177868efc9586\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-993a3f14-eb9e-40f6-87a0-b713e2e8dbec\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-87c5cb45-a9a1-44e6-bc17-055591630120\",\"tlp\":\"green\",\"timestamp\":\"2020-09-09T04:44:51.784Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.16\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-1ab6df3bf5565858bf11af82dacab324cadd90dce881408c919eaf1d4b088f6d\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-34116ba7-bfdd-4523-a2fd-1a4f858dcc6d\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-a76be793-d0e5-4b0b-8958-211a3ce50124\",\"tlp\":\"green\",\"timestamp\":\"2020-08-18T04:23:01.533Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-769ab14b15c6b448eea4b24ca7ca91ce666108254a32fca65cc41932cafa4cc4\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-ba078f92-e0e1-4373-9b50-eb420deb89fe\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-cdd1efd9-c667-4aaa-85ab-fb83626c3a62\",\"tlp\":\"green\",\"timestamp\":\"2020-09-02T04:35:49.069Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-41093a15d5612c88742ea8621512c8142cee9d46587398d743399930185bc015\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-7bd32a64-8184-492d-90f4-7b70d79af22f\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-25fee826-fe77-477a-8962-70a359152632\",\"tlp\":\"green\",\"timestamp\":\"2020-09-08T04:39:40.031Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-5792be22f8f96eb8eedf0ebab5f11fe47f8ea666d20695b751c37a0eeaf7db06\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-177ad514-08af-4f0a-b1bc-a1c062a59e5f\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-fc275ef0-a612-4bf5-bc4c-5f670bcf4ccd\",\"tlp\":\"green\",\"timestamp\":\"2020-09-05T04:39:45.538Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-2de0a1ea1e097a71b585f456208b6d5024734f18a8f1a36eaa5289e994836655\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-8807d8e0-373f-4d9c-a1c3-5cced0f07d8c\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-b98b9979-79ba-4daa-aa93-4b2d77cc5d80\",\"tlp\":\"green\",\"timestamp\":\"2020-09-06T04:49:33.839Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-187f0a74843a79b18821f684f6fbd1cedf4c3413e998096169983f36fc1e596b\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-2112dc04-e8d1-4090-97f2-cfe6a0807712\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-c8a06070-7084-44b3-9c51-c59c9d163d24\",\"tlp\":\"green\",\"timestamp\":\"2020-09-11T04:48:45.599Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-7fdb393f8c86a2ec8faf51d641cb3928412640c18c3fd78517873e0a4ee149a7\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-f7a88969-e90f-4297-8dbf-7356b802fff1\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-39c871ae-c532-4cb8-b64b-e836e0bf2e86\",\"tlp\":\"green\",\"timestamp\":\"2020-09-09T04:44:51.784Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-43107dcc01934732d84d5e2e028b30b301d9ced5a08a8ac0ba50e747ce3beb34\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-8d79391f-ccce-4370-b2de-3a9ba3ba5223\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-09e2ff4f-8a83-4203-bedd-7259aec164b2\",\"tlp\":\"green\",\"timestamp\":\"2020-09-01T04:35:22.687Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-f3e10c5967917796f63e83d9e02dd4abbe36089a7c0018849975c74ba272d7ef\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-0f4ea20e-605c-4089-910c-bab8f7025843\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-43cd2326-74c1-4897-b5d7-f8551e2ef2a8\",\"tlp\":\"green\",\"timestamp\":\"2020-08-27T04:30:02.056Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-e91f195b5f5f0c714275fbaf59c3eef666cae1b297b0f7c6d66586b0675eb8e2\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-aeeccfa9-eed1-4e30-b107-e784409fbfd6\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-5f804b65-5bb8-4010-939e-b2538dd10f3f\",\"tlp\":\"green\",\"timestamp\":\"2020-09-04T04:42:11.799Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-bcb1b579b33862ee3e9191716bbbc477acb58345abe9b752a921efae9b9f1d80\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-05917599-b89e-44fd-ad38-c0ca86c55284\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-70597bee-dc69-4665-8aa0-943e1d18a8dc\",\"tlp\":\"green\",\"timestamp\":\"2020-09-03T05:08:48.745Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-c4f79fb2839eb1b15696d5d8f283acb999a812fb856a9058b722e3e91ef7f629\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-19703b03-ff26-4f17-abb6-9f8786d90c45\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-b05f6edf-9542-4a34-b8b2-7bcc6db5241b\",\"tlp\":\"green\",\"timestamp\":\"2020-08-29T04:28:36.281Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.16\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-9f2bb28ced15e09e8b60d54c66e046b575dc382b683a15b756576d8160ad980a\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-3e1fbc4b-87d9-495c-9201-d2873a82e7a3\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-c29f932c-e63c-41ed-90e5-44eab45b06cf\",\"tlp\":\"green\",\"timestamp\":\"2020-08-19T04:24:14.188Z\",\"relationship_type\":\"element-of\"}]},\"judgements\":{\"count\":30,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-01-15T03:42:19.101Z\",\"end_time\":\"2024-02-14T03:42:19.101Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-174820c73e61c6a34d745c20c4841bd7912417c1f8114d2cd6bc42da35540162\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-a9f6c620-8ea8-4d02-ab62-8843a382b949\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-31T03:42:19.101Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-12T03:42:14.950Z\",\"end_time\":\"2024-02-11T03:42:14.950Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-1ea4a178ac57556b3ea8922a5678f8982f34391ed4628f01cbb0d91c201e027f\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-690c5818-d742-4a4a-9090-59b5f4f4a7d7\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-28T03:42:14.950Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-03T03:42:17.389Z\",\"end_time\":\"2024-02-02T03:42:17.389Z\"},\"schema_version\":\"1.0.16\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-c1080f31bc1a4986a1ad87a9c2ca65b066fd312218ab12442fffebad88a0e25c\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-3e1fbc4b-87d9-495c-9201-d2873a82e7a3\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-19T03:42:17.389Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-07T03:42:14.255Z\",\"end_time\":\"2024-02-06T03:42:14.255Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b5b21d47f50dc2cbb50381f869dc39f2c3eb809e745f5544d168b350872dd9e0\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-bf037577-c045-410c-a711-ae9fccdc86c1\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-23T03:42:14.255Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-05T03:42:17.195Z\",\"end_time\":\"2024-02-04T03:42:17.195Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-f432a7f6a8c7bf5ce5eee3e0726519fc4e9e2af318952e4b9af219a11c6a1baa\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-344e2d02-b1fc-4a1e-96fd-a792382e82d1\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-21T03:42:17.195Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-06T03:42:20.082Z\",\"end_time\":\"2024-02-05T03:42:20.082Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-f6d53a24e78217737a3f7f1afedd43c980708649d5dbeeea891809f5360146d9\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-8371f552-8047-481f-b6f0-5c127e265a50\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-22T03:42:20.082Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-08T03:42:19.035Z\",\"end_time\":\"2024-02-07T03:42:19.035Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-37e10fd140dde5516c179fe87a6c2a7e9fba2f06622f7e84f38be61f196880e7\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-fa98a557-4038-46da-b484-c06f8ff26cba\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-24T03:42:19.035Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-31T03:44:03.541Z\",\"end_time\":\"2024-03-01T03:44:03.541Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b7c49c163daa78d00b9f5a92e7db3b77975ffe590c2bf014a9f356a110359d1e\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-b4a27d52-4b30-4e47-979d-e840e1f0b123\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-16T03:44:03.541Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-27T03:44:07.198Z\",\"end_time\":\"2024-02-26T03:44:07.198Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-abe595e32c080b469c305e0ad7d1a62121fdf768d1ed79cea114a6ba07229de8\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-78f51b61-921e-4da7-8c8e-baccf7eea503\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-12T03:44:07.198Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-22T03:44:09.031Z\",\"end_time\":\"2024-02-21T03:44:09.031Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-9d8ce679c673e9dc14068827ede03d0855245552c371c2eb5b17eed8891dc89a\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-f41eaef8-6681-4453-bc18-e761dbaf1188\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-07T03:44:09.031Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-16T03:42:17.484Z\",\"end_time\":\"2024-02-15T03:42:17.484Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-061613d6bc4db484985687c0d132d3b0ec9765fbe78e438cbf60c5b4b05f0820\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-8d79391f-ccce-4370-b2de-3a9ba3ba5223\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-01T03:42:17.484Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-30T03:44:07.613Z\",\"end_time\":\"2024-02-29T03:44:07.613Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-c194e629581c938811c02963758d8a267fc64084c057302ac5b71b00209f7ff8\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-24a2b6ef-eaca-42bc-8b72-10939e82a5e5\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-15T03:44:07.613Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-18T03:42:17.572Z\",\"end_time\":\"2024-02-17T03:42:17.572Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-95728fa592a408b8d172655bf6ffbdb82e8560fc32f0dffa17497916f82e7aab\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-05917599-b89e-44fd-ad38-c0ca86c55284\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-03T03:42:17.572Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-19T03:44:05.365Z\",\"end_time\":\"2024-02-18T03:44:05.365Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-bea9e6709f8925ffabda87dd03ec3c2965e1968d045e2a9ad3029a31e65b1187\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-27134e8d-b3e9-4ffa-b8f2-5c2387f1d9a2\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-04T03:44:05.365Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-21T03:44:04.841Z\",\"end_time\":\"2024-02-20T03:44:04.841Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-3563b7e120ccdbfa13eb93876dce997382f8f5bd1d3d7fb479516a5572cdf760\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-8807d8e0-373f-4d9c-a1c3-5cced0f07d8c\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-06T03:44:04.841Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-09T03:42:20.275Z\",\"end_time\":\"2024-02-08T03:42:20.275Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-0a0237d5d3def521eeb5f95e46867feb47f3a35eac7922c8a9a4e1b4598de73e\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-4a7eae43-7ee1-41f6-bbe9-5f243c62debe\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-25T03:42:20.275Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-23T03:44:09.487Z\",\"end_time\":\"2024-02-22T03:44:09.487Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-db1ae1eca16aeb5256b2ce1c8743c60bbc0c683cd63802b477055835ac61d599\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-fedb9822-599d-4fb0-b468-be0f862103d9\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-08T03:44:09.487Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-29T03:44:11.699Z\",\"end_time\":\"2024-02-28T03:44:11.699Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-d52ac55cd2579fa04ffb2ceb16b8923ca01ff3e1c30838ab7534580a2fac42a6\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-88588aef-2ade-4a31-93d7-c2e36b0d4034\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-14T03:44:11.699Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-17T03:42:19.580Z\",\"end_time\":\"2024-02-16T03:42:19.580Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-097f1439cfd0002db60be0543f5c60218741bb4c829ddc2aee8d1277a1bbae76\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-e804c536-3031-4dc0-9d7c-f13df622837f\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-02T03:42:19.580Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-25T03:44:07.777Z\",\"end_time\":\"2024-02-24T03:44:07.777Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-d57ecdbd717fcf95bd7afa03ec497a62a5de738108b686bad476d2152289c8fe\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-b5bb11be-1742-4b0c-93ce-fc2547e02d1b\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-10T03:44:07.777Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-13T03:42:17.844Z\",\"end_time\":\"2024-02-12T03:42:17.844Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-2d6d243a94aba36a312f7a3bba47821d2be0534ce40a14254eef0173f48dd739\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-456759c9-0387-4530-bce3-bf148c3b8594\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-29T03:42:17.844Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-04T03:42:18.290Z\",\"end_time\":\"2024-02-03T03:42:18.290Z\"},\"schema_version\":\"1.0.16\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-0b49c77e991bd3dae139e0d0003d0ccc64ac28b9fb530f4d65193187bc7c257f\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-38b5af39-5fa4-4b7d-b5c9-565b5563632a\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-20T03:42:18.290Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-20T03:42:13.794Z\",\"end_time\":\"2024-02-19T03:42:13.794Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-92aaeab133a2671f2b2560f3f36123e4242e2652abd0be54e6b7ab36b6fa5a74\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-0bc944d3-70ee-4ade-8100-00c8954513b4\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-05T03:42:13.794Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-02T03:42:16.304Z\",\"end_time\":\"2024-02-01T03:42:16.304Z\"},\"schema_version\":\"1.0.16\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-a9bec042ce0bfa3ad7fec262fd5a810ef3d1044a38df3a691c3ddddf99e4e54f\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-b7e28f6c-c16c-46e4-bc5c-c29a1349c006\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-18T03:42:16.304Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-10T03:42:21.692Z\",\"end_time\":\"2024-02-09T03:42:21.692Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-a2670912ec05f302c51e0e48d6e2cc9b9ea4a7b076a46ba205f716ee69086539\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-50b88817-cd08-48af-bd16-86dee2af8520\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-26T03:42:21.692Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-14T03:42:16.197Z\",\"end_time\":\"2024-02-13T03:42:16.197Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-c2e2dbb2ce411c484fa7d5bcfa39589b5ef9c83295c815a5110b6d854a1d946d\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-9bf5aa39-28df-46b3-9a21-6175356911d5\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-30T03:42:16.197Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-24T03:44:11.567Z\",\"end_time\":\"2024-02-23T03:44:11.567Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-4df6110cd7b8f0b4a7b487b6239c0b7d40853404e9bdd6c17d343ce231772db8\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-f7a88969-e90f-4297-8dbf-7356b802fff1\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-09T03:44:11.567Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-26T03:44:06.846Z\",\"end_time\":\"2024-02-25T03:44:06.846Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-cf0c4fb472d41c3c49288e2a5b78ce5277732e4d03fa137c04861cb035117c8f\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-77d73961-0cac-4640-b5d4-e1d3a74f7456\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-11T03:44:06.846Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-28T03:42:15.863Z\",\"end_time\":\"2024-02-27T03:42:15.863Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-0ba84d907a0a309b0e65a87aea46a5ea56a5fbbb5a1b6699780473c84f7b701b\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-dd2ea1df-c35f-4179-badd-de8a6eeea695\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-13T03:42:15.863Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-11T03:42:23.679Z\",\"end_time\":\"2024-02-10T03:42:23.679Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-0c9a87422c7833ee49035928c849f9636968992e094322e803d33ffb3ec1b419\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-0f4ea20e-605c-4089-910c-bab8f7025843\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-27T03:42:23.679Z\",\"confidence\":\"High\"}]},\"sightings\":{\"count\":30,\"docs\":[{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-4c4b36725fa004ef5a44ab2efe13ccdf6cc3368624bdd21828ce3a3cbcb0b45d\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-d4aacead-6007-4320-8696-b1a99ac1c114\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-03T03:42:17.572Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-18T03:42:17.572Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-494eb2c4dc7dcc1117118b2a4595d61f3993aa8f1b13800879abce14fa05efea\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-10ffe439-3a12-48e8-a48c-b21a1c6e4183\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-24T03:42:19.035Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-08T03:42:19.035Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-3cda5a8af7ce5757a33e7707c3c133f3c5fd85fee7f31c7856a21fdb9d8729ae\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-13ecdd06-3655-4502-b900-10a298ef3126\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-27T03:42:23.679Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-11T03:42:23.679Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-ad513ebee2c522c99c152784b97f4b27abf7899834292cf779ad2bc8bd20e75c\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-0be9605f-faca-4ed3-bf12-408cf04b697e\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-25T03:42:20.275Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-09T03:42:20.275Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-adb4aeb9e59034e41e5e2afe753110cf09f980393621092e045d2849d2943c13\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-63134800-b966-4610-89d1-2331b973dc77\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-10T03:44:07.777Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-25T03:44:07.777Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b7fe52732eecfc45850e3604e605835d70dcad3ff8ebccd6ff586f106ef06902\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-1d4239d2-5921-4890-9a7d-e1755aa6ef04\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-30T03:42:16.197Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-14T03:42:16.197Z\"}},{\"schema_version\":\"1.0.16\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-6101dca3c3466fe655354a794c8c5fa4cfe8fe23fff37f38231338f69ed50d75\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-34116ba7-bfdd-4523-a2fd-1a4f858dcc6d\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-18T03:42:16.304Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-02T03:42:16.304Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-505565c8aac275b3b4c6973cf4dbf0b5ee2b6bd3b86ac93ab73970835cf099bd\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-6667a3f8-3d44-4f3e-8b0c-725641c4c8ae\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-12T03:44:07.198Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-27T03:44:07.198Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-cbe0a3a703d1fc937d6152caa998aefe12c9a1fd3208625b23185439125246ba\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-8eb0f036-70bf-43aa-8244-1be38fcd3ff5\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-23T03:42:14.255Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-07T03:42:14.255Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-825ea0c267a73292817583b0bdeb743a07182cf58ca1dd717131efff3badab61\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-50a3d2f3-843b-40df-93e0-5fc088df3d7d\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-28T03:42:14.950Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-12T03:42:14.950Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-3176c1ae80f97fe362e4050fd3d1f0d970a35d6e389de37629633f3297a401cc\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-db133606-fcf8-4be7-b8b4-f60e4889c1b2\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-14T03:44:11.699Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-29T03:44:11.699Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-dc04395c0899812b7d91cd4cedca33c02f9f97c5cfeff74c77016c07e2b014bf\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-4b2bd88e-8127-4ea1-8865-b020bf4f7f1d\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-06T03:44:04.841Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-21T03:44:04.841Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-8720903f4fe59b6fc5c323108f10613878c29fc15ebc4381cc2a6e27edbd46b2\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-7bd32a64-8184-492d-90f4-7b70d79af22f\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-08T03:44:09.487Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-23T03:44:09.487Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-01d35037c1091f331b4de66ead171686aa93629a0a8efaaa23a94fd050ec79e0\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-bb5727fc-7c49-482b-a613-1e17790079ae\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-26T03:42:21.692Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-10T03:42:21.692Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-2cfd2330d4cc336e408c087c975e1ef9374e7cf1b6529411050d64e46f80a6a1\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-19703b03-ff26-4f17-abb6-9f8786d90c45\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-29T03:42:17.844Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-13T03:42:17.844Z\"}},{\"schema_version\":\"1.0.16\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-8f5c9a98e882e6716413280083db7086e6fe3eaa61327a0a6e025e7336541dac\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-5a876588-69c9-4ff1-8f6d-4c1abd9092dc\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-20T03:42:18.290Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-04T03:42:18.290Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-0e05bcf1688e4656fc3a11e24e7fedf70272a4246ad5e422c07c1f88d06dc3c2\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-aeeccfa9-eed1-4e30-b107-e784409fbfd6\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-04T03:44:05.365Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-19T03:44:05.365Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-43aa9a45cc68cf7b65555df701a4b948824caab5b45657050332dda88cc7a513\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-ba078f92-e0e1-4373-9b50-eb420deb89fe\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-02T03:42:19.580Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-17T03:42:19.580Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-a4b0f0059823c1c51ff32370f5d024617785be418f6ba9da48b6dc797eea68f8\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-30471cfd-e315-42e3-92cd-764ca2a1051d\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-01T03:42:17.484Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-16T03:42:17.484Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-8d6133774a33636b52c44c349c4e0c7f68d16c9eaaa7b858c33975c38388ed9c\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-232b63cf-2225-420d-95c8-fe2e54b54a55\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-13T03:42:15.863Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-28T03:42:15.863Z\"}},{\"schema_version\":\"1.0.16\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-fc4d14e9d9c06a67af99b34dfbd276fdc1ae4fbe26b6e0449a53100c50b39f8c\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-5bc7df70-2b0c-4cc8-9ed0-69c3e5d0284b\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-19T03:42:17.389Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-03T03:42:17.389Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-6b6b2bbea6523155c38f4bd60182a11e853a941a098612f46e8a4ff2cf9d1403\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-993a3f14-eb9e-40f6-87a0-b713e2e8dbec\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-09T03:44:11.567Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-24T03:44:11.567Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-c43d3c3492838fde791edeeac428f779750aeb9aea450221ba1b3599f5d62606\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-a74ae08c-ceae-4de9-9429-7f1bdcdef394\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-15T03:44:07.613Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-30T03:44:07.613Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-ceb72ba9c47a916b4cc26114a5b73013d2f669f6d5e80f20e3496be3c756b307\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-e43d7ca8-11c0-473c-870f-970fc460c361\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-16T03:44:03.541Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-31T03:44:03.541Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-561a01fc837a7202f65757d77406ec7a7ae4fa570d0a98ea680b350965f86871\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-12621160-29d0-4f0b-95a9-14b9c0f4d46f\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-21T03:42:17.195Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-05T03:42:17.195Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-2196aeefea16b8e3dda0d6b7f2e28859a52735872ba7aa3852c53962f7817e1e\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-f073d02b-73d8-46d8-a079-cb818301c19e\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-31T03:42:19.101Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-15T03:42:19.101Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-444cde78bbe44723f6a35f2ff7515bedc9ff63737335575be086221eb4f6c333\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-177ad514-08af-4f0a-b1bc-a1c062a59e5f\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-05T03:42:13.794Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-20T03:42:13.794Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-7705128231e9ba796191bbf0908f6299a4eed20dcdc0d88630ce60919fe1d8aa\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-2112dc04-e8d1-4090-97f2-cfe6a0807712\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-11T03:44:06.846Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-26T03:44:06.846Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-bb2e5c7fa59980443bf24e1b5f59271a4880257cc4f475f3066f7862cde7cf96\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-ffc75cf7-1793-4ee1-a8d6-afaa81926b62\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-07T03:44:09.031Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-22T03:44:09.031Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-e9979ee698bba926de30c903b825044bdb6fb6fbb0f7a4a28da470b07e167f68\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-dab40bc7-359a-4ece-8c85-18b269ef50f5\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-22T03:42:20.082Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-06T03:42:20.082Z\"}}]}}},{\"module\":\"Talos Intelligence\",\"module_instance_id\":\"f14a7465-a77a-4e28-8b97-23706a56eab5\",\"module_type_id\":\"2460c99b-2f01-523b-a65d-30a3c6603245\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":3,\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"judgement_id\":\"transient:c571fddb-d5ec-4c51-a96f-21432d78bee8\",\"disposition_name\":\"Suspicious\",\"valid_time\":{\"start_time\":\"2024-07-19T10:42:05.510Z\",\"end_time\":\"2024-08-18T10:42:05.510Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-19T10:42:05.510Z\",\"end_time\":\"2024-08-18T10:42:05.510Z\"},\"schema_version\":\"1.1.3\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Talos Intelligence\",\"disposition\":3,\"reason\":\"Low Talos Intelligence reputation score\",\"source_uri\":\"https://www.talosintelligence.com/reputation_center/lookup?search=http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F\",\"disposition_name\":\"Suspicious\",\"priority\":90,\"id\":\"transient:c571fddb-d5ec-4c51-a96f-21432d78bee8\",\"severity\":\"Medium\",\"tlp\":\"white\",\"confidence\":\"High\"}]}}},{\"module\":\"Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest\",\"module_instance_id\":\"15802a02-e1c8-499a-beb5-27a1efe71a44\",\"module_type_id\":\"79343c94-d267-4c3f-b6d3-de96871c406a\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":2,\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"judgement_id\":\"transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881\",\"disposition_name\":\"Malicious\",\"valid_time\":{\"start_time\":\"2024-07-19T10:42:06.931Z\",\"end_time\":\"2024-07-26T10:42:06.931Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-19T10:42:06.931Z\",\"end_time\":\"2024-07-26T10:42:06.931Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Palo Alto AutoFocus\",\"disposition\":2,\"reason\":\"MALWARE in AutoFocus\",\"source_uri\":\"https://autofocus.paloaltonetworks.com/#/search/indicator/url/http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F/summary\",\"disposition_name\":\"Malicious\",\"priority\":85,\"id\":\"transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881\",\"severity\":\"High\",\"confidence\":\"High\"}]}}}]},\"id\":\"investigate-7e9e073f\",\"uuid\":\"51ce0670-4355-4bd3-8cae-9aaf27e06344\"}]", "short_description": "Snapshot @ 20210305 10:42:25", "omittedObservables": [], "archivedObservables": [{"key": "ce8f0870-1456-41ff-889e-7ce2ffbe9721", "value": "http://0win365.com/wp-admin/sites/", "indicators": [{"description": "URLhaus is a project operated by abuse.ch with thepurpose of sharing malicious URLs that are being usedfor malware distribution.", "valid_time": {"start_time": "2020-08-06T03:42:26.362Z", "end_time": "2525-01-01T00:00:00.000Z"}, "producer": "Abuse.ch", "schema_version": "1.0.16", "type": "indicator", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-495e8322a86ba11f771a0fa1a4c8dc2680559eea453c99382588830fe5eb8718"], "short_description": "Abuse.ch URLhaus Malware URL Exchange", "title": "Abuse.ch URLhaus DB Feed", "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-06T04:36:09.833Z"}], "type": "url", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "http://0win365.com/wp-admin/sites/", "id": "1bac5cca", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "schema_version": "1.0.22", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/url/http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F/summary", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881", "severity": "High", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "schema_version": "1.1.3", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F", "disposition_name": "Suspicious", "priority": 90, "id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8", "severity": "Medium", "tlp": "white", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-27T03:42:23.679Z", "end_time": "2020-09-26T03:42:23.679Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0c9a87422c7833ee49035928c849f9636968992e094322e803d33ffb3ec1b419"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0f4ea20e-605c-4089-910c-bab8f7025843", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-13T03:42:15.863Z", "end_time": "2020-10-13T03:42:15.863Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0ba84d907a0a309b0e65a87aea46a5ea56a5fbbb5a1b6699780473c84f7b701b"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-dd2ea1df-c35f-4179-badd-de8a6eeea695", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-11T03:44:06.846Z", "end_time": "2020-10-11T03:44:06.846Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cf0c4fb472d41c3c49288e2a5b78ce5277732e4d03fa137c04861cb035117c8f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-77d73961-0cac-4640-b5d4-e1d3a74f7456", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-09T03:44:11.567Z", "end_time": "2020-10-09T03:44:11.567Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4df6110cd7b8f0b4a7b487b6239c0b7d40853404e9bdd6c17d343ce231772db8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f7a88969-e90f-4297-8dbf-7356b802fff1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-30T03:42:16.197Z", "end_time": "2020-09-29T03:42:16.197Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c2e2dbb2ce411c484fa7d5bcfa39589b5ef9c83295c815a5110b6d854a1d946d"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-9bf5aa39-28df-46b3-9a21-6175356911d5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-26T03:42:21.692Z", "end_time": "2020-09-25T03:42:21.692Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a2670912ec05f302c51e0e48d6e2cc9b9ea4a7b076a46ba205f716ee69086539"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-50b88817-cd08-48af-bd16-86dee2af8520", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-18T03:42:16.304Z", "end_time": "2020-09-17T03:42:16.304Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a9bec042ce0bfa3ad7fec262fd5a810ef3d1044a38df3a691c3ddddf99e4e54f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b7e28f6c-c16c-46e4-bc5c-c29a1349c006", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-05T03:42:13.794Z", "end_time": "2020-10-05T03:42:13.794Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-92aaeab133a2671f2b2560f3f36123e4242e2652abd0be54e6b7ab36b6fa5a74"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0bc944d3-70ee-4ade-8100-00c8954513b4", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-20T03:42:18.290Z", "end_time": "2020-09-19T03:42:18.290Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0b49c77e991bd3dae139e0d0003d0ccc64ac28b9fb530f4d65193187bc7c257f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-38b5af39-5fa4-4b7d-b5c9-565b5563632a", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-29T03:42:17.844Z", "end_time": "2020-09-28T03:42:17.844Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2d6d243a94aba36a312f7a3bba47821d2be0534ce40a14254eef0173f48dd739"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-456759c9-0387-4530-bce3-bf148c3b8594", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-10T03:44:07.777Z", "end_time": "2020-10-10T03:44:07.777Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d57ecdbd717fcf95bd7afa03ec497a62a5de738108b686bad476d2152289c8fe"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b5bb11be-1742-4b0c-93ce-fc2547e02d1b", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-02T03:42:19.580Z", "end_time": "2020-10-02T03:42:19.580Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-097f1439cfd0002db60be0543f5c60218741bb4c829ddc2aee8d1277a1bbae76"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-e804c536-3031-4dc0-9d7c-f13df622837f", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-14T03:44:11.699Z", "end_time": "2020-10-14T03:44:11.699Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d52ac55cd2579fa04ffb2ceb16b8923ca01ff3e1c30838ab7534580a2fac42a6"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-88588aef-2ade-4a31-93d7-c2e36b0d4034", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-08T03:44:09.487Z", "end_time": "2020-10-08T03:44:09.487Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-db1ae1eca16aeb5256b2ce1c8743c60bbc0c683cd63802b477055835ac61d599"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fedb9822-599d-4fb0-b468-be0f862103d9", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-25T03:42:20.275Z", "end_time": "2020-09-24T03:42:20.275Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0a0237d5d3def521eeb5f95e46867feb47f3a35eac7922c8a9a4e1b4598de73e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-4a7eae43-7ee1-41f6-bbe9-5f243c62debe", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-06T03:44:04.841Z", "end_time": "2020-10-06T03:44:04.841Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3563b7e120ccdbfa13eb93876dce997382f8f5bd1d3d7fb479516a5572cdf760"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8807d8e0-373f-4d9c-a1c3-5cced0f07d8c", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-04T03:44:05.365Z", "end_time": "2020-10-04T03:44:05.365Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bea9e6709f8925ffabda87dd03ec3c2965e1968d045e2a9ad3029a31e65b1187"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-27134e8d-b3e9-4ffa-b8f2-5c2387f1d9a2", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-03T03:42:17.572Z", "end_time": "2020-10-03T03:42:17.572Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-95728fa592a408b8d172655bf6ffbdb82e8560fc32f0dffa17497916f82e7aab"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-05917599-b89e-44fd-ad38-c0ca86c55284", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-15T03:44:07.613Z", "end_time": "2020-10-15T03:44:07.613Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c194e629581c938811c02963758d8a267fc64084c057302ac5b71b00209f7ff8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-24a2b6ef-eaca-42bc-8b72-10939e82a5e5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-01T03:42:17.484Z", "end_time": "2020-10-01T03:42:17.484Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-061613d6bc4db484985687c0d132d3b0ec9765fbe78e438cbf60c5b4b05f0820"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8d79391f-ccce-4370-b2de-3a9ba3ba5223", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-07T03:44:09.031Z", "end_time": "2020-10-07T03:44:09.031Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-9d8ce679c673e9dc14068827ede03d0855245552c371c2eb5b17eed8891dc89a"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f41eaef8-6681-4453-bc18-e761dbaf1188", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-12T03:44:07.198Z", "end_time": "2020-10-12T03:44:07.198Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-abe595e32c080b469c305e0ad7d1a62121fdf768d1ed79cea114a6ba07229de8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-78f51b61-921e-4da7-8c8e-baccf7eea503", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-16T03:44:03.541Z", "end_time": "2020-10-16T03:44:03.541Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7c49c163daa78d00b9f5a92e7db3b77975ffe590c2bf014a9f356a110359d1e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b4a27d52-4b30-4e47-979d-e840e1f0b123", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-24T03:42:19.035Z", "end_time": "2020-09-23T03:42:19.035Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-37e10fd140dde5516c179fe87a6c2a7e9fba2f06622f7e84f38be61f196880e7"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fa98a557-4038-46da-b484-c06f8ff26cba", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-22T03:42:20.082Z", "end_time": "2020-09-21T03:42:20.082Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f6d53a24e78217737a3f7f1afedd43c980708649d5dbeeea891809f5360146d9"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8371f552-8047-481f-b6f0-5c127e265a50", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-21T03:42:17.195Z", "end_time": "2020-09-20T03:42:17.195Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f432a7f6a8c7bf5ce5eee3e0726519fc4e9e2af318952e4b9af219a11c6a1baa"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-344e2d02-b1fc-4a1e-96fd-a792382e82d1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-23T03:42:14.255Z", "end_time": "2020-09-22T03:42:14.255Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b5b21d47f50dc2cbb50381f869dc39f2c3eb809e745f5544d168b350872dd9e0"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-bf037577-c045-410c-a711-ae9fccdc86c1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-19T03:42:17.389Z", "end_time": "2020-09-18T03:42:17.389Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c1080f31bc1a4986a1ad87a9c2ca65b066fd312218ab12442fffebad88a0e25c"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-3e1fbc4b-87d9-495c-9201-d2873a82e7a3", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-28T03:42:14.950Z", "end_time": "2020-09-27T03:42:14.950Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-1ea4a178ac57556b3ea8922a5678f8982f34391ed4628f01cbb0d91c201e027f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-690c5818-d742-4a4a-9090-59b5f4f4a7d7", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-31T03:42:19.101Z", "end_time": "2020-09-30T03:42:19.101Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-174820c73e61c6a34d745c20c4841bd7912417c1f8114d2cd6bc42da35540162"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-a9f6c620-8ea8-4d02-ab62-8843a382b949", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High"}], "sightings": [{"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-e9979ee698bba926de30c903b825044bdb6fb6fbb0f7a4a28da470b07e167f68"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-dab40bc7-359a-4ece-8c85-18b269ef50f5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High", "observed_time": {"start_time": "2020-08-22T03:42:20.082Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bb2e5c7fa59980443bf24e1b5f59271a4880257cc4f475f3066f7862cde7cf96"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ffc75cf7-1793-4ee1-a8d6-afaa81926b62", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High", "observed_time": {"start_time": "2020-09-07T03:44:09.031Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-7705128231e9ba796191bbf0908f6299a4eed20dcdc0d88630ce60919fe1d8aa"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-2112dc04-e8d1-4090-97f2-cfe6a0807712", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High", "observed_time": {"start_time": "2020-09-11T03:44:06.846Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-444cde78bbe44723f6a35f2ff7515bedc9ff63737335575be086221eb4f6c333"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-177ad514-08af-4f0a-b1bc-a1c062a59e5f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High", "observed_time": {"start_time": "2020-09-05T03:42:13.794Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2196aeefea16b8e3dda0d6b7f2e28859a52735872ba7aa3852c53962f7817e1e"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-f073d02b-73d8-46d8-a079-cb818301c19e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High", "observed_time": {"start_time": "2020-08-31T03:42:19.101Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-561a01fc837a7202f65757d77406ec7a7ae4fa570d0a98ea680b350965f86871"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-12621160-29d0-4f0b-95a9-14b9c0f4d46f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High", "observed_time": {"start_time": "2020-08-21T03:42:17.195Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ceb72ba9c47a916b4cc26114a5b73013d2f669f6d5e80f20e3496be3c756b307"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-e43d7ca8-11c0-473c-870f-970fc460c361", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High", "observed_time": {"start_time": "2020-09-16T03:44:03.541Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c43d3c3492838fde791edeeac428f779750aeb9aea450221ba1b3599f5d62606"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-a74ae08c-ceae-4de9-9429-7f1bdcdef394", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High", "observed_time": {"start_time": "2020-09-15T03:44:07.613Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6b6b2bbea6523155c38f4bd60182a11e853a941a098612f46e8a4ff2cf9d1403"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-993a3f14-eb9e-40f6-87a0-b713e2e8dbec", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High", "observed_time": {"start_time": "2020-09-09T03:44:11.567Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-fc4d14e9d9c06a67af99b34dfbd276fdc1ae4fbe26b6e0449a53100c50b39f8c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5bc7df70-2b0c-4cc8-9ed0-69c3e5d0284b", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High", "observed_time": {"start_time": "2020-08-19T03:42:17.389Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8d6133774a33636b52c44c349c4e0c7f68d16c9eaaa7b858c33975c38388ed9c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-232b63cf-2225-420d-95c8-fe2e54b54a55", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High", "observed_time": {"start_time": "2020-09-13T03:42:15.863Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a4b0f0059823c1c51ff32370f5d024617785be418f6ba9da48b6dc797eea68f8"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-30471cfd-e315-42e3-92cd-764ca2a1051d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High", "observed_time": {"start_time": "2020-09-01T03:42:17.484Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-43aa9a45cc68cf7b65555df701a4b948824caab5b45657050332dda88cc7a513"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ba078f92-e0e1-4373-9b50-eb420deb89fe", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High", "observed_time": {"start_time": "2020-09-02T03:42:19.580Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0e05bcf1688e4656fc3a11e24e7fedf70272a4246ad5e422c07c1f88d06dc3c2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-aeeccfa9-eed1-4e30-b107-e784409fbfd6", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High", "observed_time": {"start_time": "2020-09-04T03:44:05.365Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8f5c9a98e882e6716413280083db7086e6fe3eaa61327a0a6e025e7336541dac"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5a876588-69c9-4ff1-8f6d-4c1abd9092dc", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High", "observed_time": {"start_time": "2020-08-20T03:42:18.290Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2cfd2330d4cc336e408c087c975e1ef9374e7cf1b6529411050d64e46f80a6a1"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-19703b03-ff26-4f17-abb6-9f8786d90c45", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High", "observed_time": {"start_time": "2020-08-29T03:42:17.844Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-01d35037c1091f331b4de66ead171686aa93629a0a8efaaa23a94fd050ec79e0"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-bb5727fc-7c49-482b-a613-1e17790079ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High", "observed_time": {"start_time": "2020-08-26T03:42:21.692Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8720903f4fe59b6fc5c323108f10613878c29fc15ebc4381cc2a6e27edbd46b2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-7bd32a64-8184-492d-90f4-7b70d79af22f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High", "observed_time": {"start_time": "2020-09-08T03:44:09.487Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-dc04395c0899812b7d91cd4cedca33c02f9f97c5cfeff74c77016c07e2b014bf"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-4b2bd88e-8127-4ea1-8865-b020bf4f7f1d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High", "observed_time": {"start_time": "2020-09-06T03:44:04.841Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3176c1ae80f97fe362e4050fd3d1f0d970a35d6e389de37629633f3297a401cc"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-db133606-fcf8-4be7-b8b4-f60e4889c1b2", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High", "observed_time": {"start_time": "2020-09-14T03:44:11.699Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-825ea0c267a73292817583b0bdeb743a07182cf58ca1dd717131efff3badab61"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-50a3d2f3-843b-40df-93e0-5fc088df3d7d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High", "observed_time": {"start_time": "2020-08-28T03:42:14.950Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cbe0a3a703d1fc937d6152caa998aefe12c9a1fd3208625b23185439125246ba"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-8eb0f036-70bf-43aa-8244-1be38fcd3ff5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High", "observed_time": {"start_time": "2020-08-23T03:42:14.255Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-505565c8aac275b3b4c6973cf4dbf0b5ee2b6bd3b86ac93ab73970835cf099bd"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-6667a3f8-3d44-4f3e-8b0c-725641c4c8ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High", "observed_time": {"start_time": "2020-09-12T03:44:07.198Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6101dca3c3466fe655354a794c8c5fa4cfe8fe23fff37f38231338f69ed50d75"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-34116ba7-bfdd-4523-a2fd-1a4f858dcc6d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High", "observed_time": {"start_time": "2020-08-18T03:42:16.304Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7fe52732eecfc45850e3604e605835d70dcad3ff8ebccd6ff586f106ef06902"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-1d4239d2-5921-4890-9a7d-e1755aa6ef04", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High", "observed_time": {"start_time": "2020-08-30T03:42:16.197Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-adb4aeb9e59034e41e5e2afe753110cf09f980393621092e045d2849d2943c13"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-63134800-b966-4610-89d1-2331b973dc77", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High", "observed_time": {"start_time": "2020-09-10T03:44:07.777Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ad513ebee2c522c99c152784b97f4b27abf7899834292cf779ad2bc8bd20e75c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-0be9605f-faca-4ed3-bf12-408cf04b697e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High", "observed_time": {"start_time": "2020-08-25T03:42:20.275Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3cda5a8af7ce5757a33e7707c3c133f3c5fd85fee7f31c7856a21fdb9d8729ae"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-13ecdd06-3655-4502-b900-10a298ef3126", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High", "observed_time": {"start_time": "2020-08-27T03:42:23.679Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-494eb2c4dc7dcc1117118b2a4595d61f3993aa8f1b13800879abce14fa05efea"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-10ffe439-3a12-48e8-a48c-b21a1c6e4183", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High", "observed_time": {"start_time": "2020-08-24T03:42:19.035Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4c4b36725fa004ef5a44ab2efe13ccdf6cc3368624bdd21828ce3a3cbcb0b45d"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-d4aacead-6007-4320-8696-b1a99ac1c114", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High", "observed_time": {"start_time": "2020-09-03T03:42:17.572Z"}}], "revListOrder": 1}], "selectedObservables": [{"uuid": "9d3d1b62-4702-4c98-9e11-4283b9accd97", "observable": {"key": "ce8f0870-1456-41ff-889e-7ce2ffbe9721", "value": "http://0win365.com/wp-admin/sites/", "indicators": [{"description": "URLhaus is a project operated by abuse.ch with thepurpose of sharing malicious URLs that are being usedfor malware distribution.", "valid_time": {"start_time": "2020-08-06T03:42:26.362Z", "end_time": "2525-01-01T00:00:00.000Z"}, "producer": "Abuse.ch", "schema_version": "1.0.16", "type": "indicator", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-495e8322a86ba11f771a0fa1a4c8dc2680559eea453c99382588830fe5eb8718"], "short_description": "Abuse.ch URLhaus Malware URL Exchange", "title": "Abuse.ch URLhaus DB Feed", "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-06T04:36:09.833Z"}], "type": "url", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "http://0win365.com/wp-admin/sites/", "id": "1bac5cca", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "schema_version": "1.0.22", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/url/http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F/summary", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881", "severity": "High", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "schema_version": "1.1.3", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F", "disposition_name": "Suspicious", "priority": 90, "id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8", "severity": "Medium", "tlp": "white", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-27T03:42:23.679Z", "end_time": "2020-09-26T03:42:23.679Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0c9a87422c7833ee49035928c849f9636968992e094322e803d33ffb3ec1b419"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0f4ea20e-605c-4089-910c-bab8f7025843", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-13T03:42:15.863Z", "end_time": "2020-10-13T03:42:15.863Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0ba84d907a0a309b0e65a87aea46a5ea56a5fbbb5a1b6699780473c84f7b701b"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-dd2ea1df-c35f-4179-badd-de8a6eeea695", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-11T03:44:06.846Z", "end_time": "2020-10-11T03:44:06.846Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cf0c4fb472d41c3c49288e2a5b78ce5277732e4d03fa137c04861cb035117c8f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-77d73961-0cac-4640-b5d4-e1d3a74f7456", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-09T03:44:11.567Z", "end_time": "2020-10-09T03:44:11.567Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4df6110cd7b8f0b4a7b487b6239c0b7d40853404e9bdd6c17d343ce231772db8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f7a88969-e90f-4297-8dbf-7356b802fff1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-30T03:42:16.197Z", "end_time": "2020-09-29T03:42:16.197Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c2e2dbb2ce411c484fa7d5bcfa39589b5ef9c83295c815a5110b6d854a1d946d"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-9bf5aa39-28df-46b3-9a21-6175356911d5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-26T03:42:21.692Z", "end_time": "2020-09-25T03:42:21.692Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a2670912ec05f302c51e0e48d6e2cc9b9ea4a7b076a46ba205f716ee69086539"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-50b88817-cd08-48af-bd16-86dee2af8520", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-18T03:42:16.304Z", "end_time": "2020-09-17T03:42:16.304Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a9bec042ce0bfa3ad7fec262fd5a810ef3d1044a38df3a691c3ddddf99e4e54f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b7e28f6c-c16c-46e4-bc5c-c29a1349c006", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-05T03:42:13.794Z", "end_time": "2020-10-05T03:42:13.794Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-92aaeab133a2671f2b2560f3f36123e4242e2652abd0be54e6b7ab36b6fa5a74"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0bc944d3-70ee-4ade-8100-00c8954513b4", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-20T03:42:18.290Z", "end_time": "2020-09-19T03:42:18.290Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0b49c77e991bd3dae139e0d0003d0ccc64ac28b9fb530f4d65193187bc7c257f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-38b5af39-5fa4-4b7d-b5c9-565b5563632a", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-29T03:42:17.844Z", "end_time": "2020-09-28T03:42:17.844Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2d6d243a94aba36a312f7a3bba47821d2be0534ce40a14254eef0173f48dd739"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-456759c9-0387-4530-bce3-bf148c3b8594", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-10T03:44:07.777Z", "end_time": "2020-10-10T03:44:07.777Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d57ecdbd717fcf95bd7afa03ec497a62a5de738108b686bad476d2152289c8fe"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b5bb11be-1742-4b0c-93ce-fc2547e02d1b", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-02T03:42:19.580Z", "end_time": "2020-10-02T03:42:19.580Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-097f1439cfd0002db60be0543f5c60218741bb4c829ddc2aee8d1277a1bbae76"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-e804c536-3031-4dc0-9d7c-f13df622837f", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-14T03:44:11.699Z", "end_time": "2020-10-14T03:44:11.699Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d52ac55cd2579fa04ffb2ceb16b8923ca01ff3e1c30838ab7534580a2fac42a6"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-88588aef-2ade-4a31-93d7-c2e36b0d4034", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-08T03:44:09.487Z", "end_time": "2020-10-08T03:44:09.487Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-db1ae1eca16aeb5256b2ce1c8743c60bbc0c683cd63802b477055835ac61d599"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fedb9822-599d-4fb0-b468-be0f862103d9", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-25T03:42:20.275Z", "end_time": "2020-09-24T03:42:20.275Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0a0237d5d3def521eeb5f95e46867feb47f3a35eac7922c8a9a4e1b4598de73e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-4a7eae43-7ee1-41f6-bbe9-5f243c62debe", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-06T03:44:04.841Z", "end_time": "2020-10-06T03:44:04.841Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3563b7e120ccdbfa13eb93876dce997382f8f5bd1d3d7fb479516a5572cdf760"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8807d8e0-373f-4d9c-a1c3-5cced0f07d8c", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-04T03:44:05.365Z", "end_time": "2020-10-04T03:44:05.365Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bea9e6709f8925ffabda87dd03ec3c2965e1968d045e2a9ad3029a31e65b1187"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-27134e8d-b3e9-4ffa-b8f2-5c2387f1d9a2", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-03T03:42:17.572Z", "end_time": "2020-10-03T03:42:17.572Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-95728fa592a408b8d172655bf6ffbdb82e8560fc32f0dffa17497916f82e7aab"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-05917599-b89e-44fd-ad38-c0ca86c55284", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-15T03:44:07.613Z", "end_time": "2020-10-15T03:44:07.613Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c194e629581c938811c02963758d8a267fc64084c057302ac5b71b00209f7ff8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-24a2b6ef-eaca-42bc-8b72-10939e82a5e5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-01T03:42:17.484Z", "end_time": "2020-10-01T03:42:17.484Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-061613d6bc4db484985687c0d132d3b0ec9765fbe78e438cbf60c5b4b05f0820"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8d79391f-ccce-4370-b2de-3a9ba3ba5223", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-07T03:44:09.031Z", "end_time": "2020-10-07T03:44:09.031Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-9d8ce679c673e9dc14068827ede03d0855245552c371c2eb5b17eed8891dc89a"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f41eaef8-6681-4453-bc18-e761dbaf1188", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-12T03:44:07.198Z", "end_time": "2020-10-12T03:44:07.198Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-abe595e32c080b469c305e0ad7d1a62121fdf768d1ed79cea114a6ba07229de8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-78f51b61-921e-4da7-8c8e-baccf7eea503", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-16T03:44:03.541Z", "end_time": "2020-10-16T03:44:03.541Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7c49c163daa78d00b9f5a92e7db3b77975ffe590c2bf014a9f356a110359d1e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b4a27d52-4b30-4e47-979d-e840e1f0b123", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-24T03:42:19.035Z", "end_time": "2020-09-23T03:42:19.035Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-37e10fd140dde5516c179fe87a6c2a7e9fba2f06622f7e84f38be61f196880e7"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fa98a557-4038-46da-b484-c06f8ff26cba", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-22T03:42:20.082Z", "end_time": "2020-09-21T03:42:20.082Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f6d53a24e78217737a3f7f1afedd43c980708649d5dbeeea891809f5360146d9"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8371f552-8047-481f-b6f0-5c127e265a50", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-21T03:42:17.195Z", "end_time": "2020-09-20T03:42:17.195Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f432a7f6a8c7bf5ce5eee3e0726519fc4e9e2af318952e4b9af219a11c6a1baa"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-344e2d02-b1fc-4a1e-96fd-a792382e82d1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-23T03:42:14.255Z", "end_time": "2020-09-22T03:42:14.255Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b5b21d47f50dc2cbb50381f869dc39f2c3eb809e745f5544d168b350872dd9e0"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-bf037577-c045-410c-a711-ae9fccdc86c1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-19T03:42:17.389Z", "end_time": "2020-09-18T03:42:17.389Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c1080f31bc1a4986a1ad87a9c2ca65b066fd312218ab12442fffebad88a0e25c"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-3e1fbc4b-87d9-495c-9201-d2873a82e7a3", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-28T03:42:14.950Z", "end_time": "2020-09-27T03:42:14.950Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-1ea4a178ac57556b3ea8922a5678f8982f34391ed4628f01cbb0d91c201e027f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-690c5818-d742-4a4a-9090-59b5f4f4a7d7", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-31T03:42:19.101Z", "end_time": "2020-09-30T03:42:19.101Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-174820c73e61c6a34d745c20c4841bd7912417c1f8114d2cd6bc42da35540162"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-a9f6c620-8ea8-4d02-ab62-8843a382b949", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High"}], "sightings": [{"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-e9979ee698bba926de30c903b825044bdb6fb6fbb0f7a4a28da470b07e167f68"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-dab40bc7-359a-4ece-8c85-18b269ef50f5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High", "observed_time": {"start_time": "2020-08-22T03:42:20.082Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bb2e5c7fa59980443bf24e1b5f59271a4880257cc4f475f3066f7862cde7cf96"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ffc75cf7-1793-4ee1-a8d6-afaa81926b62", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High", "observed_time": {"start_time": "2020-09-07T03:44:09.031Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-7705128231e9ba796191bbf0908f6299a4eed20dcdc0d88630ce60919fe1d8aa"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-2112dc04-e8d1-4090-97f2-cfe6a0807712", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High", "observed_time": {"start_time": "2020-09-11T03:44:06.846Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-444cde78bbe44723f6a35f2ff7515bedc9ff63737335575be086221eb4f6c333"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-177ad514-08af-4f0a-b1bc-a1c062a59e5f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High", "observed_time": {"start_time": "2020-09-05T03:42:13.794Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2196aeefea16b8e3dda0d6b7f2e28859a52735872ba7aa3852c53962f7817e1e"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-f073d02b-73d8-46d8-a079-cb818301c19e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High", "observed_time": {"start_time": "2020-08-31T03:42:19.101Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-561a01fc837a7202f65757d77406ec7a7ae4fa570d0a98ea680b350965f86871"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-12621160-29d0-4f0b-95a9-14b9c0f4d46f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High", "observed_time": {"start_time": "2020-08-21T03:42:17.195Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ceb72ba9c47a916b4cc26114a5b73013d2f669f6d5e80f20e3496be3c756b307"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-e43d7ca8-11c0-473c-870f-970fc460c361", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High", "observed_time": {"start_time": "2020-09-16T03:44:03.541Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c43d3c3492838fde791edeeac428f779750aeb9aea450221ba1b3599f5d62606"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-a74ae08c-ceae-4de9-9429-7f1bdcdef394", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High", "observed_time": {"start_time": "2020-09-15T03:44:07.613Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6b6b2bbea6523155c38f4bd60182a11e853a941a098612f46e8a4ff2cf9d1403"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-993a3f14-eb9e-40f6-87a0-b713e2e8dbec", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High", "observed_time": {"start_time": "2020-09-09T03:44:11.567Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-fc4d14e9d9c06a67af99b34dfbd276fdc1ae4fbe26b6e0449a53100c50b39f8c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5bc7df70-2b0c-4cc8-9ed0-69c3e5d0284b", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High", "observed_time": {"start_time": "2020-08-19T03:42:17.389Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8d6133774a33636b52c44c349c4e0c7f68d16c9eaaa7b858c33975c38388ed9c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-232b63cf-2225-420d-95c8-fe2e54b54a55", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High", "observed_time": {"start_time": "2020-09-13T03:42:15.863Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a4b0f0059823c1c51ff32370f5d024617785be418f6ba9da48b6dc797eea68f8"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-30471cfd-e315-42e3-92cd-764ca2a1051d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High", "observed_time": {"start_time": "2020-09-01T03:42:17.484Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-43aa9a45cc68cf7b65555df701a4b948824caab5b45657050332dda88cc7a513"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ba078f92-e0e1-4373-9b50-eb420deb89fe", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High", "observed_time": {"start_time": "2020-09-02T03:42:19.580Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0e05bcf1688e4656fc3a11e24e7fedf70272a4246ad5e422c07c1f88d06dc3c2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-aeeccfa9-eed1-4e30-b107-e784409fbfd6", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High", "observed_time": {"start_time": "2020-09-04T03:44:05.365Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8f5c9a98e882e6716413280083db7086e6fe3eaa61327a0a6e025e7336541dac"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5a876588-69c9-4ff1-8f6d-4c1abd9092dc", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High", "observed_time": {"start_time": "2020-08-20T03:42:18.290Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2cfd2330d4cc336e408c087c975e1ef9374e7cf1b6529411050d64e46f80a6a1"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-19703b03-ff26-4f17-abb6-9f8786d90c45", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High", "observed_time": {"start_time": "2020-08-29T03:42:17.844Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-01d35037c1091f331b4de66ead171686aa93629a0a8efaaa23a94fd050ec79e0"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-bb5727fc-7c49-482b-a613-1e17790079ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High", "observed_time": {"start_time": "2020-08-26T03:42:21.692Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8720903f4fe59b6fc5c323108f10613878c29fc15ebc4381cc2a6e27edbd46b2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-7bd32a64-8184-492d-90f4-7b70d79af22f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High", "observed_time": {"start_time": "2020-09-08T03:44:09.487Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-dc04395c0899812b7d91cd4cedca33c02f9f97c5cfeff74c77016c07e2b014bf"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-4b2bd88e-8127-4ea1-8865-b020bf4f7f1d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High", "observed_time": {"start_time": "2020-09-06T03:44:04.841Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3176c1ae80f97fe362e4050fd3d1f0d970a35d6e389de37629633f3297a401cc"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-db133606-fcf8-4be7-b8b4-f60e4889c1b2", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High", "observed_time": {"start_time": "2020-09-14T03:44:11.699Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-825ea0c267a73292817583b0bdeb743a07182cf58ca1dd717131efff3badab61"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-50a3d2f3-843b-40df-93e0-5fc088df3d7d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High", "observed_time": {"start_time": "2020-08-28T03:42:14.950Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cbe0a3a703d1fc937d6152caa998aefe12c9a1fd3208625b23185439125246ba"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-8eb0f036-70bf-43aa-8244-1be38fcd3ff5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High", "observed_time": {"start_time": "2020-08-23T03:42:14.255Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-505565c8aac275b3b4c6973cf4dbf0b5ee2b6bd3b86ac93ab73970835cf099bd"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-6667a3f8-3d44-4f3e-8b0c-725641c4c8ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High", "observed_time": {"start_time": "2020-09-12T03:44:07.198Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6101dca3c3466fe655354a794c8c5fa4cfe8fe23fff37f38231338f69ed50d75"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-34116ba7-bfdd-4523-a2fd-1a4f858dcc6d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High", "observed_time": {"start_time": "2020-08-18T03:42:16.304Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7fe52732eecfc45850e3604e605835d70dcad3ff8ebccd6ff586f106ef06902"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-1d4239d2-5921-4890-9a7d-e1755aa6ef04", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High", "observed_time": {"start_time": "2020-08-30T03:42:16.197Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-adb4aeb9e59034e41e5e2afe753110cf09f980393621092e045d2849d2943c13"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-63134800-b966-4610-89d1-2331b973dc77", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High", "observed_time": {"start_time": "2020-09-10T03:44:07.777Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ad513ebee2c522c99c152784b97f4b27abf7899834292cf779ad2bc8bd20e75c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-0be9605f-faca-4ed3-bf12-408cf04b697e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High", "observed_time": {"start_time": "2020-08-25T03:42:20.275Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3cda5a8af7ce5757a33e7707c3c133f3c5fd85fee7f31c7856a21fdb9d8729ae"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-13ecdd06-3655-4502-b900-10a298ef3126", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High", "observed_time": {"start_time": "2020-08-27T03:42:23.679Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-494eb2c4dc7dcc1117118b2a4595d61f3993aa8f1b13800879abce14fa05efea"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-10ffe439-3a12-48e8-a48c-b21a1c6e4183", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High", "observed_time": {"start_time": "2020-08-24T03:42:19.035Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4c4b36725fa004ef5a44ab2efe13ccdf6cc3368624bdd21828ce3a3cbcb0b45d"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-d4aacead-6007-4320-8696-b1a99ac1c114", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High", "observed_time": {"start_time": "2020-09-03T03:42:17.572Z"}}], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "url", "value": "http://0win365.com/wp-admin/sites/", "id": "1bac5cca"}], "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-1f74c8d5-12eb-480a-b27c-066c5ff422af", "tlp": "amber", "groups": ["60c63e6e-a341-4990-8da8-9d432e8be7c0"], "timestamp": "2021-03-05T10:42:36.669Z", "owner": "d67071e5-7738-49a4-b315-4117b30a086b"}
\ No newline at end of file
+{"description": "Palo Alto url", "searchHistory": {"selectedObservables": [{"uuid": "9d3d1b62-4702-4c98-9e11-4283b9accd97", "observable": {"key": "ce8f0870-1456-41ff-889e-7ce2ffbe9721", "value": "http://0win365.com/wp-admin/sites/", "indicators": [{"description": "URLhaus is a project operated by abuse.ch with thepurpose of sharing malicious URLs that are being usedfor malware distribution.", "valid_time": {"start_time": "2020-08-06T03:42:26.362Z", "end_time": "2525-01-01T00:00:00.000Z"}, "producer": "Abuse.ch", "schema_version": "1.0.16", "type": "indicator", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-495e8322a86ba11f771a0fa1a4c8dc2680559eea453c99382588830fe5eb8718"], "short_description": "Abuse.ch URLhaus Malware URL Exchange", "title": "Abuse.ch URLhaus DB Feed", "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-06T04:36:09.833Z"}], "type": "url", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "http://0win365.com/wp-admin/sites/", "id": "1bac5cca", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "schema_version": "1.0.22", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/url/http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F/summary", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881", "severity": "High", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "schema_version": "1.1.3", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F", "disposition_name": "Suspicious", "priority": 90, "id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8", "severity": "Medium", "tlp": "white", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-27T03:42:23.679Z", "end_time": "2020-09-26T03:42:23.679Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0c9a87422c7833ee49035928c849f9636968992e094322e803d33ffb3ec1b419"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0f4ea20e-605c-4089-910c-bab8f7025843", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-13T03:42:15.863Z", "end_time": "2020-10-13T03:42:15.863Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0ba84d907a0a309b0e65a87aea46a5ea56a5fbbb5a1b6699780473c84f7b701b"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-dd2ea1df-c35f-4179-badd-de8a6eeea695", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-11T03:44:06.846Z", "end_time": "2020-10-11T03:44:06.846Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cf0c4fb472d41c3c49288e2a5b78ce5277732e4d03fa137c04861cb035117c8f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-77d73961-0cac-4640-b5d4-e1d3a74f7456", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-09T03:44:11.567Z", "end_time": "2020-10-09T03:44:11.567Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4df6110cd7b8f0b4a7b487b6239c0b7d40853404e9bdd6c17d343ce231772db8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f7a88969-e90f-4297-8dbf-7356b802fff1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-30T03:42:16.197Z", "end_time": "2020-09-29T03:42:16.197Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c2e2dbb2ce411c484fa7d5bcfa39589b5ef9c83295c815a5110b6d854a1d946d"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-9bf5aa39-28df-46b3-9a21-6175356911d5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-26T03:42:21.692Z", "end_time": "2020-09-25T03:42:21.692Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a2670912ec05f302c51e0e48d6e2cc9b9ea4a7b076a46ba205f716ee69086539"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-50b88817-cd08-48af-bd16-86dee2af8520", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-18T03:42:16.304Z", "end_time": "2020-09-17T03:42:16.304Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a9bec042ce0bfa3ad7fec262fd5a810ef3d1044a38df3a691c3ddddf99e4e54f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b7e28f6c-c16c-46e4-bc5c-c29a1349c006", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-05T03:42:13.794Z", "end_time": "2020-10-05T03:42:13.794Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-92aaeab133a2671f2b2560f3f36123e4242e2652abd0be54e6b7ab36b6fa5a74"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0bc944d3-70ee-4ade-8100-00c8954513b4", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-20T03:42:18.290Z", "end_time": "2020-09-19T03:42:18.290Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0b49c77e991bd3dae139e0d0003d0ccc64ac28b9fb530f4d65193187bc7c257f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-38b5af39-5fa4-4b7d-b5c9-565b5563632a", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-29T03:42:17.844Z", "end_time": "2020-09-28T03:42:17.844Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2d6d243a94aba36a312f7a3bba47821d2be0534ce40a14254eef0173f48dd739"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-456759c9-0387-4530-bce3-bf148c3b8594", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-10T03:44:07.777Z", "end_time": "2020-10-10T03:44:07.777Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d57ecdbd717fcf95bd7afa03ec497a62a5de738108b686bad476d2152289c8fe"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b5bb11be-1742-4b0c-93ce-fc2547e02d1b", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-02T03:42:19.580Z", "end_time": "2020-10-02T03:42:19.580Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-097f1439cfd0002db60be0543f5c60218741bb4c829ddc2aee8d1277a1bbae76"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-e804c536-3031-4dc0-9d7c-f13df622837f", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-14T03:44:11.699Z", "end_time": "2020-10-14T03:44:11.699Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d52ac55cd2579fa04ffb2ceb16b8923ca01ff3e1c30838ab7534580a2fac42a6"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-88588aef-2ade-4a31-93d7-c2e36b0d4034", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-08T03:44:09.487Z", "end_time": "2020-10-08T03:44:09.487Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-db1ae1eca16aeb5256b2ce1c8743c60bbc0c683cd63802b477055835ac61d599"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fedb9822-599d-4fb0-b468-be0f862103d9", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-25T03:42:20.275Z", "end_time": "2020-09-24T03:42:20.275Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0a0237d5d3def521eeb5f95e46867feb47f3a35eac7922c8a9a4e1b4598de73e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-4a7eae43-7ee1-41f6-bbe9-5f243c62debe", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-06T03:44:04.841Z", "end_time": "2020-10-06T03:44:04.841Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3563b7e120ccdbfa13eb93876dce997382f8f5bd1d3d7fb479516a5572cdf760"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8807d8e0-373f-4d9c-a1c3-5cced0f07d8c", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-04T03:44:05.365Z", "end_time": "2020-10-04T03:44:05.365Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bea9e6709f8925ffabda87dd03ec3c2965e1968d045e2a9ad3029a31e65b1187"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-27134e8d-b3e9-4ffa-b8f2-5c2387f1d9a2", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-03T03:42:17.572Z", "end_time": "2020-10-03T03:42:17.572Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-95728fa592a408b8d172655bf6ffbdb82e8560fc32f0dffa17497916f82e7aab"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-05917599-b89e-44fd-ad38-c0ca86c55284", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-15T03:44:07.613Z", "end_time": "2020-10-15T03:44:07.613Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c194e629581c938811c02963758d8a267fc64084c057302ac5b71b00209f7ff8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-24a2b6ef-eaca-42bc-8b72-10939e82a5e5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-01T03:42:17.484Z", "end_time": "2020-10-01T03:42:17.484Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-061613d6bc4db484985687c0d132d3b0ec9765fbe78e438cbf60c5b4b05f0820"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8d79391f-ccce-4370-b2de-3a9ba3ba5223", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-07T03:44:09.031Z", "end_time": "2020-10-07T03:44:09.031Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-9d8ce679c673e9dc14068827ede03d0855245552c371c2eb5b17eed8891dc89a"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f41eaef8-6681-4453-bc18-e761dbaf1188", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-12T03:44:07.198Z", "end_time": "2020-10-12T03:44:07.198Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-abe595e32c080b469c305e0ad7d1a62121fdf768d1ed79cea114a6ba07229de8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-78f51b61-921e-4da7-8c8e-baccf7eea503", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-16T03:44:03.541Z", "end_time": "2020-10-16T03:44:03.541Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7c49c163daa78d00b9f5a92e7db3b77975ffe590c2bf014a9f356a110359d1e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b4a27d52-4b30-4e47-979d-e840e1f0b123", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-24T03:42:19.035Z", "end_time": "2020-09-23T03:42:19.035Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-37e10fd140dde5516c179fe87a6c2a7e9fba2f06622f7e84f38be61f196880e7"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fa98a557-4038-46da-b484-c06f8ff26cba", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-22T03:42:20.082Z", "end_time": "2020-09-21T03:42:20.082Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f6d53a24e78217737a3f7f1afedd43c980708649d5dbeeea891809f5360146d9"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8371f552-8047-481f-b6f0-5c127e265a50", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-21T03:42:17.195Z", "end_time": "2020-09-20T03:42:17.195Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f432a7f6a8c7bf5ce5eee3e0726519fc4e9e2af318952e4b9af219a11c6a1baa"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-344e2d02-b1fc-4a1e-96fd-a792382e82d1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-23T03:42:14.255Z", "end_time": "2020-09-22T03:42:14.255Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b5b21d47f50dc2cbb50381f869dc39f2c3eb809e745f5544d168b350872dd9e0"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-bf037577-c045-410c-a711-ae9fccdc86c1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-19T03:42:17.389Z", "end_time": "2020-09-18T03:42:17.389Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c1080f31bc1a4986a1ad87a9c2ca65b066fd312218ab12442fffebad88a0e25c"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-3e1fbc4b-87d9-495c-9201-d2873a82e7a3", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-28T03:42:14.950Z", "end_time": "2020-09-27T03:42:14.950Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-1ea4a178ac57556b3ea8922a5678f8982f34391ed4628f01cbb0d91c201e027f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-690c5818-d742-4a4a-9090-59b5f4f4a7d7", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-31T03:42:19.101Z", "end_time": "2020-09-30T03:42:19.101Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-174820c73e61c6a34d745c20c4841bd7912417c1f8114d2cd6bc42da35540162"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-a9f6c620-8ea8-4d02-ab62-8843a382b949", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High"}], "sightings": [{"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-e9979ee698bba926de30c903b825044bdb6fb6fbb0f7a4a28da470b07e167f68"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-dab40bc7-359a-4ece-8c85-18b269ef50f5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High", "observed_time": {"start_time": "2020-08-22T03:42:20.082Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bb2e5c7fa59980443bf24e1b5f59271a4880257cc4f475f3066f7862cde7cf96"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ffc75cf7-1793-4ee1-a8d6-afaa81926b62", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High", "observed_time": {"start_time": "2020-09-07T03:44:09.031Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-7705128231e9ba796191bbf0908f6299a4eed20dcdc0d88630ce60919fe1d8aa"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-2112dc04-e8d1-4090-97f2-cfe6a0807712", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High", "observed_time": {"start_time": "2020-09-11T03:44:06.846Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-444cde78bbe44723f6a35f2ff7515bedc9ff63737335575be086221eb4f6c333"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-177ad514-08af-4f0a-b1bc-a1c062a59e5f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High", "observed_time": {"start_time": "2020-09-05T03:42:13.794Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2196aeefea16b8e3dda0d6b7f2e28859a52735872ba7aa3852c53962f7817e1e"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-f073d02b-73d8-46d8-a079-cb818301c19e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High", "observed_time": {"start_time": "2020-08-31T03:42:19.101Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-561a01fc837a7202f65757d77406ec7a7ae4fa570d0a98ea680b350965f86871"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-12621160-29d0-4f0b-95a9-14b9c0f4d46f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High", "observed_time": {"start_time": "2020-08-21T03:42:17.195Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ceb72ba9c47a916b4cc26114a5b73013d2f669f6d5e80f20e3496be3c756b307"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-e43d7ca8-11c0-473c-870f-970fc460c361", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High", "observed_time": {"start_time": "2020-09-16T03:44:03.541Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c43d3c3492838fde791edeeac428f779750aeb9aea450221ba1b3599f5d62606"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-a74ae08c-ceae-4de9-9429-7f1bdcdef394", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High", "observed_time": {"start_time": "2020-09-15T03:44:07.613Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6b6b2bbea6523155c38f4bd60182a11e853a941a098612f46e8a4ff2cf9d1403"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-993a3f14-eb9e-40f6-87a0-b713e2e8dbec", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High", "observed_time": {"start_time": "2020-09-09T03:44:11.567Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-fc4d14e9d9c06a67af99b34dfbd276fdc1ae4fbe26b6e0449a53100c50b39f8c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5bc7df70-2b0c-4cc8-9ed0-69c3e5d0284b", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High", "observed_time": {"start_time": "2020-08-19T03:42:17.389Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8d6133774a33636b52c44c349c4e0c7f68d16c9eaaa7b858c33975c38388ed9c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-232b63cf-2225-420d-95c8-fe2e54b54a55", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High", "observed_time": {"start_time": "2020-09-13T03:42:15.863Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a4b0f0059823c1c51ff32370f5d024617785be418f6ba9da48b6dc797eea68f8"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-30471cfd-e315-42e3-92cd-764ca2a1051d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High", "observed_time": {"start_time": "2020-09-01T03:42:17.484Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-43aa9a45cc68cf7b65555df701a4b948824caab5b45657050332dda88cc7a513"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ba078f92-e0e1-4373-9b50-eb420deb89fe", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High", "observed_time": {"start_time": "2020-09-02T03:42:19.580Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0e05bcf1688e4656fc3a11e24e7fedf70272a4246ad5e422c07c1f88d06dc3c2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-aeeccfa9-eed1-4e30-b107-e784409fbfd6", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High", "observed_time": {"start_time": "2020-09-04T03:44:05.365Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8f5c9a98e882e6716413280083db7086e6fe3eaa61327a0a6e025e7336541dac"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5a876588-69c9-4ff1-8f6d-4c1abd9092dc", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High", "observed_time": {"start_time": "2020-08-20T03:42:18.290Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2cfd2330d4cc336e408c087c975e1ef9374e7cf1b6529411050d64e46f80a6a1"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-19703b03-ff26-4f17-abb6-9f8786d90c45", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High", "observed_time": {"start_time": "2020-08-29T03:42:17.844Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-01d35037c1091f331b4de66ead171686aa93629a0a8efaaa23a94fd050ec79e0"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-bb5727fc-7c49-482b-a613-1e17790079ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High", "observed_time": {"start_time": "2020-08-26T03:42:21.692Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8720903f4fe59b6fc5c323108f10613878c29fc15ebc4381cc2a6e27edbd46b2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-7bd32a64-8184-492d-90f4-7b70d79af22f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High", "observed_time": {"start_time": "2020-09-08T03:44:09.487Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-dc04395c0899812b7d91cd4cedca33c02f9f97c5cfeff74c77016c07e2b014bf"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-4b2bd88e-8127-4ea1-8865-b020bf4f7f1d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High", "observed_time": {"start_time": "2020-09-06T03:44:04.841Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3176c1ae80f97fe362e4050fd3d1f0d970a35d6e389de37629633f3297a401cc"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-db133606-fcf8-4be7-b8b4-f60e4889c1b2", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High", "observed_time": {"start_time": "2020-09-14T03:44:11.699Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-825ea0c267a73292817583b0bdeb743a07182cf58ca1dd717131efff3badab61"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-50a3d2f3-843b-40df-93e0-5fc088df3d7d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High", "observed_time": {"start_time": "2020-08-28T03:42:14.950Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cbe0a3a703d1fc937d6152caa998aefe12c9a1fd3208625b23185439125246ba"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-8eb0f036-70bf-43aa-8244-1be38fcd3ff5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High", "observed_time": {"start_time": "2020-08-23T03:42:14.255Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-505565c8aac275b3b4c6973cf4dbf0b5ee2b6bd3b86ac93ab73970835cf099bd"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-6667a3f8-3d44-4f3e-8b0c-725641c4c8ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High", "observed_time": {"start_time": "2020-09-12T03:44:07.198Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6101dca3c3466fe655354a794c8c5fa4cfe8fe23fff37f38231338f69ed50d75"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-34116ba7-bfdd-4523-a2fd-1a4f858dcc6d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High", "observed_time": {"start_time": "2020-08-18T03:42:16.304Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7fe52732eecfc45850e3604e605835d70dcad3ff8ebccd6ff586f106ef06902"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-1d4239d2-5921-4890-9a7d-e1755aa6ef04", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High", "observed_time": {"start_time": "2020-08-30T03:42:16.197Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-adb4aeb9e59034e41e5e2afe753110cf09f980393621092e045d2849d2943c13"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-63134800-b966-4610-89d1-2331b973dc77", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High", "observed_time": {"start_time": "2020-09-10T03:44:07.777Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ad513ebee2c522c99c152784b97f4b27abf7899834292cf779ad2bc8bd20e75c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-0be9605f-faca-4ed3-bf12-408cf04b697e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High", "observed_time": {"start_time": "2020-08-25T03:42:20.275Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3cda5a8af7ce5757a33e7707c3c133f3c5fd85fee7f31c7856a21fdb9d8729ae"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-13ecdd06-3655-4502-b900-10a298ef3126", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High", "observed_time": {"start_time": "2020-08-27T03:42:23.679Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-494eb2c4dc7dcc1117118b2a4595d61f3993aa8f1b13800879abce14fa05efea"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-10ffe439-3a12-48e8-a48c-b21a1c6e4183", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High", "observed_time": {"start_time": "2020-08-24T03:42:19.035Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4c4b36725fa004ef5a44ab2efe13ccdf6cc3368624bdd21828ce3a3cbcb0b45d"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-d4aacead-6007-4320-8696-b1a99ac1c114", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High", "observed_time": {"start_time": "2020-09-03T03:42:17.572Z"}}], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "url", "value": "http://0win365.com/wp-admin/sites/", "id": "1bac5cca"}], "omittedObservables": [], "archivedObservables": [{"key": "ce8f0870-1456-41ff-889e-7ce2ffbe9721", "value": "http://0win365.com/wp-admin/sites/", "indicators": [{"description": "URLhaus is a project operated by abuse.ch with thepurpose of sharing malicious URLs that are being usedfor malware distribution.", "valid_time": {"start_time": "2020-08-06T03:42:26.362Z", "end_time": "2525-01-01T00:00:00.000Z"}, "producer": "Abuse.ch", "schema_version": "1.0.16", "type": "indicator", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-495e8322a86ba11f771a0fa1a4c8dc2680559eea453c99382588830fe5eb8718"], "short_description": "Abuse.ch URLhaus Malware URL Exchange", "title": "Abuse.ch URLhaus DB Feed", "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-06T04:36:09.833Z"}], "type": "url", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "http://0win365.com/wp-admin/sites/", "id": "1bac5cca", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "schema_version": "1.0.22", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/url/http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F/summary", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881", "severity": "High", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "schema_version": "1.1.3", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F", "disposition_name": "Suspicious", "priority": 90, "id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8", "severity": "Medium", "tlp": "white", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-27T03:42:23.679Z", "end_time": "2020-09-26T03:42:23.679Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0c9a87422c7833ee49035928c849f9636968992e094322e803d33ffb3ec1b419"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0f4ea20e-605c-4089-910c-bab8f7025843", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-13T03:42:15.863Z", "end_time": "2020-10-13T03:42:15.863Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0ba84d907a0a309b0e65a87aea46a5ea56a5fbbb5a1b6699780473c84f7b701b"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-dd2ea1df-c35f-4179-badd-de8a6eeea695", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-11T03:44:06.846Z", "end_time": "2020-10-11T03:44:06.846Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cf0c4fb472d41c3c49288e2a5b78ce5277732e4d03fa137c04861cb035117c8f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-77d73961-0cac-4640-b5d4-e1d3a74f7456", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-09T03:44:11.567Z", "end_time": "2020-10-09T03:44:11.567Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4df6110cd7b8f0b4a7b487b6239c0b7d40853404e9bdd6c17d343ce231772db8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f7a88969-e90f-4297-8dbf-7356b802fff1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-30T03:42:16.197Z", "end_time": "2020-09-29T03:42:16.197Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c2e2dbb2ce411c484fa7d5bcfa39589b5ef9c83295c815a5110b6d854a1d946d"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-9bf5aa39-28df-46b3-9a21-6175356911d5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-26T03:42:21.692Z", "end_time": "2020-09-25T03:42:21.692Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a2670912ec05f302c51e0e48d6e2cc9b9ea4a7b076a46ba205f716ee69086539"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-50b88817-cd08-48af-bd16-86dee2af8520", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-18T03:42:16.304Z", "end_time": "2020-09-17T03:42:16.304Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a9bec042ce0bfa3ad7fec262fd5a810ef3d1044a38df3a691c3ddddf99e4e54f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b7e28f6c-c16c-46e4-bc5c-c29a1349c006", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-05T03:42:13.794Z", "end_time": "2020-10-05T03:42:13.794Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-92aaeab133a2671f2b2560f3f36123e4242e2652abd0be54e6b7ab36b6fa5a74"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0bc944d3-70ee-4ade-8100-00c8954513b4", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-20T03:42:18.290Z", "end_time": "2020-09-19T03:42:18.290Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0b49c77e991bd3dae139e0d0003d0ccc64ac28b9fb530f4d65193187bc7c257f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-38b5af39-5fa4-4b7d-b5c9-565b5563632a", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-29T03:42:17.844Z", "end_time": "2020-09-28T03:42:17.844Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2d6d243a94aba36a312f7a3bba47821d2be0534ce40a14254eef0173f48dd739"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-456759c9-0387-4530-bce3-bf148c3b8594", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-10T03:44:07.777Z", "end_time": "2020-10-10T03:44:07.777Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d57ecdbd717fcf95bd7afa03ec497a62a5de738108b686bad476d2152289c8fe"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b5bb11be-1742-4b0c-93ce-fc2547e02d1b", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-02T03:42:19.580Z", "end_time": "2020-10-02T03:42:19.580Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-097f1439cfd0002db60be0543f5c60218741bb4c829ddc2aee8d1277a1bbae76"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-e804c536-3031-4dc0-9d7c-f13df622837f", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-14T03:44:11.699Z", "end_time": "2020-10-14T03:44:11.699Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d52ac55cd2579fa04ffb2ceb16b8923ca01ff3e1c30838ab7534580a2fac42a6"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-88588aef-2ade-4a31-93d7-c2e36b0d4034", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-08T03:44:09.487Z", "end_time": "2020-10-08T03:44:09.487Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-db1ae1eca16aeb5256b2ce1c8743c60bbc0c683cd63802b477055835ac61d599"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fedb9822-599d-4fb0-b468-be0f862103d9", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-25T03:42:20.275Z", "end_time": "2020-09-24T03:42:20.275Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0a0237d5d3def521eeb5f95e46867feb47f3a35eac7922c8a9a4e1b4598de73e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-4a7eae43-7ee1-41f6-bbe9-5f243c62debe", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-06T03:44:04.841Z", "end_time": "2020-10-06T03:44:04.841Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3563b7e120ccdbfa13eb93876dce997382f8f5bd1d3d7fb479516a5572cdf760"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8807d8e0-373f-4d9c-a1c3-5cced0f07d8c", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-04T03:44:05.365Z", "end_time": "2020-10-04T03:44:05.365Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bea9e6709f8925ffabda87dd03ec3c2965e1968d045e2a9ad3029a31e65b1187"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-27134e8d-b3e9-4ffa-b8f2-5c2387f1d9a2", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-03T03:42:17.572Z", "end_time": "2020-10-03T03:42:17.572Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-95728fa592a408b8d172655bf6ffbdb82e8560fc32f0dffa17497916f82e7aab"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-05917599-b89e-44fd-ad38-c0ca86c55284", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-15T03:44:07.613Z", "end_time": "2020-10-15T03:44:07.613Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c194e629581c938811c02963758d8a267fc64084c057302ac5b71b00209f7ff8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-24a2b6ef-eaca-42bc-8b72-10939e82a5e5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-01T03:42:17.484Z", "end_time": "2020-10-01T03:42:17.484Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-061613d6bc4db484985687c0d132d3b0ec9765fbe78e438cbf60c5b4b05f0820"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8d79391f-ccce-4370-b2de-3a9ba3ba5223", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-07T03:44:09.031Z", "end_time": "2020-10-07T03:44:09.031Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-9d8ce679c673e9dc14068827ede03d0855245552c371c2eb5b17eed8891dc89a"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f41eaef8-6681-4453-bc18-e761dbaf1188", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-12T03:44:07.198Z", "end_time": "2020-10-12T03:44:07.198Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-abe595e32c080b469c305e0ad7d1a62121fdf768d1ed79cea114a6ba07229de8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-78f51b61-921e-4da7-8c8e-baccf7eea503", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-16T03:44:03.541Z", "end_time": "2020-10-16T03:44:03.541Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7c49c163daa78d00b9f5a92e7db3b77975ffe590c2bf014a9f356a110359d1e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b4a27d52-4b30-4e47-979d-e840e1f0b123", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-24T03:42:19.035Z", "end_time": "2020-09-23T03:42:19.035Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-37e10fd140dde5516c179fe87a6c2a7e9fba2f06622f7e84f38be61f196880e7"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fa98a557-4038-46da-b484-c06f8ff26cba", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-22T03:42:20.082Z", "end_time": "2020-09-21T03:42:20.082Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f6d53a24e78217737a3f7f1afedd43c980708649d5dbeeea891809f5360146d9"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8371f552-8047-481f-b6f0-5c127e265a50", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-21T03:42:17.195Z", "end_time": "2020-09-20T03:42:17.195Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f432a7f6a8c7bf5ce5eee3e0726519fc4e9e2af318952e4b9af219a11c6a1baa"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-344e2d02-b1fc-4a1e-96fd-a792382e82d1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-23T03:42:14.255Z", "end_time": "2020-09-22T03:42:14.255Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b5b21d47f50dc2cbb50381f869dc39f2c3eb809e745f5544d168b350872dd9e0"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-bf037577-c045-410c-a711-ae9fccdc86c1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-19T03:42:17.389Z", "end_time": "2020-09-18T03:42:17.389Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c1080f31bc1a4986a1ad87a9c2ca65b066fd312218ab12442fffebad88a0e25c"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-3e1fbc4b-87d9-495c-9201-d2873a82e7a3", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-28T03:42:14.950Z", "end_time": "2020-09-27T03:42:14.950Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-1ea4a178ac57556b3ea8922a5678f8982f34391ed4628f01cbb0d91c201e027f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-690c5818-d742-4a4a-9090-59b5f4f4a7d7", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-31T03:42:19.101Z", "end_time": "2020-09-30T03:42:19.101Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-174820c73e61c6a34d745c20c4841bd7912417c1f8114d2cd6bc42da35540162"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-a9f6c620-8ea8-4d02-ab62-8843a382b949", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High"}], "sightings": [{"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-e9979ee698bba926de30c903b825044bdb6fb6fbb0f7a4a28da470b07e167f68"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-dab40bc7-359a-4ece-8c85-18b269ef50f5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High", "observed_time": {"start_time": "2020-08-22T03:42:20.082Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bb2e5c7fa59980443bf24e1b5f59271a4880257cc4f475f3066f7862cde7cf96"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ffc75cf7-1793-4ee1-a8d6-afaa81926b62", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High", "observed_time": {"start_time": "2020-09-07T03:44:09.031Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-7705128231e9ba796191bbf0908f6299a4eed20dcdc0d88630ce60919fe1d8aa"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-2112dc04-e8d1-4090-97f2-cfe6a0807712", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High", "observed_time": {"start_time": "2020-09-11T03:44:06.846Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-444cde78bbe44723f6a35f2ff7515bedc9ff63737335575be086221eb4f6c333"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-177ad514-08af-4f0a-b1bc-a1c062a59e5f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High", "observed_time": {"start_time": "2020-09-05T03:42:13.794Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2196aeefea16b8e3dda0d6b7f2e28859a52735872ba7aa3852c53962f7817e1e"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-f073d02b-73d8-46d8-a079-cb818301c19e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High", "observed_time": {"start_time": "2020-08-31T03:42:19.101Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-561a01fc837a7202f65757d77406ec7a7ae4fa570d0a98ea680b350965f86871"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-12621160-29d0-4f0b-95a9-14b9c0f4d46f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High", "observed_time": {"start_time": "2020-08-21T03:42:17.195Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ceb72ba9c47a916b4cc26114a5b73013d2f669f6d5e80f20e3496be3c756b307"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-e43d7ca8-11c0-473c-870f-970fc460c361", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High", "observed_time": {"start_time": "2020-09-16T03:44:03.541Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c43d3c3492838fde791edeeac428f779750aeb9aea450221ba1b3599f5d62606"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-a74ae08c-ceae-4de9-9429-7f1bdcdef394", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High", "observed_time": {"start_time": "2020-09-15T03:44:07.613Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6b6b2bbea6523155c38f4bd60182a11e853a941a098612f46e8a4ff2cf9d1403"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-993a3f14-eb9e-40f6-87a0-b713e2e8dbec", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High", "observed_time": {"start_time": "2020-09-09T03:44:11.567Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-fc4d14e9d9c06a67af99b34dfbd276fdc1ae4fbe26b6e0449a53100c50b39f8c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5bc7df70-2b0c-4cc8-9ed0-69c3e5d0284b", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High", "observed_time": {"start_time": "2020-08-19T03:42:17.389Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8d6133774a33636b52c44c349c4e0c7f68d16c9eaaa7b858c33975c38388ed9c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-232b63cf-2225-420d-95c8-fe2e54b54a55", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High", "observed_time": {"start_time": "2020-09-13T03:42:15.863Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a4b0f0059823c1c51ff32370f5d024617785be418f6ba9da48b6dc797eea68f8"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-30471cfd-e315-42e3-92cd-764ca2a1051d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High", "observed_time": {"start_time": "2020-09-01T03:42:17.484Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-43aa9a45cc68cf7b65555df701a4b948824caab5b45657050332dda88cc7a513"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ba078f92-e0e1-4373-9b50-eb420deb89fe", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High", "observed_time": {"start_time": "2020-09-02T03:42:19.580Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0e05bcf1688e4656fc3a11e24e7fedf70272a4246ad5e422c07c1f88d06dc3c2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-aeeccfa9-eed1-4e30-b107-e784409fbfd6", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High", "observed_time": {"start_time": "2020-09-04T03:44:05.365Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8f5c9a98e882e6716413280083db7086e6fe3eaa61327a0a6e025e7336541dac"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5a876588-69c9-4ff1-8f6d-4c1abd9092dc", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High", "observed_time": {"start_time": "2020-08-20T03:42:18.290Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2cfd2330d4cc336e408c087c975e1ef9374e7cf1b6529411050d64e46f80a6a1"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-19703b03-ff26-4f17-abb6-9f8786d90c45", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High", "observed_time": {"start_time": "2020-08-29T03:42:17.844Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-01d35037c1091f331b4de66ead171686aa93629a0a8efaaa23a94fd050ec79e0"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-bb5727fc-7c49-482b-a613-1e17790079ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High", "observed_time": {"start_time": "2020-08-26T03:42:21.692Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8720903f4fe59b6fc5c323108f10613878c29fc15ebc4381cc2a6e27edbd46b2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-7bd32a64-8184-492d-90f4-7b70d79af22f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High", "observed_time": {"start_time": "2020-09-08T03:44:09.487Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-dc04395c0899812b7d91cd4cedca33c02f9f97c5cfeff74c77016c07e2b014bf"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-4b2bd88e-8127-4ea1-8865-b020bf4f7f1d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High", "observed_time": {"start_time": "2020-09-06T03:44:04.841Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3176c1ae80f97fe362e4050fd3d1f0d970a35d6e389de37629633f3297a401cc"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-db133606-fcf8-4be7-b8b4-f60e4889c1b2", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High", "observed_time": {"start_time": "2020-09-14T03:44:11.699Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-825ea0c267a73292817583b0bdeb743a07182cf58ca1dd717131efff3badab61"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-50a3d2f3-843b-40df-93e0-5fc088df3d7d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High", "observed_time": {"start_time": "2020-08-28T03:42:14.950Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cbe0a3a703d1fc937d6152caa998aefe12c9a1fd3208625b23185439125246ba"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-8eb0f036-70bf-43aa-8244-1be38fcd3ff5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High", "observed_time": {"start_time": "2020-08-23T03:42:14.255Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-505565c8aac275b3b4c6973cf4dbf0b5ee2b6bd3b86ac93ab73970835cf099bd"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-6667a3f8-3d44-4f3e-8b0c-725641c4c8ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High", "observed_time": {"start_time": "2020-09-12T03:44:07.198Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6101dca3c3466fe655354a794c8c5fa4cfe8fe23fff37f38231338f69ed50d75"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-34116ba7-bfdd-4523-a2fd-1a4f858dcc6d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High", "observed_time": {"start_time": "2020-08-18T03:42:16.304Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7fe52732eecfc45850e3604e605835d70dcad3ff8ebccd6ff586f106ef06902"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-1d4239d2-5921-4890-9a7d-e1755aa6ef04", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High", "observed_time": {"start_time": "2020-08-30T03:42:16.197Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-adb4aeb9e59034e41e5e2afe753110cf09f980393621092e045d2849d2943c13"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-63134800-b966-4610-89d1-2331b973dc77", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High", "observed_time": {"start_time": "2020-09-10T03:44:07.777Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ad513ebee2c522c99c152784b97f4b27abf7899834292cf779ad2bc8bd20e75c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-0be9605f-faca-4ed3-bf12-408cf04b697e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High", "observed_time": {"start_time": "2020-08-25T03:42:20.275Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3cda5a8af7ce5757a33e7707c3c133f3c5fd85fee7f31c7856a21fdb9d8729ae"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-13ecdd06-3655-4502-b900-10a298ef3126", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High", "observed_time": {"start_time": "2020-08-27T03:42:23.679Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-494eb2c4dc7dcc1117118b2a4595d61f3993aa8f1b13800879abce14fa05efea"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-10ffe439-3a12-48e8-a48c-b21a1c6e4183", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High", "observed_time": {"start_time": "2020-08-24T03:42:19.035Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4c4b36725fa004ef5a44ab2efe13ccdf6cc3368624bdd21828ce3a3cbcb0b45d"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-d4aacead-6007-4320-8696-b1a99ac1c114", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High", "observed_time": {"start_time": "2020-09-03T03:42:17.572Z"}}], "revListOrder": 1}]}, "schema_version": "1.1.3", "type": "investigation", "search-txt": "url:\"http://0win365.com/wp-admin/sites/\"", "source": "Test_company Company_test", "actions": "[{\"created-perf\":10466454999.987036,\"updated-perf\":10466454999.987036,\"type\":\"collect\",\"created\":\"2021-03-05T10:42:05.171Z\",\"state\":\"ok\",\"arg\":\"url:http://0win365.com/wp-admin/sites/\",\"result\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"id\":\"collect-1bac5cca\",\"uuid\":\"291fe374-ad0d-44ba-a16f-176a2a4d248c\"},{\"created-perf\":15801470000.064001,\"updated-perf\":15801470000.064001,\"type\":\"investigate\",\"created\":\"2021-03-05T10:42:10.506Z\",\"state\":\"ok\",\"arg\":{\"type\":\"url\",\"value\":\"http://0win365.com/wp-admin/sites/\"},\"result\":{\"data\":[{\"module\":\"AMP Global Intelligence\",\"module_instance_id\":\"b37ff2ee-0ca1-4dbc-936d-a35bf7d5e18f\",\"module_type_id\":\"87563e81-ddc5-5f61-b4f8-dbe71252c922\",\"data\":{\"indicators\":{\"count\":1,\"docs\":[{\"description\":\"URLhaus is a project operated by abuse.ch with thepurpose of sharing malicious URLs that are being usedfor malware distribution.\",\"valid_time\":{\"start_time\":\"2023-12-28T03:42:26.362Z\",\"end_time\":\"2528-05-24T00:00:00.000Z\"},\"producer\":\"Abuse.ch\",\"schema_version\":\"1.0.16\",\"type\":\"indicator\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-495e8322a86ba11f771a0fa1a4c8dc2680559eea453c99382588830fe5eb8718\"],\"short_description\":\"Abuse.ch URLhaus Malware URL Exchange\",\"title\":\"Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"tlp\":\"green\",\"timestamp\":\"2020-08-06T04:36:09.833Z\"}]},\"relationships\":{\"count\":60,\"docs\":[{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-c309ad64961f1a743b8d08c7b9672fab7a68ef7c873e2642f4238edb0f14ea33\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-f073d02b-73d8-46d8-a079-cb818301c19e\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-62aeb961-dbb2-4540-975d-0a8a55626b5a\",\"tlp\":\"green\",\"timestamp\":\"2020-08-31T04:30:41.302Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-7230e4970fa80704e538d2a8b521ccc77828f015ac08b32223c8b25208664f7e\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-8eb0f036-70bf-43aa-8244-1be38fcd3ff5\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-46b25ba0-049e-47a3-b347-ba8cba3e5488\",\"tlp\":\"green\",\"timestamp\":\"2020-08-23T04:21:40.357Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-60be1784cbcf3573a200f123fd3403f995b7a6d31c30d2118f0222aba7e83870\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-6667a3f8-3d44-4f3e-8b0c-725641c4c8ae\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-83d11a7b-1139-41bf-af7a-f9c0f623e6bf\",\"tlp\":\"green\",\"timestamp\":\"2020-09-12T04:57:07.056Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-a7fe886b8f70b85ba9645e46dcd86dc2eaa7a9610852f8e2ca5e1ecc6a6eee22\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-dd2ea1df-c35f-4179-badd-de8a6eeea695\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-d2790987-cf25-413f-b9dd-1d68137fe975\",\"tlp\":\"green\",\"timestamp\":\"2020-09-13T05:00:43.672Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-6c5540025cae8d0fe20ffbaf945887fc15734211149f45b4c1f87cc4b81d3c44\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-78f51b61-921e-4da7-8c8e-baccf7eea503\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-bb9f99d0-c29c-4d67-b83d-eed00f846d39\",\"tlp\":\"green\",\"timestamp\":\"2020-09-12T04:57:07.056Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-f1431051921fdacb212b2fd030140fce1c753891dd90e3aa8223486e7ede765a\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-f41eaef8-6681-4453-bc18-e761dbaf1188\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-cdbf82d4-0ef7-4788-98f7-f2aef7cadcff\",\"tlp\":\"green\",\"timestamp\":\"2020-09-07T04:44:51.461Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-f3a77124480bd37f0b5d2f4bd5eee0735ba3ce9443ded047dbfcceb544ab669d\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-50b88817-cd08-48af-bd16-86dee2af8520\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-336d97d2-ff0f-474f-a7d1-b260bf72e181\",\"tlp\":\"green\",\"timestamp\":\"2020-08-26T04:30:17.552Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-51d645f2790502cd7d15a4a7f3b232a54087ef9c13401901c0f45eaefbeca5de\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-4b2bd88e-8127-4ea1-8865-b020bf4f7f1d\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-e9fca00f-6726-41b1-8613-e0210f0f1adf\",\"tlp\":\"green\",\"timestamp\":\"2020-09-06T04:49:33.839Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-6320487cbbcea951d7d4680bf1799f9ef54f8f0996e28431555c36fb9e82d2db\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-bb5727fc-7c49-482b-a613-1e17790079ae\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-493ca187-cc84-4259-b67b-73664410d49c\",\"tlp\":\"green\",\"timestamp\":\"2020-08-26T04:30:17.546Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-58635145dd11039df70abedc6f0001a7db5cdb73c46f0baa6c3c981183cdc9d1\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-30471cfd-e315-42e3-92cd-764ca2a1051d\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-68249d93-92d5-4a29-9ff2-a6825846f135\",\"tlp\":\"green\",\"timestamp\":\"2020-09-01T04:35:22.688Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-a1fa3cbbe9ed5c6d26b079daea0d0680043613ad7d59ecebf866d11512bb9f1a\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-a9f6c620-8ea8-4d02-ab62-8843a382b949\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-ff0879c4-1f62-43fb-bb10-57b04693052f\",\"tlp\":\"green\",\"timestamp\":\"2020-08-31T04:30:41.306Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-4a3e499109783d99c6659d0fe5e2e00884dd0bb63f3664700549a0ea6e686a0a\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-24a2b6ef-eaca-42bc-8b72-10939e82a5e5\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-b20d07dc-2d09-490d-ad32-49ec58ba29c6\",\"tlp\":\"green\",\"timestamp\":\"2020-09-15T06:07:48.992Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-e901e60cb78d8804e5d0ed3416e84ea1a39b68956860429514813a75e5c25580\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-a74ae08c-ceae-4de9-9429-7f1bdcdef394\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-15d2baec-8e3c-45d9-bc9a-29479ef8eb61\",\"tlp\":\"green\",\"timestamp\":\"2020-09-15T06:07:48.995Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-584820e5241738bd311da13a8b468769be439028d4c0665d5e5a1a1c584b4aa8\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-88588aef-2ade-4a31-93d7-c2e36b0d4034\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-f3d166d7-123d-402a-9a19-55517e296137\",\"tlp\":\"green\",\"timestamp\":\"2020-09-14T05:28:34.342Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-ca0d06f1fa77a78a8a6eb46de9893abe14dc8cba64ea0735d5d102da1befa487\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-50a3d2f3-843b-40df-93e0-5fc088df3d7d\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-97b96ab9-90a7-4777-94ef-335067f0845e\",\"tlp\":\"green\",\"timestamp\":\"2020-08-28T04:32:25.045Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.16\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-52e9ee05e566327449e8f541eebacd5b83a5df827acec5936707d9e3afd23f83\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-5bc7df70-2b0c-4cc8-9ed0-69c3e5d0284b\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-194cc017-d1a7-4e4e-bc3c-91a9162ec34d\",\"tlp\":\"green\",\"timestamp\":\"2020-08-19T04:24:14.186Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-cc81a5ede81adbdd5c5d021793e654e183feae0986b478f21887d9033d0a6da5\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-db133606-fcf8-4be7-b8b4-f60e4889c1b2\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-54316db1-c3c4-470d-9290-f96859a906b7\",\"tlp\":\"green\",\"timestamp\":\"2020-09-14T05:28:34.343Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-c79f9b8ef29bd5b8f65668edd780d30e23604b174183ed7a323b6d546d0d996e\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-dab40bc7-359a-4ece-8c85-18b269ef50f5\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-0893f1f7-43aa-4a46-b84c-6ba932a206db\",\"tlp\":\"green\",\"timestamp\":\"2020-08-22T04:22:28.849Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-46daa46a121fe42470a86719b60bedc2e50c979a0f92c55a8f480d908ef91819\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-12621160-29d0-4f0b-95a9-14b9c0f4d46f\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-6cad96c1-6164-4f74-8444-fefa2b6ea3bd\",\"tlp\":\"green\",\"timestamp\":\"2020-08-21T04:26:03.736Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-060b7f8570451c4e9c63b0226aedf7c33f6b8f1991d02b43d8aae53e44ef8e4e\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-27134e8d-b3e9-4ffa-b8f2-5c2387f1d9a2\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-29f01494-3b90-4ff9-be9d-163e54fb5eb4\",\"tlp\":\"green\",\"timestamp\":\"2020-09-04T04:42:11.796Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-d42881b44d7e46360f235e1133859dd2e77c8218fda11f64ad9eea5b673ce3ad\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-344e2d02-b1fc-4a1e-96fd-a792382e82d1\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-d844b398-5aa8-4c1c-b8be-cb9f448c6638\",\"tlp\":\"green\",\"timestamp\":\"2020-08-21T04:26:03.739Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-0c56232eaae3acb9c20324f92b966e60bcc6ca1e01a2dbd37bba62e470854a51\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-fa98a557-4038-46da-b484-c06f8ff26cba\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-04bbd8c3-bf31-4af6-9008-0e5520f3a4f7\",\"tlp\":\"green\",\"timestamp\":\"2020-08-24T04:21:53.366Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-7c864ba20adb9212169c138de4ef6d07773fde76112207c363648233bd42be9a\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-0be9605f-faca-4ed3-bf12-408cf04b697e\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-d56f43cd-c0c7-4ad6-95d7-cc228ef66812\",\"tlp\":\"green\",\"timestamp\":\"2020-08-25T04:23:57.282Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-13173434c3928891f9730d57c5a7b1e2ce986f6737ad4eab9c2de78afdc0a804\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-e43d7ca8-11c0-473c-870f-970fc460c361\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-1c66e3f7-b950-4693-bf7c-b46985928e3c\",\"tlp\":\"green\",\"timestamp\":\"2020-09-16T04:58:46.114Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-d0ccc19782a3a2350c78db11fe51224b255b6db3c88f974017a48807c975d55a\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-bf037577-c045-410c-a711-ae9fccdc86c1\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-3cc6b25a-d507-4f8e-92ba-4a83dbacdae6\",\"tlp\":\"green\",\"timestamp\":\"2020-08-23T04:21:40.352Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-693c33fad84921dd8f071815c809f8f31c4f1c520ea7a63cb828a6ae7067873b\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-d4aacead-6007-4320-8696-b1a99ac1c114\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-8d1c90a2-6f5a-4b9c-9cfe-9586a8b575fa\",\"tlp\":\"green\",\"timestamp\":\"2020-09-03T05:08:48.749Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b38a9ca1ffb3b270abfe142776856934dd3f87a0990a02187775671aba91b0f0\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-fedb9822-599d-4fb0-b468-be0f862103d9\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-44aa9d23-5676-4b76-904a-e15a74d6128a\",\"tlp\":\"green\",\"timestamp\":\"2020-09-08T04:39:40.035Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-87f14be87f25d74332bb813188a9a98e78da2119b26d1e50cb09c349fcbd63d9\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-b5bb11be-1742-4b0c-93ce-fc2547e02d1b\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-5e48422b-61a2-44c7-b436-d59c03bafba8\",\"tlp\":\"green\",\"timestamp\":\"2020-09-10T04:40:40.138Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b45028d0c7969cef5ae1e9c674f19e7196b8dbd2bd17cbd0b7bd0fc8daa39b8f\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-232b63cf-2225-420d-95c8-fe2e54b54a55\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-d027b20c-589e-49a7-8137-449da57faee1\",\"tlp\":\"green\",\"timestamp\":\"2020-09-13T05:00:43.668Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-eab7161e507d134ecc8d79440a1e0f3978ae4e2e5ac770f6d0c75126cc6b370a\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-9bf5aa39-28df-46b3-9a21-6175356911d5\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-3ab2ea13-c501-47b9-8be4-e2c68b35d931\",\"tlp\":\"green\",\"timestamp\":\"2020-08-30T04:28:10.207Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-37f08c9f57afdaaa28d3a5c43c19deeb8a8888365b8daec06ff8e4c9306436aa\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-10ffe439-3a12-48e8-a48c-b21a1c6e4183\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-3e57c001-9bec-4ff0-ba19-86481320cfd8\",\"tlp\":\"green\",\"timestamp\":\"2020-08-24T04:21:53.361Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b8be2ffcb1c6037beef0540fdb21547e8c00481d6b4b37c73c7a7f07d4d751dd\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-ffc75cf7-1793-4ee1-a8d6-afaa81926b62\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-4a231fd8-3c54-45a4-b1a8-ad9cb386bae2\",\"tlp\":\"green\",\"timestamp\":\"2020-09-07T04:44:51.462Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-bf0852d66f7ca56c084b591cbd26a2a18768996859bacd53a9ccccbd1c40aac6\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-13ecdd06-3655-4502-b900-10a298ef3126\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-5387ea96-bf58-4cc5-88a6-a5dd7052e372\",\"tlp\":\"green\",\"timestamp\":\"2020-08-27T04:30:02.062Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-90ed7f9f587f326b81d4897576f9419c972a5e917ffef500fac7885c75c5ad4d\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-b4a27d52-4b30-4e47-979d-e840e1f0b123\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-3bf1ea0c-7737-475f-b98e-3c062a884ea8\",\"tlp\":\"green\",\"timestamp\":\"2020-09-16T04:58:46.115Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-ecadfed8edf0c27dd7610ad0148d27e9f6cba64695450fa795e7e419e23e9b70\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-e804c536-3031-4dc0-9d7c-f13df622837f\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-c618f3fd-4558-4fca-8b5e-d333f8131929\",\"tlp\":\"green\",\"timestamp\":\"2020-09-02T04:35:49.072Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.16\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-1ff904d7a9f67ba78512a9ece70db8ec87fa89700de46d17aa4225a23866c284\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-5a876588-69c9-4ff1-8f6d-4c1abd9092dc\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-e3b4307b-feae-4552-ae67-40da5b5a910a\",\"tlp\":\"green\",\"timestamp\":\"2020-08-20T04:27:27.003Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-0dde75a804606de924f2a0443d04ccb9748768135538f5331a3852cc9081e7f4\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-690c5818-d742-4a4a-9090-59b5f4f4a7d7\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-8b929cbb-2639-40f1-9acd-aa0692fea09e\",\"tlp\":\"green\",\"timestamp\":\"2020-08-28T04:32:25.048Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-5eeaf45666411d9e7e323fe8eeb443a1f5e8049f31da21b916b12c979d3277b3\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-8371f552-8047-481f-b6f0-5c127e265a50\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-31b4d034-0007-4634-a5c1-75f60fcb7ba0\",\"tlp\":\"green\",\"timestamp\":\"2020-08-22T04:22:28.850Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-449b530431de3b6765f066f2d7226593a217f512ea8cb4185c95c2fe382eeb30\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-1d4239d2-5921-4890-9a7d-e1755aa6ef04\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-6074966b-b8d8-4c98-b10e-992b00a97748\",\"tlp\":\"green\",\"timestamp\":\"2020-08-30T04:28:10.203Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-dae3886cb940d7439da2b42cac46babda228afcdb8cc463da4baa7336f79ee8a\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-63134800-b966-4610-89d1-2331b973dc77\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-a292b20d-6ae7-402c-8a37-166ba3cdc029\",\"tlp\":\"green\",\"timestamp\":\"2020-09-10T04:40:40.134Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.16\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b57b946139937b098cf7e74bddcb29ba704e6e2c310861442b2962ae89be4ebd\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-b7e28f6c-c16c-46e4-bc5c-c29a1349c006\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-d29f7eba-c3af-4d1a-a6c1-85379d679fe1\",\"tlp\":\"green\",\"timestamp\":\"2020-08-18T04:23:01.526Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-1324281492803470900c85bfefd257aff0ac8f38bd41ffb9c0f99f62d3294cd7\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-456759c9-0387-4530-bce3-bf148c3b8594\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-f2dbdf68-d3ea-402d-8b43-12ef9df656b7\",\"tlp\":\"green\",\"timestamp\":\"2020-08-29T04:28:36.273Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-22a47fa0995ccaa1670281664654c02bd65839c7ea427e768fc7fbf46f1513a7\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-77d73961-0cac-4640-b5d4-e1d3a74f7456\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-361acbc6-593b-45b0-9b25-dbb0f6f272d4\",\"tlp\":\"green\",\"timestamp\":\"2020-09-11T04:48:45.598Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.16\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b032bc43e9f400fdf1ff71e1f58baa7af4ce0f3c842978c8a147a3bdf13cb006\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-38b5af39-5fa4-4b7d-b5c9-565b5563632a\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-f3f61c8c-6d9e-4760-9093-d23c780c81fb\",\"tlp\":\"green\",\"timestamp\":\"2020-08-20T04:27:26.998Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-5c196b0c8713d5cdaa5f48f9a09f9f2c093f1432167ebd54d8566ce9470beb23\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-4a7eae43-7ee1-41f6-bbe9-5f243c62debe\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-b0b69a88-b220-4a01-aea0-510598599461\",\"tlp\":\"green\",\"timestamp\":\"2020-08-25T04:23:57.283Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-fd21c450508c72958e9e83e2fb97387c974a6d0673611652f96f8d6d18cee923\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-0bc944d3-70ee-4ade-8100-00c8954513b4\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-d85d734e-ee4b-4f60-a41a-00be299f1348\",\"tlp\":\"green\",\"timestamp\":\"2020-09-05T04:39:45.536Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-e70130e37d33fc102f8340dc0f2f897b81411fe2d66d156a496177868efc9586\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-993a3f14-eb9e-40f6-87a0-b713e2e8dbec\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-87c5cb45-a9a1-44e6-bc17-055591630120\",\"tlp\":\"green\",\"timestamp\":\"2020-09-09T04:44:51.784Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.16\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-1ab6df3bf5565858bf11af82dacab324cadd90dce881408c919eaf1d4b088f6d\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-34116ba7-bfdd-4523-a2fd-1a4f858dcc6d\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-a76be793-d0e5-4b0b-8958-211a3ce50124\",\"tlp\":\"green\",\"timestamp\":\"2020-08-18T04:23:01.533Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-769ab14b15c6b448eea4b24ca7ca91ce666108254a32fca65cc41932cafa4cc4\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-ba078f92-e0e1-4373-9b50-eb420deb89fe\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-cdd1efd9-c667-4aaa-85ab-fb83626c3a62\",\"tlp\":\"green\",\"timestamp\":\"2020-09-02T04:35:49.069Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-41093a15d5612c88742ea8621512c8142cee9d46587398d743399930185bc015\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-7bd32a64-8184-492d-90f4-7b70d79af22f\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-25fee826-fe77-477a-8962-70a359152632\",\"tlp\":\"green\",\"timestamp\":\"2020-09-08T04:39:40.031Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-5792be22f8f96eb8eedf0ebab5f11fe47f8ea666d20695b751c37a0eeaf7db06\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-177ad514-08af-4f0a-b1bc-a1c062a59e5f\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-fc275ef0-a612-4bf5-bc4c-5f670bcf4ccd\",\"tlp\":\"green\",\"timestamp\":\"2020-09-05T04:39:45.538Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-2de0a1ea1e097a71b585f456208b6d5024734f18a8f1a36eaa5289e994836655\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-8807d8e0-373f-4d9c-a1c3-5cced0f07d8c\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-b98b9979-79ba-4daa-aa93-4b2d77cc5d80\",\"tlp\":\"green\",\"timestamp\":\"2020-09-06T04:49:33.839Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-187f0a74843a79b18821f684f6fbd1cedf4c3413e998096169983f36fc1e596b\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-2112dc04-e8d1-4090-97f2-cfe6a0807712\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-c8a06070-7084-44b3-9c51-c59c9d163d24\",\"tlp\":\"green\",\"timestamp\":\"2020-09-11T04:48:45.599Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-7fdb393f8c86a2ec8faf51d641cb3928412640c18c3fd78517873e0a4ee149a7\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-f7a88969-e90f-4297-8dbf-7356b802fff1\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-39c871ae-c532-4cb8-b64b-e836e0bf2e86\",\"tlp\":\"green\",\"timestamp\":\"2020-09-09T04:44:51.784Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-43107dcc01934732d84d5e2e028b30b301d9ced5a08a8ac0ba50e747ce3beb34\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-8d79391f-ccce-4370-b2de-3a9ba3ba5223\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-09e2ff4f-8a83-4203-bedd-7259aec164b2\",\"tlp\":\"green\",\"timestamp\":\"2020-09-01T04:35:22.687Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-f3e10c5967917796f63e83d9e02dd4abbe36089a7c0018849975c74ba272d7ef\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-0f4ea20e-605c-4089-910c-bab8f7025843\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-43cd2326-74c1-4897-b5d7-f8551e2ef2a8\",\"tlp\":\"green\",\"timestamp\":\"2020-08-27T04:30:02.056Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.19\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-e91f195b5f5f0c714275fbaf59c3eef666cae1b297b0f7c6d66586b0675eb8e2\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-aeeccfa9-eed1-4e30-b107-e784409fbfd6\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-5f804b65-5bb8-4010-939e-b2538dd10f3f\",\"tlp\":\"green\",\"timestamp\":\"2020-09-04T04:42:11.799Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-bcb1b579b33862ee3e9191716bbbc477acb58345abe9b752a921efae9b9f1d80\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-05917599-b89e-44fd-ad38-c0ca86c55284\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-70597bee-dc69-4665-8aa0-943e1d18a8dc\",\"tlp\":\"green\",\"timestamp\":\"2020-09-03T05:08:48.745Z\",\"relationship_type\":\"element-of\"},{\"schema_version\":\"1.0.18\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-c4f79fb2839eb1b15696d5d8f283acb999a812fb856a9058b722e3e91ef7f629\"],\"short_description\":\"sighting member-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-19703b03-ff26-4f17-abb6-9f8786d90c45\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-b05f6edf-9542-4a34-b8b2-7bcc6db5241b\",\"tlp\":\"green\",\"timestamp\":\"2020-08-29T04:28:36.281Z\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.0.16\",\"target_ref\":\"https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089\",\"type\":\"relationship\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-9f2bb28ced15e09e8b60d54c66e046b575dc382b683a15b756576d8160ad980a\"],\"short_description\":\"judgement element-of Abuse.ch URLhaus DB Feed\",\"source_uri\":\"https://urlhaus.abuse.ch/\",\"source_ref\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-3e1fbc4b-87d9-495c-9201-d2873a82e7a3\",\"id\":\"https://intel.amp.cisco.com:443/ctia/relationship/relationship-c29f932c-e63c-41ed-90e5-44eab45b06cf\",\"tlp\":\"green\",\"timestamp\":\"2020-08-19T04:24:14.188Z\",\"relationship_type\":\"element-of\"}]},\"judgements\":{\"count\":30,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-01-22T03:42:19.101Z\",\"end_time\":\"2024-02-21T03:42:19.101Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-174820c73e61c6a34d745c20c4841bd7912417c1f8114d2cd6bc42da35540162\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-a9f6c620-8ea8-4d02-ab62-8843a382b949\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-31T03:42:19.101Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-19T03:42:14.950Z\",\"end_time\":\"2024-02-18T03:42:14.950Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-1ea4a178ac57556b3ea8922a5678f8982f34391ed4628f01cbb0d91c201e027f\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-690c5818-d742-4a4a-9090-59b5f4f4a7d7\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-28T03:42:14.950Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-10T03:42:17.389Z\",\"end_time\":\"2024-02-09T03:42:17.389Z\"},\"schema_version\":\"1.0.16\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-c1080f31bc1a4986a1ad87a9c2ca65b066fd312218ab12442fffebad88a0e25c\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-3e1fbc4b-87d9-495c-9201-d2873a82e7a3\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-19T03:42:17.389Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-14T03:42:14.255Z\",\"end_time\":\"2024-02-13T03:42:14.255Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b5b21d47f50dc2cbb50381f869dc39f2c3eb809e745f5544d168b350872dd9e0\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-bf037577-c045-410c-a711-ae9fccdc86c1\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-23T03:42:14.255Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-12T03:42:17.195Z\",\"end_time\":\"2024-02-11T03:42:17.195Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-f432a7f6a8c7bf5ce5eee3e0726519fc4e9e2af318952e4b9af219a11c6a1baa\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-344e2d02-b1fc-4a1e-96fd-a792382e82d1\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-21T03:42:17.195Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-13T03:42:20.082Z\",\"end_time\":\"2024-02-12T03:42:20.082Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-f6d53a24e78217737a3f7f1afedd43c980708649d5dbeeea891809f5360146d9\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-8371f552-8047-481f-b6f0-5c127e265a50\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-22T03:42:20.082Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-15T03:42:19.035Z\",\"end_time\":\"2024-02-14T03:42:19.035Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-37e10fd140dde5516c179fe87a6c2a7e9fba2f06622f7e84f38be61f196880e7\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-fa98a557-4038-46da-b484-c06f8ff26cba\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-24T03:42:19.035Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-02-07T03:44:03.541Z\",\"end_time\":\"2024-03-08T03:44:03.541Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b7c49c163daa78d00b9f5a92e7db3b77975ffe590c2bf014a9f356a110359d1e\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-b4a27d52-4b30-4e47-979d-e840e1f0b123\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-16T03:44:03.541Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-02-03T03:44:07.198Z\",\"end_time\":\"2024-03-04T03:44:07.198Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-abe595e32c080b469c305e0ad7d1a62121fdf768d1ed79cea114a6ba07229de8\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-78f51b61-921e-4da7-8c8e-baccf7eea503\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-12T03:44:07.198Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-29T03:44:09.031Z\",\"end_time\":\"2024-02-28T03:44:09.031Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-9d8ce679c673e9dc14068827ede03d0855245552c371c2eb5b17eed8891dc89a\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-f41eaef8-6681-4453-bc18-e761dbaf1188\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-07T03:44:09.031Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-23T03:42:17.484Z\",\"end_time\":\"2024-02-22T03:42:17.484Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-061613d6bc4db484985687c0d132d3b0ec9765fbe78e438cbf60c5b4b05f0820\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-8d79391f-ccce-4370-b2de-3a9ba3ba5223\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-01T03:42:17.484Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-02-06T03:44:07.613Z\",\"end_time\":\"2024-03-07T03:44:07.613Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-c194e629581c938811c02963758d8a267fc64084c057302ac5b71b00209f7ff8\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-24a2b6ef-eaca-42bc-8b72-10939e82a5e5\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-15T03:44:07.613Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-25T03:42:17.572Z\",\"end_time\":\"2024-02-24T03:42:17.572Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-95728fa592a408b8d172655bf6ffbdb82e8560fc32f0dffa17497916f82e7aab\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-05917599-b89e-44fd-ad38-c0ca86c55284\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-03T03:42:17.572Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-26T03:44:05.365Z\",\"end_time\":\"2024-02-25T03:44:05.365Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-bea9e6709f8925ffabda87dd03ec3c2965e1968d045e2a9ad3029a31e65b1187\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-27134e8d-b3e9-4ffa-b8f2-5c2387f1d9a2\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-04T03:44:05.365Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-28T03:44:04.841Z\",\"end_time\":\"2024-02-27T03:44:04.841Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-3563b7e120ccdbfa13eb93876dce997382f8f5bd1d3d7fb479516a5572cdf760\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-8807d8e0-373f-4d9c-a1c3-5cced0f07d8c\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-06T03:44:04.841Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-16T03:42:20.275Z\",\"end_time\":\"2024-02-15T03:42:20.275Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-0a0237d5d3def521eeb5f95e46867feb47f3a35eac7922c8a9a4e1b4598de73e\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-4a7eae43-7ee1-41f6-bbe9-5f243c62debe\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-25T03:42:20.275Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-30T03:44:09.487Z\",\"end_time\":\"2024-02-29T03:44:09.487Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-db1ae1eca16aeb5256b2ce1c8743c60bbc0c683cd63802b477055835ac61d599\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-fedb9822-599d-4fb0-b468-be0f862103d9\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-08T03:44:09.487Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-02-05T03:44:11.699Z\",\"end_time\":\"2024-03-06T03:44:11.699Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-d52ac55cd2579fa04ffb2ceb16b8923ca01ff3e1c30838ab7534580a2fac42a6\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-88588aef-2ade-4a31-93d7-c2e36b0d4034\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-14T03:44:11.699Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-24T03:42:19.580Z\",\"end_time\":\"2024-02-23T03:42:19.580Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-097f1439cfd0002db60be0543f5c60218741bb4c829ddc2aee8d1277a1bbae76\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-e804c536-3031-4dc0-9d7c-f13df622837f\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-02T03:42:19.580Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-02-01T03:44:07.777Z\",\"end_time\":\"2024-03-02T03:44:07.777Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-d57ecdbd717fcf95bd7afa03ec497a62a5de738108b686bad476d2152289c8fe\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-b5bb11be-1742-4b0c-93ce-fc2547e02d1b\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-10T03:44:07.777Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-20T03:42:17.844Z\",\"end_time\":\"2024-02-19T03:42:17.844Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-2d6d243a94aba36a312f7a3bba47821d2be0534ce40a14254eef0173f48dd739\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-456759c9-0387-4530-bce3-bf148c3b8594\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-29T03:42:17.844Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-11T03:42:18.290Z\",\"end_time\":\"2024-02-10T03:42:18.290Z\"},\"schema_version\":\"1.0.16\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-0b49c77e991bd3dae139e0d0003d0ccc64ac28b9fb530f4d65193187bc7c257f\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-38b5af39-5fa4-4b7d-b5c9-565b5563632a\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-20T03:42:18.290Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-27T03:42:13.794Z\",\"end_time\":\"2024-02-26T03:42:13.794Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-92aaeab133a2671f2b2560f3f36123e4242e2652abd0be54e6b7ab36b6fa5a74\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-0bc944d3-70ee-4ade-8100-00c8954513b4\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-05T03:42:13.794Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-09T03:42:16.304Z\",\"end_time\":\"2024-02-08T03:42:16.304Z\"},\"schema_version\":\"1.0.16\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-a9bec042ce0bfa3ad7fec262fd5a810ef3d1044a38df3a691c3ddddf99e4e54f\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-b7e28f6c-c16c-46e4-bc5c-c29a1349c006\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-18T03:42:16.304Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-17T03:42:21.692Z\",\"end_time\":\"2024-02-16T03:42:21.692Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-a2670912ec05f302c51e0e48d6e2cc9b9ea4a7b076a46ba205f716ee69086539\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-50b88817-cd08-48af-bd16-86dee2af8520\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-26T03:42:21.692Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-21T03:42:16.197Z\",\"end_time\":\"2024-02-20T03:42:16.197Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-c2e2dbb2ce411c484fa7d5bcfa39589b5ef9c83295c815a5110b6d854a1d946d\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-9bf5aa39-28df-46b3-9a21-6175356911d5\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-30T03:42:16.197Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-31T03:44:11.567Z\",\"end_time\":\"2024-03-01T03:44:11.567Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-4df6110cd7b8f0b4a7b487b6239c0b7d40853404e9bdd6c17d343ce231772db8\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-f7a88969-e90f-4297-8dbf-7356b802fff1\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-09T03:44:11.567Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-02-02T03:44:06.846Z\",\"end_time\":\"2024-03-03T03:44:06.846Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-cf0c4fb472d41c3c49288e2a5b78ce5277732e4d03fa137c04861cb035117c8f\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-77d73961-0cac-4640-b5d4-e1d3a74f7456\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-11T03:44:06.846Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-02-04T03:42:15.863Z\",\"end_time\":\"2024-03-05T03:42:15.863Z\"},\"schema_version\":\"1.0.19\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-0ba84d907a0a309b0e65a87aea46a5ea56a5fbbb5a1b6699780473c84f7b701b\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-dd2ea1df-c35f-4179-badd-de8a6eeea695\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-13T03:42:15.863Z\",\"confidence\":\"High\"},{\"valid_time\":{\"start_time\":\"2024-01-18T03:42:23.679Z\",\"end_time\":\"2024-02-17T03:42:23.679Z\"},\"schema_version\":\"1.0.18\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-0c9a87422c7833ee49035928c849f9636968992e094322e803d33ffb3ec1b419\"],\"disposition\":2,\"source_uri\":\"https://urlhaus.abuse.ch/\",\"disposition_name\":\"Malicious\",\"priority\":95,\"id\":\"https://intel.amp.cisco.com:443/ctia/judgement/judgement-0f4ea20e-605c-4089-910c-bab8f7025843\",\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-27T03:42:23.679Z\",\"confidence\":\"High\"}]},\"sightings\":{\"count\":30,\"docs\":[{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-4c4b36725fa004ef5a44ab2efe13ccdf6cc3368624bdd21828ce3a3cbcb0b45d\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-d4aacead-6007-4320-8696-b1a99ac1c114\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-03T03:42:17.572Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-25T03:42:17.572Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-494eb2c4dc7dcc1117118b2a4595d61f3993aa8f1b13800879abce14fa05efea\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-10ffe439-3a12-48e8-a48c-b21a1c6e4183\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-24T03:42:19.035Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-15T03:42:19.035Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-3cda5a8af7ce5757a33e7707c3c133f3c5fd85fee7f31c7856a21fdb9d8729ae\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-13ecdd06-3655-4502-b900-10a298ef3126\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-27T03:42:23.679Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-18T03:42:23.679Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-ad513ebee2c522c99c152784b97f4b27abf7899834292cf779ad2bc8bd20e75c\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-0be9605f-faca-4ed3-bf12-408cf04b697e\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-25T03:42:20.275Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-16T03:42:20.275Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-adb4aeb9e59034e41e5e2afe753110cf09f980393621092e045d2849d2943c13\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-63134800-b966-4610-89d1-2331b973dc77\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-10T03:44:07.777Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-02-01T03:44:07.777Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-b7fe52732eecfc45850e3604e605835d70dcad3ff8ebccd6ff586f106ef06902\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-1d4239d2-5921-4890-9a7d-e1755aa6ef04\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-30T03:42:16.197Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-21T03:42:16.197Z\"}},{\"schema_version\":\"1.0.16\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-6101dca3c3466fe655354a794c8c5fa4cfe8fe23fff37f38231338f69ed50d75\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-34116ba7-bfdd-4523-a2fd-1a4f858dcc6d\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-18T03:42:16.304Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-09T03:42:16.304Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-505565c8aac275b3b4c6973cf4dbf0b5ee2b6bd3b86ac93ab73970835cf099bd\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-6667a3f8-3d44-4f3e-8b0c-725641c4c8ae\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-12T03:44:07.198Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-02-03T03:44:07.198Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-cbe0a3a703d1fc937d6152caa998aefe12c9a1fd3208625b23185439125246ba\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-8eb0f036-70bf-43aa-8244-1be38fcd3ff5\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-23T03:42:14.255Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-14T03:42:14.255Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-825ea0c267a73292817583b0bdeb743a07182cf58ca1dd717131efff3badab61\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-50a3d2f3-843b-40df-93e0-5fc088df3d7d\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-28T03:42:14.950Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-19T03:42:14.950Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-3176c1ae80f97fe362e4050fd3d1f0d970a35d6e389de37629633f3297a401cc\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-db133606-fcf8-4be7-b8b4-f60e4889c1b2\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-14T03:44:11.699Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-02-05T03:44:11.699Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-dc04395c0899812b7d91cd4cedca33c02f9f97c5cfeff74c77016c07e2b014bf\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-4b2bd88e-8127-4ea1-8865-b020bf4f7f1d\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-06T03:44:04.841Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-28T03:44:04.841Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-8720903f4fe59b6fc5c323108f10613878c29fc15ebc4381cc2a6e27edbd46b2\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-7bd32a64-8184-492d-90f4-7b70d79af22f\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-08T03:44:09.487Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-30T03:44:09.487Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-01d35037c1091f331b4de66ead171686aa93629a0a8efaaa23a94fd050ec79e0\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-bb5727fc-7c49-482b-a613-1e17790079ae\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-26T03:42:21.692Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-17T03:42:21.692Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-2cfd2330d4cc336e408c087c975e1ef9374e7cf1b6529411050d64e46f80a6a1\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-19703b03-ff26-4f17-abb6-9f8786d90c45\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-29T03:42:17.844Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-20T03:42:17.844Z\"}},{\"schema_version\":\"1.0.16\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-8f5c9a98e882e6716413280083db7086e6fe3eaa61327a0a6e025e7336541dac\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-5a876588-69c9-4ff1-8f6d-4c1abd9092dc\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-20T03:42:18.290Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-11T03:42:18.290Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-0e05bcf1688e4656fc3a11e24e7fedf70272a4246ad5e422c07c1f88d06dc3c2\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-aeeccfa9-eed1-4e30-b107-e784409fbfd6\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-04T03:44:05.365Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-26T03:44:05.365Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-43aa9a45cc68cf7b65555df701a4b948824caab5b45657050332dda88cc7a513\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-ba078f92-e0e1-4373-9b50-eb420deb89fe\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-02T03:42:19.580Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-24T03:42:19.580Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-a4b0f0059823c1c51ff32370f5d024617785be418f6ba9da48b6dc797eea68f8\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-30471cfd-e315-42e3-92cd-764ca2a1051d\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-01T03:42:17.484Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-23T03:42:17.484Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-8d6133774a33636b52c44c349c4e0c7f68d16c9eaaa7b858c33975c38388ed9c\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-232b63cf-2225-420d-95c8-fe2e54b54a55\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-13T03:42:15.863Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-02-04T03:42:15.863Z\"}},{\"schema_version\":\"1.0.16\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-fc4d14e9d9c06a67af99b34dfbd276fdc1ae4fbe26b6e0449a53100c50b39f8c\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-5bc7df70-2b0c-4cc8-9ed0-69c3e5d0284b\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-19T03:42:17.389Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-10T03:42:17.389Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-6b6b2bbea6523155c38f4bd60182a11e853a941a098612f46e8a4ff2cf9d1403\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-993a3f14-eb9e-40f6-87a0-b713e2e8dbec\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-09T03:44:11.567Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-31T03:44:11.567Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-c43d3c3492838fde791edeeac428f779750aeb9aea450221ba1b3599f5d62606\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-a74ae08c-ceae-4de9-9429-7f1bdcdef394\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-15T03:44:07.613Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-02-06T03:44:07.613Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-ceb72ba9c47a916b4cc26114a5b73013d2f669f6d5e80f20e3496be3c756b307\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-e43d7ca8-11c0-473c-870f-970fc460c361\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-16T03:44:03.541Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-02-07T03:44:03.541Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-561a01fc837a7202f65757d77406ec7a7ae4fa570d0a98ea680b350965f86871\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-12621160-29d0-4f0b-95a9-14b9c0f4d46f\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-21T03:42:17.195Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-12T03:42:17.195Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-2196aeefea16b8e3dda0d6b7f2e28859a52735872ba7aa3852c53962f7817e1e\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-f073d02b-73d8-46d8-a079-cb818301c19e\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-31T03:42:19.101Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-22T03:42:19.101Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-444cde78bbe44723f6a35f2ff7515bedc9ff63737335575be086221eb4f6c333\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-177ad514-08af-4f0a-b1bc-a1c062a59e5f\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-05T03:42:13.794Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-27T03:42:13.794Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-7705128231e9ba796191bbf0908f6299a4eed20dcdc0d88630ce60919fe1d8aa\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-2112dc04-e8d1-4090-97f2-cfe6a0807712\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-11T03:44:06.846Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-02-02T03:44:06.846Z\"}},{\"schema_version\":\"1.0.19\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-bb2e5c7fa59980443bf24e1b5f59271a4880257cc4f475f3066f7862cde7cf96\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-ffc75cf7-1793-4ee1-a8d6-afaa81926b62\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-09-07T03:44:09.031Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-29T03:44:09.031Z\"}},{\"schema_version\":\"1.0.18\",\"observables\":[{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"}],\"type\":\"sighting\",\"source\":\"Abuse.ch URLhaus Database\",\"external_ids\":[\"hydrant-e9979ee698bba926de30c903b825044bdb6fb6fbb0f7a4a28da470b07e167f68\"],\"source_uri\":\"https://urlhaus.abuse.ch/\",\"id\":\"https://intel.amp.cisco.com:443/ctia/sighting/sighting-dab40bc7-359a-4ece-8c85-18b269ef50f5\",\"count\":1,\"severity\":\"High\",\"tlp\":\"green\",\"timestamp\":\"2020-08-22T03:42:20.082Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2024-01-13T03:42:20.082Z\"}}]}}},{\"module\":\"Talos Intelligence\",\"module_instance_id\":\"f14a7465-a77a-4e28-8b97-23706a56eab5\",\"module_type_id\":\"2460c99b-2f01-523b-a65d-30a3c6603245\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":3,\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"judgement_id\":\"transient:c571fddb-d5ec-4c51-a96f-21432d78bee8\",\"disposition_name\":\"Suspicious\",\"valid_time\":{\"start_time\":\"2024-07-26T10:42:05.510Z\",\"end_time\":\"2024-08-25T10:42:05.510Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-26T10:42:05.510Z\",\"end_time\":\"2024-08-25T10:42:05.510Z\"},\"schema_version\":\"1.1.3\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Talos Intelligence\",\"disposition\":3,\"reason\":\"Low Talos Intelligence reputation score\",\"source_uri\":\"https://www.talosintelligence.com/reputation_center/lookup?search=http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F\",\"disposition_name\":\"Suspicious\",\"priority\":90,\"id\":\"transient:c571fddb-d5ec-4c51-a96f-21432d78bee8\",\"severity\":\"Medium\",\"tlp\":\"white\",\"confidence\":\"High\"}]}}},{\"module\":\"Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest\",\"module_instance_id\":\"15802a02-e1c8-499a-beb5-27a1efe71a44\",\"module_type_id\":\"79343c94-d267-4c3f-b6d3-de96871c406a\",\"data\":{\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":2,\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"judgement_id\":\"transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881\",\"disposition_name\":\"Malicious\",\"valid_time\":{\"start_time\":\"2024-07-26T10:42:06.931Z\",\"end_time\":\"2024-08-02T10:42:06.931Z\"}}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2024-07-26T10:42:06.931Z\",\"end_time\":\"2024-08-02T10:42:06.931Z\"},\"schema_version\":\"1.0.22\",\"observable\":{\"value\":\"http://0win365.com/wp-admin/sites/\",\"type\":\"url\"},\"type\":\"judgement\",\"source\":\"Palo Alto AutoFocus\",\"disposition\":2,\"reason\":\"MALWARE in AutoFocus\",\"source_uri\":\"https://autofocus.paloaltonetworks.com/#/search/indicator/url/http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F/summary\",\"disposition_name\":\"Malicious\",\"priority\":85,\"id\":\"transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881\",\"severity\":\"High\",\"confidence\":\"High\"}]}}}]},\"id\":\"investigate-7e9e073f\",\"uuid\":\"51ce0670-4355-4bd3-8cae-9aaf27e06344\"}]", "short_description": "Snapshot @ 20210305 10:42:25", "omittedObservables": [], "archivedObservables": [{"key": "ce8f0870-1456-41ff-889e-7ce2ffbe9721", "value": "http://0win365.com/wp-admin/sites/", "indicators": [{"description": "URLhaus is a project operated by abuse.ch with thepurpose of sharing malicious URLs that are being usedfor malware distribution.", "valid_time": {"start_time": "2020-08-06T03:42:26.362Z", "end_time": "2525-01-01T00:00:00.000Z"}, "producer": "Abuse.ch", "schema_version": "1.0.16", "type": "indicator", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-495e8322a86ba11f771a0fa1a4c8dc2680559eea453c99382588830fe5eb8718"], "short_description": "Abuse.ch URLhaus Malware URL Exchange", "title": "Abuse.ch URLhaus DB Feed", "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-06T04:36:09.833Z"}], "type": "url", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "http://0win365.com/wp-admin/sites/", "id": "1bac5cca", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "schema_version": "1.0.22", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/url/http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F/summary", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881", "severity": "High", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "schema_version": "1.1.3", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F", "disposition_name": "Suspicious", "priority": 90, "id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8", "severity": "Medium", "tlp": "white", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-27T03:42:23.679Z", "end_time": "2020-09-26T03:42:23.679Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0c9a87422c7833ee49035928c849f9636968992e094322e803d33ffb3ec1b419"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0f4ea20e-605c-4089-910c-bab8f7025843", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-13T03:42:15.863Z", "end_time": "2020-10-13T03:42:15.863Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0ba84d907a0a309b0e65a87aea46a5ea56a5fbbb5a1b6699780473c84f7b701b"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-dd2ea1df-c35f-4179-badd-de8a6eeea695", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-11T03:44:06.846Z", "end_time": "2020-10-11T03:44:06.846Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cf0c4fb472d41c3c49288e2a5b78ce5277732e4d03fa137c04861cb035117c8f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-77d73961-0cac-4640-b5d4-e1d3a74f7456", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-09T03:44:11.567Z", "end_time": "2020-10-09T03:44:11.567Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4df6110cd7b8f0b4a7b487b6239c0b7d40853404e9bdd6c17d343ce231772db8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f7a88969-e90f-4297-8dbf-7356b802fff1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-30T03:42:16.197Z", "end_time": "2020-09-29T03:42:16.197Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c2e2dbb2ce411c484fa7d5bcfa39589b5ef9c83295c815a5110b6d854a1d946d"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-9bf5aa39-28df-46b3-9a21-6175356911d5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-26T03:42:21.692Z", "end_time": "2020-09-25T03:42:21.692Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a2670912ec05f302c51e0e48d6e2cc9b9ea4a7b076a46ba205f716ee69086539"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-50b88817-cd08-48af-bd16-86dee2af8520", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-18T03:42:16.304Z", "end_time": "2020-09-17T03:42:16.304Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a9bec042ce0bfa3ad7fec262fd5a810ef3d1044a38df3a691c3ddddf99e4e54f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b7e28f6c-c16c-46e4-bc5c-c29a1349c006", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-05T03:42:13.794Z", "end_time": "2020-10-05T03:42:13.794Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-92aaeab133a2671f2b2560f3f36123e4242e2652abd0be54e6b7ab36b6fa5a74"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0bc944d3-70ee-4ade-8100-00c8954513b4", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-20T03:42:18.290Z", "end_time": "2020-09-19T03:42:18.290Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0b49c77e991bd3dae139e0d0003d0ccc64ac28b9fb530f4d65193187bc7c257f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-38b5af39-5fa4-4b7d-b5c9-565b5563632a", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-29T03:42:17.844Z", "end_time": "2020-09-28T03:42:17.844Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2d6d243a94aba36a312f7a3bba47821d2be0534ce40a14254eef0173f48dd739"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-456759c9-0387-4530-bce3-bf148c3b8594", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-10T03:44:07.777Z", "end_time": "2020-10-10T03:44:07.777Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d57ecdbd717fcf95bd7afa03ec497a62a5de738108b686bad476d2152289c8fe"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b5bb11be-1742-4b0c-93ce-fc2547e02d1b", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-02T03:42:19.580Z", "end_time": "2020-10-02T03:42:19.580Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-097f1439cfd0002db60be0543f5c60218741bb4c829ddc2aee8d1277a1bbae76"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-e804c536-3031-4dc0-9d7c-f13df622837f", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-14T03:44:11.699Z", "end_time": "2020-10-14T03:44:11.699Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d52ac55cd2579fa04ffb2ceb16b8923ca01ff3e1c30838ab7534580a2fac42a6"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-88588aef-2ade-4a31-93d7-c2e36b0d4034", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-08T03:44:09.487Z", "end_time": "2020-10-08T03:44:09.487Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-db1ae1eca16aeb5256b2ce1c8743c60bbc0c683cd63802b477055835ac61d599"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fedb9822-599d-4fb0-b468-be0f862103d9", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-25T03:42:20.275Z", "end_time": "2020-09-24T03:42:20.275Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0a0237d5d3def521eeb5f95e46867feb47f3a35eac7922c8a9a4e1b4598de73e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-4a7eae43-7ee1-41f6-bbe9-5f243c62debe", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-06T03:44:04.841Z", "end_time": "2020-10-06T03:44:04.841Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3563b7e120ccdbfa13eb93876dce997382f8f5bd1d3d7fb479516a5572cdf760"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8807d8e0-373f-4d9c-a1c3-5cced0f07d8c", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-04T03:44:05.365Z", "end_time": "2020-10-04T03:44:05.365Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bea9e6709f8925ffabda87dd03ec3c2965e1968d045e2a9ad3029a31e65b1187"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-27134e8d-b3e9-4ffa-b8f2-5c2387f1d9a2", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-03T03:42:17.572Z", "end_time": "2020-10-03T03:42:17.572Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-95728fa592a408b8d172655bf6ffbdb82e8560fc32f0dffa17497916f82e7aab"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-05917599-b89e-44fd-ad38-c0ca86c55284", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-15T03:44:07.613Z", "end_time": "2020-10-15T03:44:07.613Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c194e629581c938811c02963758d8a267fc64084c057302ac5b71b00209f7ff8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-24a2b6ef-eaca-42bc-8b72-10939e82a5e5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-01T03:42:17.484Z", "end_time": "2020-10-01T03:42:17.484Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-061613d6bc4db484985687c0d132d3b0ec9765fbe78e438cbf60c5b4b05f0820"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8d79391f-ccce-4370-b2de-3a9ba3ba5223", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-07T03:44:09.031Z", "end_time": "2020-10-07T03:44:09.031Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-9d8ce679c673e9dc14068827ede03d0855245552c371c2eb5b17eed8891dc89a"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f41eaef8-6681-4453-bc18-e761dbaf1188", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-12T03:44:07.198Z", "end_time": "2020-10-12T03:44:07.198Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-abe595e32c080b469c305e0ad7d1a62121fdf768d1ed79cea114a6ba07229de8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-78f51b61-921e-4da7-8c8e-baccf7eea503", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-16T03:44:03.541Z", "end_time": "2020-10-16T03:44:03.541Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7c49c163daa78d00b9f5a92e7db3b77975ffe590c2bf014a9f356a110359d1e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b4a27d52-4b30-4e47-979d-e840e1f0b123", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-24T03:42:19.035Z", "end_time": "2020-09-23T03:42:19.035Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-37e10fd140dde5516c179fe87a6c2a7e9fba2f06622f7e84f38be61f196880e7"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fa98a557-4038-46da-b484-c06f8ff26cba", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-22T03:42:20.082Z", "end_time": "2020-09-21T03:42:20.082Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f6d53a24e78217737a3f7f1afedd43c980708649d5dbeeea891809f5360146d9"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8371f552-8047-481f-b6f0-5c127e265a50", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-21T03:42:17.195Z", "end_time": "2020-09-20T03:42:17.195Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f432a7f6a8c7bf5ce5eee3e0726519fc4e9e2af318952e4b9af219a11c6a1baa"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-344e2d02-b1fc-4a1e-96fd-a792382e82d1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-23T03:42:14.255Z", "end_time": "2020-09-22T03:42:14.255Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b5b21d47f50dc2cbb50381f869dc39f2c3eb809e745f5544d168b350872dd9e0"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-bf037577-c045-410c-a711-ae9fccdc86c1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-19T03:42:17.389Z", "end_time": "2020-09-18T03:42:17.389Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c1080f31bc1a4986a1ad87a9c2ca65b066fd312218ab12442fffebad88a0e25c"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-3e1fbc4b-87d9-495c-9201-d2873a82e7a3", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-28T03:42:14.950Z", "end_time": "2020-09-27T03:42:14.950Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-1ea4a178ac57556b3ea8922a5678f8982f34391ed4628f01cbb0d91c201e027f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-690c5818-d742-4a4a-9090-59b5f4f4a7d7", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-31T03:42:19.101Z", "end_time": "2020-09-30T03:42:19.101Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-174820c73e61c6a34d745c20c4841bd7912417c1f8114d2cd6bc42da35540162"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-a9f6c620-8ea8-4d02-ab62-8843a382b949", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High"}], "sightings": [{"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-e9979ee698bba926de30c903b825044bdb6fb6fbb0f7a4a28da470b07e167f68"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-dab40bc7-359a-4ece-8c85-18b269ef50f5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High", "observed_time": {"start_time": "2020-08-22T03:42:20.082Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bb2e5c7fa59980443bf24e1b5f59271a4880257cc4f475f3066f7862cde7cf96"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ffc75cf7-1793-4ee1-a8d6-afaa81926b62", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High", "observed_time": {"start_time": "2020-09-07T03:44:09.031Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-7705128231e9ba796191bbf0908f6299a4eed20dcdc0d88630ce60919fe1d8aa"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-2112dc04-e8d1-4090-97f2-cfe6a0807712", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High", "observed_time": {"start_time": "2020-09-11T03:44:06.846Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-444cde78bbe44723f6a35f2ff7515bedc9ff63737335575be086221eb4f6c333"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-177ad514-08af-4f0a-b1bc-a1c062a59e5f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High", "observed_time": {"start_time": "2020-09-05T03:42:13.794Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2196aeefea16b8e3dda0d6b7f2e28859a52735872ba7aa3852c53962f7817e1e"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-f073d02b-73d8-46d8-a079-cb818301c19e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High", "observed_time": {"start_time": "2020-08-31T03:42:19.101Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-561a01fc837a7202f65757d77406ec7a7ae4fa570d0a98ea680b350965f86871"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-12621160-29d0-4f0b-95a9-14b9c0f4d46f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High", "observed_time": {"start_time": "2020-08-21T03:42:17.195Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ceb72ba9c47a916b4cc26114a5b73013d2f669f6d5e80f20e3496be3c756b307"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-e43d7ca8-11c0-473c-870f-970fc460c361", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High", "observed_time": {"start_time": "2020-09-16T03:44:03.541Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c43d3c3492838fde791edeeac428f779750aeb9aea450221ba1b3599f5d62606"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-a74ae08c-ceae-4de9-9429-7f1bdcdef394", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High", "observed_time": {"start_time": "2020-09-15T03:44:07.613Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6b6b2bbea6523155c38f4bd60182a11e853a941a098612f46e8a4ff2cf9d1403"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-993a3f14-eb9e-40f6-87a0-b713e2e8dbec", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High", "observed_time": {"start_time": "2020-09-09T03:44:11.567Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-fc4d14e9d9c06a67af99b34dfbd276fdc1ae4fbe26b6e0449a53100c50b39f8c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5bc7df70-2b0c-4cc8-9ed0-69c3e5d0284b", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High", "observed_time": {"start_time": "2020-08-19T03:42:17.389Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8d6133774a33636b52c44c349c4e0c7f68d16c9eaaa7b858c33975c38388ed9c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-232b63cf-2225-420d-95c8-fe2e54b54a55", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High", "observed_time": {"start_time": "2020-09-13T03:42:15.863Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a4b0f0059823c1c51ff32370f5d024617785be418f6ba9da48b6dc797eea68f8"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-30471cfd-e315-42e3-92cd-764ca2a1051d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High", "observed_time": {"start_time": "2020-09-01T03:42:17.484Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-43aa9a45cc68cf7b65555df701a4b948824caab5b45657050332dda88cc7a513"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ba078f92-e0e1-4373-9b50-eb420deb89fe", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High", "observed_time": {"start_time": "2020-09-02T03:42:19.580Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0e05bcf1688e4656fc3a11e24e7fedf70272a4246ad5e422c07c1f88d06dc3c2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-aeeccfa9-eed1-4e30-b107-e784409fbfd6", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High", "observed_time": {"start_time": "2020-09-04T03:44:05.365Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8f5c9a98e882e6716413280083db7086e6fe3eaa61327a0a6e025e7336541dac"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5a876588-69c9-4ff1-8f6d-4c1abd9092dc", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High", "observed_time": {"start_time": "2020-08-20T03:42:18.290Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2cfd2330d4cc336e408c087c975e1ef9374e7cf1b6529411050d64e46f80a6a1"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-19703b03-ff26-4f17-abb6-9f8786d90c45", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High", "observed_time": {"start_time": "2020-08-29T03:42:17.844Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-01d35037c1091f331b4de66ead171686aa93629a0a8efaaa23a94fd050ec79e0"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-bb5727fc-7c49-482b-a613-1e17790079ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High", "observed_time": {"start_time": "2020-08-26T03:42:21.692Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8720903f4fe59b6fc5c323108f10613878c29fc15ebc4381cc2a6e27edbd46b2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-7bd32a64-8184-492d-90f4-7b70d79af22f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High", "observed_time": {"start_time": "2020-09-08T03:44:09.487Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-dc04395c0899812b7d91cd4cedca33c02f9f97c5cfeff74c77016c07e2b014bf"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-4b2bd88e-8127-4ea1-8865-b020bf4f7f1d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High", "observed_time": {"start_time": "2020-09-06T03:44:04.841Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3176c1ae80f97fe362e4050fd3d1f0d970a35d6e389de37629633f3297a401cc"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-db133606-fcf8-4be7-b8b4-f60e4889c1b2", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High", "observed_time": {"start_time": "2020-09-14T03:44:11.699Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-825ea0c267a73292817583b0bdeb743a07182cf58ca1dd717131efff3badab61"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-50a3d2f3-843b-40df-93e0-5fc088df3d7d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High", "observed_time": {"start_time": "2020-08-28T03:42:14.950Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cbe0a3a703d1fc937d6152caa998aefe12c9a1fd3208625b23185439125246ba"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-8eb0f036-70bf-43aa-8244-1be38fcd3ff5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High", "observed_time": {"start_time": "2020-08-23T03:42:14.255Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-505565c8aac275b3b4c6973cf4dbf0b5ee2b6bd3b86ac93ab73970835cf099bd"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-6667a3f8-3d44-4f3e-8b0c-725641c4c8ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High", "observed_time": {"start_time": "2020-09-12T03:44:07.198Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6101dca3c3466fe655354a794c8c5fa4cfe8fe23fff37f38231338f69ed50d75"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-34116ba7-bfdd-4523-a2fd-1a4f858dcc6d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High", "observed_time": {"start_time": "2020-08-18T03:42:16.304Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7fe52732eecfc45850e3604e605835d70dcad3ff8ebccd6ff586f106ef06902"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-1d4239d2-5921-4890-9a7d-e1755aa6ef04", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High", "observed_time": {"start_time": "2020-08-30T03:42:16.197Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-adb4aeb9e59034e41e5e2afe753110cf09f980393621092e045d2849d2943c13"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-63134800-b966-4610-89d1-2331b973dc77", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High", "observed_time": {"start_time": "2020-09-10T03:44:07.777Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ad513ebee2c522c99c152784b97f4b27abf7899834292cf779ad2bc8bd20e75c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-0be9605f-faca-4ed3-bf12-408cf04b697e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High", "observed_time": {"start_time": "2020-08-25T03:42:20.275Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3cda5a8af7ce5757a33e7707c3c133f3c5fd85fee7f31c7856a21fdb9d8729ae"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-13ecdd06-3655-4502-b900-10a298ef3126", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High", "observed_time": {"start_time": "2020-08-27T03:42:23.679Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-494eb2c4dc7dcc1117118b2a4595d61f3993aa8f1b13800879abce14fa05efea"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-10ffe439-3a12-48e8-a48c-b21a1c6e4183", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High", "observed_time": {"start_time": "2020-08-24T03:42:19.035Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4c4b36725fa004ef5a44ab2efe13ccdf6cc3368624bdd21828ce3a3cbcb0b45d"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-d4aacead-6007-4320-8696-b1a99ac1c114", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High", "observed_time": {"start_time": "2020-09-03T03:42:17.572Z"}}], "revListOrder": 1}], "selectedObservables": [{"uuid": "9d3d1b62-4702-4c98-9e11-4283b9accd97", "observable": {"key": "ce8f0870-1456-41ff-889e-7ce2ffbe9721", "value": "http://0win365.com/wp-admin/sites/", "indicators": [{"description": "URLhaus is a project operated by abuse.ch with thepurpose of sharing malicious URLs that are being usedfor malware distribution.", "valid_time": {"start_time": "2020-08-06T03:42:26.362Z", "end_time": "2525-01-01T00:00:00.000Z"}, "producer": "Abuse.ch", "schema_version": "1.0.16", "type": "indicator", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-495e8322a86ba11f771a0fa1a4c8dc2680559eea453c99382588830fe5eb8718"], "short_description": "Abuse.ch URLhaus Malware URL Exchange", "title": "Abuse.ch URLhaus DB Feed", "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/indicator/indicator-2db94461-9687-4fba-b652-9bded9561089", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-06T04:36:09.833Z"}], "type": "url", "state": "investigated", "targets": [], "disposition": 2, "verdicts": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "disposition_name": "Malicious", "id": "verdict:Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "verdict", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "disposition_name": "Suspicious", "id": "verdict:Talos Intelligence:1bac5cca", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "judgement_id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8"}], "notifications": [], "disposition_name": "Malicious", "obsListSortOrder": 1, "listOrder": 0, "label": "http://0win365.com/wp-admin/sites/", "id": "1bac5cca", "judgements": [{"valid_time": {"start_time": "2021-03-05T10:42:06.931Z", "end_time": "2021-03-12T10:42:06.931Z"}, "schema_version": "1.0.22", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Palo Alto AutoFocus", "disposition": 2, "module": "Palo Alto Networks AutoFocus (ITR-TESTING) ConfTokenTest", "module-type": null, "reason": "MALWARE in AutoFocus", "source_uri": "https://autofocus.paloaltonetworks.com/#/search/indicator/url/http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F/summary", "disposition_name": "Malicious", "priority": 85, "id": "transient:judgement-2b2facdf-1531-4b50-81dc-c4ff0f799881", "severity": "High", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2021-03-05T10:42:05.510Z", "end_time": "2021-04-04T10:42:05.510Z"}, "schema_version": "1.1.3", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Talos Intelligence", "disposition": 3, "module": "Talos Intelligence", "module-type": null, "reason": "Low Talos Intelligence reputation score", "source_uri": "https://www.talosintelligence.com/reputation_center/lookup?search=http%3A%2F%2F0win365.com%2Fwp-admin%2Fsites%2F", "disposition_name": "Suspicious", "priority": 90, "id": "transient:c571fddb-d5ec-4c51-a96f-21432d78bee8", "severity": "Medium", "tlp": "white", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-27T03:42:23.679Z", "end_time": "2020-09-26T03:42:23.679Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0c9a87422c7833ee49035928c849f9636968992e094322e803d33ffb3ec1b419"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0f4ea20e-605c-4089-910c-bab8f7025843", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-13T03:42:15.863Z", "end_time": "2020-10-13T03:42:15.863Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0ba84d907a0a309b0e65a87aea46a5ea56a5fbbb5a1b6699780473c84f7b701b"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-dd2ea1df-c35f-4179-badd-de8a6eeea695", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-11T03:44:06.846Z", "end_time": "2020-10-11T03:44:06.846Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cf0c4fb472d41c3c49288e2a5b78ce5277732e4d03fa137c04861cb035117c8f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-77d73961-0cac-4640-b5d4-e1d3a74f7456", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-09T03:44:11.567Z", "end_time": "2020-10-09T03:44:11.567Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4df6110cd7b8f0b4a7b487b6239c0b7d40853404e9bdd6c17d343ce231772db8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f7a88969-e90f-4297-8dbf-7356b802fff1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-30T03:42:16.197Z", "end_time": "2020-09-29T03:42:16.197Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c2e2dbb2ce411c484fa7d5bcfa39589b5ef9c83295c815a5110b6d854a1d946d"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-9bf5aa39-28df-46b3-9a21-6175356911d5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-26T03:42:21.692Z", "end_time": "2020-09-25T03:42:21.692Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a2670912ec05f302c51e0e48d6e2cc9b9ea4a7b076a46ba205f716ee69086539"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-50b88817-cd08-48af-bd16-86dee2af8520", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-18T03:42:16.304Z", "end_time": "2020-09-17T03:42:16.304Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a9bec042ce0bfa3ad7fec262fd5a810ef3d1044a38df3a691c3ddddf99e4e54f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b7e28f6c-c16c-46e4-bc5c-c29a1349c006", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-05T03:42:13.794Z", "end_time": "2020-10-05T03:42:13.794Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-92aaeab133a2671f2b2560f3f36123e4242e2652abd0be54e6b7ab36b6fa5a74"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-0bc944d3-70ee-4ade-8100-00c8954513b4", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-20T03:42:18.290Z", "end_time": "2020-09-19T03:42:18.290Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0b49c77e991bd3dae139e0d0003d0ccc64ac28b9fb530f4d65193187bc7c257f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-38b5af39-5fa4-4b7d-b5c9-565b5563632a", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-29T03:42:17.844Z", "end_time": "2020-09-28T03:42:17.844Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2d6d243a94aba36a312f7a3bba47821d2be0534ce40a14254eef0173f48dd739"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-456759c9-0387-4530-bce3-bf148c3b8594", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-10T03:44:07.777Z", "end_time": "2020-10-10T03:44:07.777Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d57ecdbd717fcf95bd7afa03ec497a62a5de738108b686bad476d2152289c8fe"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b5bb11be-1742-4b0c-93ce-fc2547e02d1b", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-02T03:42:19.580Z", "end_time": "2020-10-02T03:42:19.580Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-097f1439cfd0002db60be0543f5c60218741bb4c829ddc2aee8d1277a1bbae76"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-e804c536-3031-4dc0-9d7c-f13df622837f", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-14T03:44:11.699Z", "end_time": "2020-10-14T03:44:11.699Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-d52ac55cd2579fa04ffb2ceb16b8923ca01ff3e1c30838ab7534580a2fac42a6"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-88588aef-2ade-4a31-93d7-c2e36b0d4034", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-08T03:44:09.487Z", "end_time": "2020-10-08T03:44:09.487Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-db1ae1eca16aeb5256b2ce1c8743c60bbc0c683cd63802b477055835ac61d599"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fedb9822-599d-4fb0-b468-be0f862103d9", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-25T03:42:20.275Z", "end_time": "2020-09-24T03:42:20.275Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0a0237d5d3def521eeb5f95e46867feb47f3a35eac7922c8a9a4e1b4598de73e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-4a7eae43-7ee1-41f6-bbe9-5f243c62debe", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-06T03:44:04.841Z", "end_time": "2020-10-06T03:44:04.841Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3563b7e120ccdbfa13eb93876dce997382f8f5bd1d3d7fb479516a5572cdf760"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8807d8e0-373f-4d9c-a1c3-5cced0f07d8c", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-04T03:44:05.365Z", "end_time": "2020-10-04T03:44:05.365Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bea9e6709f8925ffabda87dd03ec3c2965e1968d045e2a9ad3029a31e65b1187"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-27134e8d-b3e9-4ffa-b8f2-5c2387f1d9a2", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-03T03:42:17.572Z", "end_time": "2020-10-03T03:42:17.572Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-95728fa592a408b8d172655bf6ffbdb82e8560fc32f0dffa17497916f82e7aab"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-05917599-b89e-44fd-ad38-c0ca86c55284", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-15T03:44:07.613Z", "end_time": "2020-10-15T03:44:07.613Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c194e629581c938811c02963758d8a267fc64084c057302ac5b71b00209f7ff8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-24a2b6ef-eaca-42bc-8b72-10939e82a5e5", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-01T03:42:17.484Z", "end_time": "2020-10-01T03:42:17.484Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-061613d6bc4db484985687c0d132d3b0ec9765fbe78e438cbf60c5b4b05f0820"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8d79391f-ccce-4370-b2de-3a9ba3ba5223", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-07T03:44:09.031Z", "end_time": "2020-10-07T03:44:09.031Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-9d8ce679c673e9dc14068827ede03d0855245552c371c2eb5b17eed8891dc89a"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-f41eaef8-6681-4453-bc18-e761dbaf1188", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-12T03:44:07.198Z", "end_time": "2020-10-12T03:44:07.198Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-abe595e32c080b469c305e0ad7d1a62121fdf768d1ed79cea114a6ba07229de8"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-78f51b61-921e-4da7-8c8e-baccf7eea503", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-09-16T03:44:03.541Z", "end_time": "2020-10-16T03:44:03.541Z"}, "schema_version": "1.0.19", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7c49c163daa78d00b9f5a92e7db3b77975ffe590c2bf014a9f356a110359d1e"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-b4a27d52-4b30-4e47-979d-e840e1f0b123", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-24T03:42:19.035Z", "end_time": "2020-09-23T03:42:19.035Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-37e10fd140dde5516c179fe87a6c2a7e9fba2f06622f7e84f38be61f196880e7"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-fa98a557-4038-46da-b484-c06f8ff26cba", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-22T03:42:20.082Z", "end_time": "2020-09-21T03:42:20.082Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f6d53a24e78217737a3f7f1afedd43c980708649d5dbeeea891809f5360146d9"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-8371f552-8047-481f-b6f0-5c127e265a50", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-21T03:42:17.195Z", "end_time": "2020-09-20T03:42:17.195Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-f432a7f6a8c7bf5ce5eee3e0726519fc4e9e2af318952e4b9af219a11c6a1baa"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-344e2d02-b1fc-4a1e-96fd-a792382e82d1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-23T03:42:14.255Z", "end_time": "2020-09-22T03:42:14.255Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b5b21d47f50dc2cbb50381f869dc39f2c3eb809e745f5544d168b350872dd9e0"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-bf037577-c045-410c-a711-ae9fccdc86c1", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-19T03:42:17.389Z", "end_time": "2020-09-18T03:42:17.389Z"}, "schema_version": "1.0.16", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c1080f31bc1a4986a1ad87a9c2ca65b066fd312218ab12442fffebad88a0e25c"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-3e1fbc4b-87d9-495c-9201-d2873a82e7a3", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-28T03:42:14.950Z", "end_time": "2020-09-27T03:42:14.950Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-1ea4a178ac57556b3ea8922a5678f8982f34391ed4628f01cbb0d91c201e027f"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-690c5818-d742-4a4a-9090-59b5f4f4a7d7", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High"}, {"valid_time": {"start_time": "2020-08-31T03:42:19.101Z", "end_time": "2020-09-30T03:42:19.101Z"}, "schema_version": "1.0.18", "observable": {"value": "http://0win365.com/wp-admin/sites/", "type": "url"}, "type": "judgement", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-174820c73e61c6a34d745c20c4841bd7912417c1f8114d2cd6bc42da35540162"], "disposition": 2, "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "disposition_name": "Malicious", "priority": 95, "id": "https://intel.amp.cisco.com:443/ctia/judgement/judgement-a9f6c620-8ea8-4d02-ab62-8843a382b949", "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High"}], "sightings": [{"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-e9979ee698bba926de30c903b825044bdb6fb6fbb0f7a4a28da470b07e167f68"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-dab40bc7-359a-4ece-8c85-18b269ef50f5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-22T03:42:20.082Z", "confidence": "High", "observed_time": {"start_time": "2020-08-22T03:42:20.082Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-bb2e5c7fa59980443bf24e1b5f59271a4880257cc4f475f3066f7862cde7cf96"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ffc75cf7-1793-4ee1-a8d6-afaa81926b62", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-07T03:44:09.031Z", "confidence": "High", "observed_time": {"start_time": "2020-09-07T03:44:09.031Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-7705128231e9ba796191bbf0908f6299a4eed20dcdc0d88630ce60919fe1d8aa"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-2112dc04-e8d1-4090-97f2-cfe6a0807712", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-11T03:44:06.846Z", "confidence": "High", "observed_time": {"start_time": "2020-09-11T03:44:06.846Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-444cde78bbe44723f6a35f2ff7515bedc9ff63737335575be086221eb4f6c333"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-177ad514-08af-4f0a-b1bc-a1c062a59e5f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-05T03:42:13.794Z", "confidence": "High", "observed_time": {"start_time": "2020-09-05T03:42:13.794Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2196aeefea16b8e3dda0d6b7f2e28859a52735872ba7aa3852c53962f7817e1e"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-f073d02b-73d8-46d8-a079-cb818301c19e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-31T03:42:19.101Z", "confidence": "High", "observed_time": {"start_time": "2020-08-31T03:42:19.101Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-561a01fc837a7202f65757d77406ec7a7ae4fa570d0a98ea680b350965f86871"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-12621160-29d0-4f0b-95a9-14b9c0f4d46f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-21T03:42:17.195Z", "confidence": "High", "observed_time": {"start_time": "2020-08-21T03:42:17.195Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ceb72ba9c47a916b4cc26114a5b73013d2f669f6d5e80f20e3496be3c756b307"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-e43d7ca8-11c0-473c-870f-970fc460c361", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-16T03:44:03.541Z", "confidence": "High", "observed_time": {"start_time": "2020-09-16T03:44:03.541Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-c43d3c3492838fde791edeeac428f779750aeb9aea450221ba1b3599f5d62606"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-a74ae08c-ceae-4de9-9429-7f1bdcdef394", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-15T03:44:07.613Z", "confidence": "High", "observed_time": {"start_time": "2020-09-15T03:44:07.613Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6b6b2bbea6523155c38f4bd60182a11e853a941a098612f46e8a4ff2cf9d1403"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-993a3f14-eb9e-40f6-87a0-b713e2e8dbec", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-09T03:44:11.567Z", "confidence": "High", "observed_time": {"start_time": "2020-09-09T03:44:11.567Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-fc4d14e9d9c06a67af99b34dfbd276fdc1ae4fbe26b6e0449a53100c50b39f8c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5bc7df70-2b0c-4cc8-9ed0-69c3e5d0284b", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-19T03:42:17.389Z", "confidence": "High", "observed_time": {"start_time": "2020-08-19T03:42:17.389Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8d6133774a33636b52c44c349c4e0c7f68d16c9eaaa7b858c33975c38388ed9c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-232b63cf-2225-420d-95c8-fe2e54b54a55", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-13T03:42:15.863Z", "confidence": "High", "observed_time": {"start_time": "2020-09-13T03:42:15.863Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-a4b0f0059823c1c51ff32370f5d024617785be418f6ba9da48b6dc797eea68f8"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-30471cfd-e315-42e3-92cd-764ca2a1051d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-01T03:42:17.484Z", "confidence": "High", "observed_time": {"start_time": "2020-09-01T03:42:17.484Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-43aa9a45cc68cf7b65555df701a4b948824caab5b45657050332dda88cc7a513"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-ba078f92-e0e1-4373-9b50-eb420deb89fe", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-02T03:42:19.580Z", "confidence": "High", "observed_time": {"start_time": "2020-09-02T03:42:19.580Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-0e05bcf1688e4656fc3a11e24e7fedf70272a4246ad5e422c07c1f88d06dc3c2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-aeeccfa9-eed1-4e30-b107-e784409fbfd6", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-04T03:44:05.365Z", "confidence": "High", "observed_time": {"start_time": "2020-09-04T03:44:05.365Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8f5c9a98e882e6716413280083db7086e6fe3eaa61327a0a6e025e7336541dac"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-5a876588-69c9-4ff1-8f6d-4c1abd9092dc", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-20T03:42:18.290Z", "confidence": "High", "observed_time": {"start_time": "2020-08-20T03:42:18.290Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-2cfd2330d4cc336e408c087c975e1ef9374e7cf1b6529411050d64e46f80a6a1"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-19703b03-ff26-4f17-abb6-9f8786d90c45", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-29T03:42:17.844Z", "confidence": "High", "observed_time": {"start_time": "2020-08-29T03:42:17.844Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-01d35037c1091f331b4de66ead171686aa93629a0a8efaaa23a94fd050ec79e0"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-bb5727fc-7c49-482b-a613-1e17790079ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-26T03:42:21.692Z", "confidence": "High", "observed_time": {"start_time": "2020-08-26T03:42:21.692Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-8720903f4fe59b6fc5c323108f10613878c29fc15ebc4381cc2a6e27edbd46b2"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-7bd32a64-8184-492d-90f4-7b70d79af22f", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-08T03:44:09.487Z", "confidence": "High", "observed_time": {"start_time": "2020-09-08T03:44:09.487Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-dc04395c0899812b7d91cd4cedca33c02f9f97c5cfeff74c77016c07e2b014bf"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-4b2bd88e-8127-4ea1-8865-b020bf4f7f1d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-06T03:44:04.841Z", "confidence": "High", "observed_time": {"start_time": "2020-09-06T03:44:04.841Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3176c1ae80f97fe362e4050fd3d1f0d970a35d6e389de37629633f3297a401cc"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-db133606-fcf8-4be7-b8b4-f60e4889c1b2", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-14T03:44:11.699Z", "confidence": "High", "observed_time": {"start_time": "2020-09-14T03:44:11.699Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-825ea0c267a73292817583b0bdeb743a07182cf58ca1dd717131efff3badab61"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-50a3d2f3-843b-40df-93e0-5fc088df3d7d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-28T03:42:14.950Z", "confidence": "High", "observed_time": {"start_time": "2020-08-28T03:42:14.950Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-cbe0a3a703d1fc937d6152caa998aefe12c9a1fd3208625b23185439125246ba"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-8eb0f036-70bf-43aa-8244-1be38fcd3ff5", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-23T03:42:14.255Z", "confidence": "High", "observed_time": {"start_time": "2020-08-23T03:42:14.255Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-505565c8aac275b3b4c6973cf4dbf0b5ee2b6bd3b86ac93ab73970835cf099bd"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-6667a3f8-3d44-4f3e-8b0c-725641c4c8ae", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-12T03:44:07.198Z", "confidence": "High", "observed_time": {"start_time": "2020-09-12T03:44:07.198Z"}}, {"schema_version": "1.0.16", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-6101dca3c3466fe655354a794c8c5fa4cfe8fe23fff37f38231338f69ed50d75"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-34116ba7-bfdd-4523-a2fd-1a4f858dcc6d", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-18T03:42:16.304Z", "confidence": "High", "observed_time": {"start_time": "2020-08-18T03:42:16.304Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-b7fe52732eecfc45850e3604e605835d70dcad3ff8ebccd6ff586f106ef06902"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-1d4239d2-5921-4890-9a7d-e1755aa6ef04", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-30T03:42:16.197Z", "confidence": "High", "observed_time": {"start_time": "2020-08-30T03:42:16.197Z"}}, {"schema_version": "1.0.19", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-adb4aeb9e59034e41e5e2afe753110cf09f980393621092e045d2849d2943c13"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-63134800-b966-4610-89d1-2331b973dc77", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-10T03:44:07.777Z", "confidence": "High", "observed_time": {"start_time": "2020-09-10T03:44:07.777Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-ad513ebee2c522c99c152784b97f4b27abf7899834292cf779ad2bc8bd20e75c"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-0be9605f-faca-4ed3-bf12-408cf04b697e", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-25T03:42:20.275Z", "confidence": "High", "observed_time": {"start_time": "2020-08-25T03:42:20.275Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-3cda5a8af7ce5757a33e7707c3c133f3c5fd85fee7f31c7856a21fdb9d8729ae"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-13ecdd06-3655-4502-b900-10a298ef3126", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-27T03:42:23.679Z", "confidence": "High", "observed_time": {"start_time": "2020-08-27T03:42:23.679Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-494eb2c4dc7dcc1117118b2a4595d61f3993aa8f1b13800879abce14fa05efea"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-10ffe439-3a12-48e8-a48c-b21a1c6e4183", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-08-24T03:42:19.035Z", "confidence": "High", "observed_time": {"start_time": "2020-08-24T03:42:19.035Z"}}, {"schema_version": "1.0.18", "observables": [{"value": "http://0win365.com/wp-admin/sites/", "type": "url"}], "type": "sighting", "source": "Abuse.ch URLhaus Database", "external_ids": ["hydrant-4c4b36725fa004ef5a44ab2efe13ccdf6cc3368624bdd21828ce3a3cbcb0b45d"], "module": "AMP Global Intelligence", "module-type": null, "source_uri": "https://urlhaus.abuse.ch/", "id": "https://intel.amp.cisco.com:443/ctia/sighting/sighting-d4aacead-6007-4320-8696-b1a99ac1c114", "count": 1, "severity": "High", "tlp": "green", "action": "51ce0670-4355-4bd3-8cae-9aaf27e06344", "timestamp": "2020-09-03T03:42:17.572Z", "confidence": "High", "observed_time": {"start_time": "2020-09-03T03:42:17.572Z"}}], "revListOrder": 1}, "notifications": [], "disposition_name": "Malicious", "disposition": 2, "type": "url", "value": "http://0win365.com/wp-admin/sites/", "id": "1bac5cca"}], "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-1f74c8d5-12eb-480a-b27c-066c5ff422af", "tlp": "amber", "groups": ["60c63e6e-a341-4990-8da8-9d432e8be7c0"], "timestamp": "2021-03-05T10:42:36.669Z", "owner": "d67071e5-7738-49a4-b315-4117b30a086b"}
\ No newline at end of file