Azure-Sentinel/Sample Data/Custom/Group IB TIA/GIBTIA_bp_phishing.json

{
    "dateBlocked": null,
    "dateDetected": "2021-01-14T11:21:34+00:00",
    "evaluation": {
        "admiraltyCode": "A2",
        "credibility": 80,
        "reliability": 90,
        "severity": "red",
        "tlp": "amber",
        "ttl": 30
    },
    "history": [
        {
            "date": "2021-01-13T11:20:50+00:00",
            "field": "Detected",
            "reason": "In response",
            "reporter": "Group-IB Intelligence",
            "value": "In response"
        },
        {
            "date": "2021-01-14T11:20:50+00:00",
            "field": "Status has been changed",
            "reason": "-",
            "reporter": "Group-IB Intelligence",
            "value": "In response"
        }
    ],
    "id": "fce7f92d0b64946cf890842d083953649b259952",
    "ipv4": {
        "asn": null,
        "city": "Some city",
        "countryCode": "CA",
        "countryName": "Canada",
        "ip": "12.12.12.12",
        "provider": "Some provider",
        "region": "NA"
    },
    "isFavourite": false,
    "isHidden": false,
    "oldId": "396798526",
    "phishingDomain": {
        "domain": "some.com",
        "local": "some.com",
        "dateRegistered": "2013-11-15 13:41:30",
        "title": "",
        "registrar": "Some"
    },
    "portalLink": "https://bt.group-ib.com/attacks/phishing?searchValue=id:fce7f92d0b64946cf890842d083953649b259952",
    "seqUpdate": 1614925293641,
    "status": "In response",
    "targetBrand": "Some brand",
    "targetCategory": "Finance > Banking",
    "targetCountryName": null,
    "targetDomain": "some.com",
    "type": "Phishing",
    "url": "https://some.php"
}