{ "type": "Domain", "indicator": "cb.is", "general": { "sections": [ "general", "geo", "url_list", "passive_dns", "malware", "whois", "http_scans" ], "whois": "http://whois.domaintools.com/cb.is", "alexa": "http://www.alexa.com/siteinfo/cb.is", "indicator": "cb.is", "type": "domain", "type_title": "Domain", "validation": [], "base_indicator": { "id": 3158668348, "indicator": "cb.is", "type": "domain", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 7, "pulses": [ { "id": "69eb254f17eb4a2a990f07e5", "name": "LevelBlue - Open Threat Exchange", "description": "[ As part of security research, we look at some of the most well-known vulnerabilities in the PDF ecosystem, and how they can be identified and mitigated, with the help of a simple hash.] [64xxxx]", "modified": "2026-05-28T07:10:11.800000", "created": "2026-04-24T08:09:51.488000", "tags": [ "pdfkit", "cve202225765", "exploit script", "github", "unicordev", "cves", "xml external", "entity", "pdfs", "knowledge base", "python", "mozilla", "virustotal", "cisa", "apple", "microsoft", "pdfkit ruby", "remote code", "execution", "urls", "malware", "raid", "caddywiper", "wipes", "cve202543529", "webkit", "february", "cve202620643", "bypass", "march", "webkit bug", "command", "control", "levelblue", "open threat" ], "references": [ "https://otx.alienvault.com/indicator/ip/198.49.23.145#:~:text=CIDR:%206%20%7C%20CVE:%20107,infrastructure%20into%20global%20botnet%20clusters." ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Wipes", "display_name": "Wipes", "target": null } ], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 1, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 1084, "FileHash-SHA1": 874, "FileHash-SHA256": 3052, "CVE": 36, "domain": 437, "hostname": 1086, "URL": 1411, "CIDR": 15, "email": 13 }, "indicator_count": 8008, "is_author": false, "is_subscribing": null, "subscriber_count": 71, "modified_text": "5 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "68038f7eb6f6810aa6d6439f", "name": "\"+g+\"", "description": "https://aplikacja.ceidg.gov.pl/CEIDG/CEIDG.Public.UI/EntryChangeHistory.aspx?Id=855bdfc1-7dbc-4a86-9d27-89ebb0ecf166&archival=False", "modified": "2025-09-01T08:05:25.121000", "created": "2025-04-19T11:56:46.933000", "tags": [ "copyright", "customevent", "typeof e", "boomerang", "typeof t", "macintosh", "os x", "post", "typeof", "iframe", "date", "poka menu", "nie znaleziono", "poka start", "poka", "max dostpnych", "pierwsza", "ostatnia", "nastpna", "poprzednia", "brak danych", "first", "ceidg", "wystpi bd", "error", "true", "null", "linkdownload", "show", "ctrlmappings", "version", "versionchange", "body", "false", "span", "input", "paginate", "next", "last", "selectstart", "loop", "function", "bootstrap", "datatables", "responsive", "2016 sprymedia", "amd define", "object", "commonjs", "window", "browser", "button", "datatable", "sprymedia ltd", "columns", "colidx", "column", "parent", "child", "param", "display", "click", "middle", "class", "target", "never", "find", "footer", "close", "regexp", "matches", "cookie", "inputmask", "input mask", "robin herbots", "mit license", "xmlhttprequest", "left", "month", "boolean", "maxdate", "right", "daterangepicker", "yyyymmdd", "calendar", "jquery", "webpackrequire", "typeof symbol", "type", "setprototypeof", "maskpos", "wrapnativesuper", "backspace", "insert", "internal", "mask", "void", "this", "nie mona", "array", "nonmsdombrowser", "horizontal", "leftarrow", "uparrow", "rightarrow", "downarrow", "explorer", "form", "legend", "hmmss", "mmmm d", "yyyy h", "typeof define", "number", "locale", "character", "seeknext", "masked", "input plugin", "josh bush", "azaz", "azaz09", "black", "kontrast", "arrcookies", "getcookielang", "and information", "on business", "sign", "twoja", "opinia", "informacja o", "notify ui", "widget", "eric hynds", "dual", "name", "dtopt", "example", "using", "open", "adata", "hungarian", "aria", "legacy", "trident", "format", "nuke", "apos", "bitcoin", "outer", "mark", "info", "reload", "behaviour", "write", "buttons", "anything", "prop", "thecookie", "create", "thevalue", "string name", "pluginscookie", "author", "eventkey", "datakey", "default", "dataapikey", "defaulttype", "config", "shown", "trigger", "delta", "guard", "arrow", "leave", "scroll", "dataspy", "sessiontimeout", "return", "settimeout", "mytimerid", "requestcounter", "starttimer", "stop", "typeof n", "adminlte", "typeof o", "main", "js application", "adminlte v2", "colorlib", "ui date", "written", "jacek wysocki", "poprzedni", "marzec", "kwiecie", "czerwiec", "lipiec", "sierpie", "wrzesie", "openpopup", "href", "toggle", "msviewport", "popover", "json", "json text", "string", "otherwise", "holder", "mind", "copy", "meta", "third", "text", "choice", "confirm", "nie pytaj", "site", "title", "value", "alert", "warn", "migrate", "foundation", "see http", "forget", "newvalue", "nones5", "fall", "wrongvalid", "onerror", "year", "fast", "argument", "popper", "method", "data", "html", "flip", "factory", "onload", "tbody", "courier", "elem", "handle", "expando", "match", "selector", "sizzle", "android", "capture", "seed", "pass", "enough", "code", "bind", "core", "local", "verify", "accept", "done", "override", "inject", "possible", "hold", "45deg", "larger", "screen styling", "90deg", "support", "sidebar mini", "e1f0ff", "font awesome", "free", "autocomplete", "folder", "expanded folder", "tabela", "sorting", "xform", "nadpisane style", "menlo", "monaco", "consolas", "mono", "courier new", "browse", "twitter", "pt serif", "georgia", "times new", "roman", "times", "typetime", "import", "roboto", "http", "label", "demos", "effect", "inst", "super", "speed", "bounce", "hack", "logic", "shift", "double", "february", "april", "june", "august", "friday", "erase", "atom", "caja", "spinner", "refresh", "alpha", "sentinel", "back", "blind", "drop", "ceidg.gov.pl - centralna ewidencja i informacja o dzia\u0142alno\u015bci g", "prosz czeka", "pobierz plik" ], "references": [ "https://aplikacja.ceidg.gov.pl/CEIDG/CEIDG.Public.UI/EntryChangeHistory.aspx?Id=855bdfc1-7dbc-4a86-9d27-89ebb0ecf166&archival=False", "UE_pl_top.svg", "UE_pl_top_sm.svg", "XZ4AH-ABKPW-SQPBC-CYWES-BCG6V", "dataTables.lang.js.pobrane", "EntryChangeHistory.aspx.js.pobrane", "dataTables.input.js.pobrane", "responsive.bootstrap4.js.pobrane", "dataTables.bootstrap4.js.pobrane", "dataTables.responsive.js.pobrane", "jquery.session.js.pobrane", "inputmask.binding.js.pobrane", "daterangepicker.js.pobrane", "jquery.inputmask.min.js.pobrane", "ScriptResource.axd", "moment-with-locales.min.js.pobrane", "jquery.maskedinput-1.2.2.js.pobrane", "feedback.js.pobrane", "jquery.notify.min.js.pobrane", "jquery.dataTables.js.pobrane", "jquery.cookie.js.pobrane", "bootstrap.js.pobrane", "SessionTimeout.js.pobrane", "adminlte.min.js.pobrane", "jquery.easing.1.3.js.pobrane", "jquery.feedbackBadge.min.js.pobrane", "ui.datepicker-pl.js.pobrane", "ceidg-master.js.pobrane", "CommonResponsive.js.pobrane", "json2.js.pobrane", "jquery.alerts.js.pobrane", "jquery-migrate-1.2.1.js.pobrane", "dataTables.bootstrap4.css", "CommonScripts.js.pobrane", "popper.js.pobrane", "responsive.bootstrap4.css", "jquery-3.0.0.js.pobrane", "daterangepicker.css", "AdminLTE.css", "ui.notify.css", "ceidg.css", "bootstrap-gov-pl.css", "biznes.css", "jquery-ui.js.pobrane", "saved_resource.html" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 3, "FileHash-SHA1": 4, "FileHash-SHA256": 25, "URL": 165, "domain": 353, "hostname": 215, "email": 2 }, "indicator_count": 767, "is_author": false, "is_subscribing": null, "subscriber_count": 123, "modified_text": "274 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "663d2869e0f3a42bbddc42ff", "name": "UPX executable packer.", "description": "A new rule has been introduced a \"suspicious\" ELF binary that is packed with the UPX executable packer.\nSuggested ATT&CK IDs: rule SUSP_ELF_LNX_UPX_Compressed_File { meta: description = \"Detects a suspicious ELF binary with UPX compression\" author = \"Florian Roth (Nextron Systems)\" reference = \"Internal Research\" date = \"2018-12-12\" score = 40 hash1 = \"038ff8b2fef16f8ee9d70e6c219c5f380afe1a21761791e8cbda21fa4d09fdb4\" id = \"078937de-59b3-538e-a5c3-57f4e6050212\" strings: $s1 = \"PROT_EXEC|PROT_WRITE failed.\" fullword ascii $s2 = \"$Id: UPX\" fullword ascii $s3 = \"$Info: This file is packed with the UPX executable packer\" ascii $fp1 = \"check your UCL installation !\"", "modified": "2024-10-14T00:01:17.069000", "created": "2024-05-09T19:47:53.786000", "tags": [ "cioch adrian", "centrum usug", "sieciowych", "elf binary", "upx compression", "roth", "nextron", "info", "javascript", "html", "office open", "xml document", "network capture", "win32 exe", "xml pakietu", "pdf zestawy", "przechwytywanie", "office", "filehashsha1", "url https", "cve cve20201070", "cve cve20203153", "cve cve20201048", "cve cve20211732", "cve20201048 apr", "filehashmd5", "cve cve20010901", "cve cve20021841", "cve20153202 apr", "cve cve20160728", "cve cve20161807", "cve cve20175123", "cve20185407 apr", "cve cve20054605", "cve cve20060745", "cve cve20070452", "cve cve20070453", "cve cve20070454", "cve cve20071355", "cve cve20071358", "cve cve20071871", "cve20149614 apr", "cve cve20151503", "cve cve20152080", "cve cve20157377", "cve cve20170131", "cve20200796 may", "cve cve20113403" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 6861, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 5771, "domain": 3139, "URL": 14525, "FileHash-SHA1": 2610, "IPv4": 108, "CIDR": 40, "FileHash-SHA256": 10705, "FileHash-MD5": 3373, "YARA": 2, "CVE": 148, "Mutex": 7, "FilePath": 3, "SSLCertFingerprint": 3, "email": 23, "JA3": 1, "IPv6": 2 }, "indicator_count": 40460, "is_author": false, "is_subscribing": null, "subscriber_count": 138, "modified_text": "596 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65708c0f5981b6d81d0fa423", "name": "data102 and colohouse. Malware hosting", "description": "", "modified": "2023-12-06T14:58:23.206000", "created": "2023-12-06T14:58:23.206000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 458, "domain": 557, "URL": 2599, "hostname": 952 }, "indicator_count": 4566, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62601d5f1c8672141d3c2afb", "name": "Malware hosting - rackip.com = astutemedia.asia", "description": "New RegExp:function(a,b), a new type, has its own built-up property, as well as an ability to store information in place when it is not already available.", "modified": "2022-05-20T00:01:19.453000", "created": "2022-04-20T14:49:03.781000", "tags": [ "datasecret", "easeoutcubic", "jquery", "select", "span", "class js", "html", "topsearch", "menu", "mobile", "menu dropdown", "class", "retinaimagepath", "copyright", "imulus", "mit license", "retina", "function", "xmlhttprequest", "head", "contenttype", "imagei", "viljamis", "navigation", "date", "typeof h", "woothemes", "tyler smith", "documenttouch", "number", "knumber", "previous", "next", "supersubs", "joel birch", "dual", "google group", "fontsize", "whitespace", "nowrap", "float", "superfish", "changelog", "visibility", "hidden", "setposition", "isset", "srcyoutube", "srcvimeo", "image", "lightbox clone", "stephane caron", "typeof therel", "regexp", "play", "close", "isotope", "commercial use", "http", "david desandro", "metafizzy", "moz webkit", "o ms", "reset", "null", "value", "clamp", "nullrgba", "nullhsla", "execresult", "cache", "local", "right", "including", "this software", "but not", "limited to", "terms of", "open", "bsd license", "redistribution", "redistributions", "neither", "direct", "placeheld", "form", "wpcf7", "alert", "minimum", "tooshort", "unittag", "false", "fast", "typesubmit", "form plugin", "version", "requires jquery", "examples", "typeof define", "typeimage", "formdata", "stop", "modernizr", "custom build", "build", "afunction", "cfunction", "typeerror", "object", "kfunction", "pseudo", "child", "typeof b", "array", "error", "sufeffxa0", "attr", "void", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "udfcbudfcc", "u2640u2642", "source", "ud83dudc6cud83c", "secure", "result" ], "references": [ "http://www.powr.io/powr.js", "http://astutemedia.asia/rackip/wp-includes/js/wp-emoji-release.min.js?ver=5.5.9", "xfe-URL-astutemedia.asia-stix2-2.1-export.json", "http://astutemedia.asia/rackip/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/modernizr.js?ver=2.5.3", "http://astutemedia.asia/rackip/wp-includes/js/comment-reply.min.js?ver=5.5.9", "http://astutemedia.asia/rackip/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20", "http://astutemedia.asia/rackip/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.5.1", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.easing.js?ver=1.2", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.color.js?ver=2.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.isotope.min.js?ver=1.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.prettyPhoto.js?ver=3.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/superfish.js?ver=1.4.8", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/supersubs.js?ver=0.2", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.flexslider-min.js?ver=1.8", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/tinynav.min.js?ver=1.03", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/retina.min.js?ver=1.1.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/custom.js?ver=1.0", "http://astutemedia.asia/rackip/wp-includes/js/wp-embed.min.js?ver=5.5.9", "xfe-URL-Powr.io-stix2-2.1-export.json" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 6, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 515, "URL": 1487, "domain": 242, "FileHash-SHA256": 351, "CVE": 1 }, "indicator_count": 2596, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "1474 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62609c764fab13bbe96613f8", "name": "Pegasus - pegtech.com", "description": "New RegExp:function(a,b), a new type, has its own built-up property, as well as an ability to store information in place when it is not already available.", "modified": "2022-05-20T00:01:19.453000", "created": "2022-04-20T23:51:18.734000", "tags": [ "fontface", "woff", "sans", "woff2", "u1c801c88", "u20b4", "u2de02dff", "ua640a69f", "ufe2efe2f", "u04b004b1", "u2116", "datasecret", "chrome", "opredge", "isoperaedge", "opera", "browsername", "gecko", "iphone", "body", "srchttp", "strhashchange", "software", "sectionindex", "srchttps", "etslidertimer", "copyright", "typeof define", "etslidesnumber", "columns", "date", "error", "cowboy", "function", "placeheld", "customevent", "click", "minimum", "tooshort", "wpcf7wfreetext", "alert", "invert", "null", "form", "fast", "false", "path", "next", "video lightbox", "plugin", "expand", "previous", "setposition", "isset", "srcyoutube", "srcvimeo", "image", "lightbox clone", "stephane caron", "typeof therel", "regexp", "play", "close", "pseudo", "child", "typeof b", "array", "sufeffxa0", "class", "attr", "void", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "udfcbudfcc", "u2640u2642", "uddb0uddb3", "udd74udd75" ], "references": [ "xfe-URL-pegtech.com-stix2-2.1-export.json", "https://pegtech.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.20", "https://pegtech.com/wp-includes/js/jquery/jquery.js?ver=1.12.4", "https://pegtech.com/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6", "https://pegtech.com/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6", "https://pegtech.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.2", "https://pegtech.com/wp-content/themes/Divi/js/custom.min.js?ver=3.0.100", "https://pegtech.com/wp-content/themes/Divi/core/admin/js/common.js?ver=3.0.100", "https://pegtech.com/wp-includes/js/wp-embed.min.js?ver=4.9.20", "https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext", "https://pegtech.com/wp-includes/css/dashicons.min.css?ver=4.9.20" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 5, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 856, "domain": 190, "hostname": 364, "FileHash-SHA256": 216 }, "indicator_count": 1626, "is_author": false, "is_subscribing": null, "subscriber_count": 69, "modified_text": "1474 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "625f42dcc369f59f6a1e8b58", "name": "data102 and colohouse. Malware hosting", "description": "var a,b,c,d, f.substr(d),a=f, a.href, and a number of other elements:a.b.search.com.", "modified": "2022-05-19T00:00:49.028000", "created": "2022-04-19T23:16:44.418000", "tags": [ "regexp", "rangeerror", "typeerror", "date", "array", "error", "this", "uint8array", "typeof b", "buffer", "class", "null", "path", "void", "marketo forms", "cross domain", "typetext", "typeurl", "typeemail", "typetel", "typenumber", "typedate", "color", "label", "input", "typerange", "typecheckbox", "woff2", "fontface", "u1c801c88", "u20b4", "u2de02dff", "ua640a69f", "ufe2efe2f", "u04b004b1", "u2116", "u1ea01ef9", "franklin", "woff", "u20ab", "u0259", "u1e001eff", "u2020", "u20a020ab", "u20ad20cf", "gradienttype0", "webkitkeyframes", "span", "button", "tbody", "textarea", "helvetica neue", "tfoot", "body", "alpha", "twitter", "roboto", "pitch", "datasecret", "q1kg", "q17g", "d2dg", "c d3r", "q171zg", "e c2ttttb", "c g7", "6n184z", "6f6g", "typeof", "wpcf7redirect", "cf7mlscurrentfs", "handle fire", "popuptemplate", "templatename", "click", "fieldset", "cf7mlsbackfs", "section", "classwidget", "idmenu", "idfooter", "idwidget", "idcomment", "classmenu", "classfooter", "classcomment", "target", "blank", "typeof e", "formdata", "typeof symbol", "customevent", "post", "refill", "wpcf7", "wpcf7locale", "wpcf7unittag", "typeof wpcf7", "boolean", "modernizr", "custom build", "build", "afunction", "cfunction", "object", "documenttouch", "websocket", "symbol", "generator", "function", "select", "harvest", "mit license", "optgroup", "nnn n", "n nnnn", "explorer", "options", "abbr", "element", "unknownerror", "overquerylimit", "requestdenied", "zeroresults", "node", "edge", "android", "trident", "unknown", "false", "iframe", "marker", "hybrid", "tawkspinner", "failed", "resend", "tawkavatar", "tawkvideo", "tawkalert", "tawkemoji", "tawkicon", "enter", "number", "startchatbutton", "u26a1", "typeof t", "invalid attempt", "copyright", "marketo", "remove", "commentform", "author", "mouseenter", "secure", "ccpa", "bottom", "fixed", "widget", "embed", "trigger", "antispam", "please", "cleantalk", "typeof o", "ajaxnonce", "unkown", "apbctajaxerror", "typeof define", "typeof module", "html tags", "ox20trnf", "dom element", "attr", "pseudo", "child", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "udfcbudfcc", "u2640u2642", "source", "image", "ud83dudc6cud83c", "qe", "string", "xhfunction", "yhfunction", "gtmptxlxz4", "host", "code", "script", "promise", "complete", "reduceright", "g7be8pmlskx", "r300", "typeof d", "caca", "ufunction", "ffunction", "gfunction", "mchtd", "azaz", "firefox", "opera", "chrome", "iemobile", "black", "incorrect", "xfunction", "typeof p", "typeof btoa", "vnode", "colohouse", "york", "learn more", "data center", "miami", "e cermak", "springs", "read", "cloud", "managed", "fast", "philadelphia", "bare", "metal", "chat", "accept", "placeheld", "minimum", "tooshort", "wpcf7wfreetext", "alert", "invert", "form", "animation", "value", "foundation", "migrate", "backcompat", "quirks mode", "typeof f", "html", "sufeffxa0", "legacy", "contenttype", "wivobjkey", "typehit", "data", "closure library", "pfunction", "zfunction", "bfunction", "mvoid", "ofunction" ], "references": [ "xfe-URL-Data102.com-stix2-2.1-export.json", "https://www.google-analytics.com/analytics.js", "https://chimpstatic.com/mcjs-connected/js/users/6c3abfa7ff8634c75cdb2b22e/ddf7a436c1746be666f330e4a.js", "https://app.whoisvisiting.com/who.js", "https://www.data102.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp", "https://www.data102.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1", "https://www.data102.com/?wordfence_lh=1&hid=2D6A812A7EB197E80D5A3978A6386BE4&r=0.5029022326538093", "https://www.data102.com/wp-includes/js/wp-embed.min.js?ver=00b0ffc433836dcf9f57035fded0b908", "https://www.data102.com/wp-content/plugins/cta/shared//shortcodes/js/spin.min.js", "https://www.data102.com/wp-content/plugins/contact-form-7/includes/js/scripts.js", "https://colohouse.com/", "xfe-URL-colohouse.com-stix2-2.1-export.json", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-main.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-vendor.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-vendors.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-common.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-runtime.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-app.js", "https://munchkin.marketo.net/161/munchkin.js", "https://www.googletagmanager.com/gtag/js?id=G-7BE8PMLSKX&l=dataLayer&cx=c", "https://embed.tawk.to/5697c34527b9b5d40b66960f/default", "https://www.googletagmanager.com/gtm.js?id=GTM-PTXLXZ4", "https://colohouse.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8", "https://colohouse.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0", "https://colohouse.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public--functions.min.js?ver=5.173", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public.min.js?ver=5.173", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/cleantalk-modal.min.js?ver=5.173", "https://colohouse.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.4", "https://colohouse.com/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.3.31", "https://colohouse.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1", "https://munchkin.marketo.net/munchkin.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-2d0d2b7c.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-32507910.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-f163fcd0.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-2d0b9454.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-4fe9d5dd.js", "https://app-ab02.marketo.com/js/forms2/js/forms2.min.js", "https://maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyDR76rjQL_2raonHiZ6ZrPqJr-FPb7pGH0", "https://colohouse.com/wp-content/themes/Netrouting/assets/chosen/chosen.jquery.min.js", "https://colohouse.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7", "https://colohouse.com/wp-content/themes/Netrouting/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js", "https://colohouse.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2", "https://colohouse.com/wp-content/plugins/link-whisper-premium/js/frontend.js?ver=1632756485", "https://colohouse.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7-redirect-frontend-script.js?ver=1.1", "https://colohouse.com/wp-content/plugins/kingcomposer/assets/frontend/js/kingcomposer.min.js?ver=2.9.6", "https://colohouse.com/wp-includes/js/wp-embed.min.js?ver=5.8", "https://colohouse.com/wp-content/plugins/wp-schema-pro/admin/assets/min-js/frontend.min.js?ver=2.7.2", "https://colohouse.com/wp-content/cache/autoptimize/css/autoptimize_5e11636f7dd8fb4f55e0ff84f0ed5faa.css", "https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext", "https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&subset=greek%2Clatin%2Cvietnamese%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext&ver=2.9.6", "https://app-ab02.marketo.com/js/forms2/css/forms2.css", "https://app-ab02.marketo.com/js/forms2/css/forms2-theme-simple.css", "https://app-ab02.marketo.com/index.php/form/XDFrame" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Qe", "display_name": "Qe", "target": null }, { "id": "ReduceRight", "display_name": "ReduceRight", "target": null } ], "attack_ids": [ { "id": "T1036", "name": "Masquerading", "display_name": "T1036 - Masquerading" }, { "id": "T1049", "name": "System Network Connections Discovery", "display_name": "T1049 - System Network Connections Discovery" }, { "id": "T1140", "name": "Deobfuscate/Decode Files or Information", "display_name": "T1140 - Deobfuscate/Decode Files or Information" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 2599, "hostname": 952, "FileHash-SHA256": 458, "domain": 557 }, "indicator_count": 4566, "is_author": false, "is_subscribing": null, "subscriber_count": 69, "modified_text": "1475 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "references": [ "https://app-ab02.marketo.com/js/forms2/css/forms2-theme-simple.css", "https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext", "jquery.easing.1.3.js.pobrane", "https://pegtech.com/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6", "https://www.google-analytics.com/analytics.js", "ceidg.css", "https://app-ab02.marketo.com/js/forms2/js/forms2.min.js", "https://www.googletagmanager.com/gtag/js?id=G-7BE8PMLSKX&l=dataLayer&cx=c", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-app.js", "CommonResponsive.js.pobrane", "responsive.bootstrap4.css", "https://pegtech.com/wp-includes/js/wp-embed.min.js?ver=4.9.20", "https://app.whoisvisiting.com/who.js", "https://pegtech.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.20", "https://pegtech.com/wp-includes/css/dashicons.min.css?ver=4.9.20", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-4fe9d5dd.js", "UE_pl_top.svg", "jquery-3.0.0.js.pobrane", "https://colohouse.com/wp-content/plugins/wp-schema-pro/admin/assets/min-js/frontend.min.js?ver=2.7.2", "https://app-ab02.marketo.com/index.php/form/XDFrame", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-main.js", "https://chimpstatic.com/mcjs-connected/js/users/6c3abfa7ff8634c75cdb2b22e/ddf7a436c1746be666f330e4a.js", "jquery.feedbackBadge.min.js.pobrane", "SessionTimeout.js.pobrane", "jquery.cookie.js.pobrane", "https://embed.tawk.to/5697c34527b9b5d40b66960f/default", "AdminLTE.css", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.easing.js?ver=1.2", "https://www.data102.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp", "http://astutemedia.asia/rackip/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp", "dataTables.input.js.pobrane", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-vendors.js", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/custom.js?ver=1.0", "http://astutemedia.asia/rackip/wp-includes/js/wp-embed.min.js?ver=5.5.9", "daterangepicker.js.pobrane", "CommonScripts.js.pobrane", "https://pegtech.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.2", "http://astutemedia.asia/rackip/wp-includes/js/comment-reply.min.js?ver=5.5.9", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/tinynav.min.js?ver=1.03", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public.min.js?ver=5.173", "https://colohouse.com/", "https://munchkin.marketo.net/161/munchkin.js", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.flexslider-min.js?ver=1.8", "https://pegtech.com/wp-includes/js/jquery/jquery.js?ver=1.12.4", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public--functions.min.js?ver=5.173", "https://colohouse.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7", "responsive.bootstrap4.js.pobrane", "dataTables.lang.js.pobrane", "dataTables.bootstrap4.js.pobrane", "inputmask.binding.js.pobrane", "XZ4AH-ABKPW-SQPBC-CYWES-BCG6V", "jquery.alerts.js.pobrane", "ui.notify.css", "xfe-URL-pegtech.com-stix2-2.1-export.json", "https://pegtech.com/wp-content/themes/Divi/js/custom.min.js?ver=3.0.100", "https://maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyDR76rjQL_2raonHiZ6ZrPqJr-FPb7pGH0", "https://colohouse.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/superfish.js?ver=1.4.8", "biznes.css", "feedback.js.pobrane", "https://colohouse.com/wp-content/themes/Netrouting/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js", "https://colohouse.com/wp-content/cache/autoptimize/css/autoptimize_5e11636f7dd8fb4f55e0ff84f0ed5faa.css", "daterangepicker.css", "https://colohouse.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0", "ScriptResource.axd", "http://astutemedia.asia/rackip/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20", "moment-with-locales.min.js.pobrane", "http://astutemedia.asia/rackip/wp-includes/js/wp-emoji-release.min.js?ver=5.5.9", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-common.js", "xfe-URL-Data102.com-stix2-2.1-export.json", "https://www.data102.com/wp-content/plugins/cta/shared//shortcodes/js/spin.min.js", "https://app-ab02.marketo.com/js/forms2/css/forms2.css", "json2.js.pobrane", "https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext", "jquery-migrate-1.2.1.js.pobrane", "saved_resource.html", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/retina.min.js?ver=1.1.0", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-runtime.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-32507910.js", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.color.js?ver=2.0", "https://www.googletagmanager.com/gtm.js?id=GTM-PTXLXZ4", "https://www.data102.com/wp-includes/js/wp-embed.min.js?ver=00b0ffc433836dcf9f57035fded0b908", "jquery-ui.js.pobrane", "https://colohouse.com/wp-content/themes/Netrouting/assets/chosen/chosen.jquery.min.js", "https://aplikacja.ceidg.gov.pl/CEIDG/CEIDG.Public.UI/EntryChangeHistory.aspx?Id=855bdfc1-7dbc-4a86-9d27-89ebb0ecf166&archival=False", "xfe-URL-astutemedia.asia-stix2-2.1-export.json", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-vendor.js", "jquery.inputmask.min.js.pobrane", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.prettyPhoto.js?ver=3.0", "ceidg-master.js.pobrane", "https://colohouse.com/wp-content/plugins/link-whisper-premium/js/frontend.js?ver=1632756485", "http://www.powr.io/powr.js", "bootstrap-gov-pl.css", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-2d0b9454.js", "https://colohouse.com/wp-includes/js/wp-embed.min.js?ver=5.8", "EntryChangeHistory.aspx.js.pobrane", "https://otx.alienvault.com/indicator/ip/198.49.23.145#:~:text=CIDR:%206%20%7C%20CVE:%20107,infrastructure%20into%20global%20botnet%20clusters.", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.isotope.min.js?ver=1.0", "https://colohouse.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2", "https://www.data102.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-2d0d2b7c.js", "dataTables.bootstrap4.css", "https://pegtech.com/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6", "http://astutemedia.asia/rackip/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.5.1", "xfe-URL-Powr.io-stix2-2.1-export.json", "https://colohouse.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2", "https://munchkin.marketo.net/munchkin.js", "https://www.data102.com/wp-content/plugins/contact-form-7/includes/js/scripts.js", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/supersubs.js?ver=0.2", "jquery.notify.min.js.pobrane", "bootstrap.js.pobrane", "https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&subset=greek%2Clatin%2Cvietnamese%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext&ver=2.9.6", "https://colohouse.com/wp-content/plugins/kingcomposer/assets/frontend/js/kingcomposer.min.js?ver=2.9.6", "jquery.session.js.pobrane", "ui.datepicker-pl.js.pobrane", "UE_pl_top_sm.svg", "https://www.data102.com/?wordfence_lh=1&hid=2D6A812A7EB197E80D5A3978A6386BE4&r=0.5029022326538093", "https://colohouse.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8", "popper.js.pobrane", "https://colohouse.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.4", "dataTables.responsive.js.pobrane", "jquery.dataTables.js.pobrane", "xfe-URL-colohouse.com-stix2-2.1-export.json", "jquery.maskedinput-1.2.2.js.pobrane", "https://pegtech.com/wp-content/themes/Divi/core/admin/js/common.js?ver=3.0.100", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/cleantalk-modal.min.js?ver=5.173", "https://colohouse.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7-redirect-frontend-script.js?ver=1.1", "https://colohouse.com/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.3.31", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/modernizr.js?ver=2.5.3", "adminlte.min.js.pobrane", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-f163fcd0.js" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [] }, "other": { "adversary": [], "malware_families": [ "Wipes", "Reduceright", "Qe" ], "industries": [] } } }, "false_positive": [] }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 7, "pulses": [ { "id": "69eb254f17eb4a2a990f07e5", "name": "LevelBlue - Open Threat Exchange", "description": "[ As part of security research, we look at some of the most well-known vulnerabilities in the PDF ecosystem, and how they can be identified and mitigated, with the help of a simple hash.] [64xxxx]", "modified": "2026-05-28T07:10:11.800000", "created": "2026-04-24T08:09:51.488000", "tags": [ "pdfkit", "cve202225765", "exploit script", "github", "unicordev", "cves", "xml external", "entity", "pdfs", "knowledge base", "python", "mozilla", "virustotal", "cisa", "apple", "microsoft", "pdfkit ruby", "remote code", "execution", "urls", "malware", "raid", "caddywiper", "wipes", "cve202543529", "webkit", "february", "cve202620643", "bypass", "march", "webkit bug", "command", "control", "levelblue", "open threat" ], "references": [ "https://otx.alienvault.com/indicator/ip/198.49.23.145#:~:text=CIDR:%206%20%7C%20CVE:%20107,infrastructure%20into%20global%20botnet%20clusters." ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Wipes", "display_name": "Wipes", "target": null } ], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 1, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 1084, "FileHash-SHA1": 874, "FileHash-SHA256": 3052, "CVE": 36, "domain": 437, "hostname": 1086, "URL": 1411, "CIDR": 15, "email": 13 }, "indicator_count": 8008, "is_author": false, "is_subscribing": null, "subscriber_count": 71, "modified_text": "5 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "68038f7eb6f6810aa6d6439f", "name": "\"+g+\"", "description": "https://aplikacja.ceidg.gov.pl/CEIDG/CEIDG.Public.UI/EntryChangeHistory.aspx?Id=855bdfc1-7dbc-4a86-9d27-89ebb0ecf166&archival=False", "modified": "2025-09-01T08:05:25.121000", "created": "2025-04-19T11:56:46.933000", "tags": [ "copyright", "customevent", "typeof e", "boomerang", "typeof t", "macintosh", "os x", "post", "typeof", "iframe", "date", "poka menu", "nie znaleziono", "poka start", "poka", "max dostpnych", "pierwsza", "ostatnia", "nastpna", "poprzednia", "brak danych", "first", "ceidg", "wystpi bd", "error", "true", "null", "linkdownload", "show", "ctrlmappings", "version", "versionchange", "body", "false", "span", "input", "paginate", "next", "last", "selectstart", "loop", "function", "bootstrap", "datatables", "responsive", "2016 sprymedia", "amd define", "object", "commonjs", "window", "browser", "button", "datatable", "sprymedia ltd", "columns", "colidx", "column", "parent", "child", "param", "display", "click", "middle", "class", "target", "never", "find", "footer", "close", "regexp", "matches", "cookie", "inputmask", "input mask", "robin herbots", "mit license", "xmlhttprequest", "left", "month", "boolean", "maxdate", "right", "daterangepicker", "yyyymmdd", "calendar", "jquery", "webpackrequire", "typeof symbol", "type", "setprototypeof", "maskpos", "wrapnativesuper", "backspace", "insert", "internal", "mask", "void", "this", "nie mona", "array", "nonmsdombrowser", "horizontal", "leftarrow", "uparrow", "rightarrow", "downarrow", "explorer", "form", "legend", "hmmss", "mmmm d", "yyyy h", "typeof define", "number", "locale", "character", "seeknext", "masked", "input plugin", "josh bush", "azaz", "azaz09", "black", "kontrast", "arrcookies", "getcookielang", "and information", "on business", "sign", "twoja", "opinia", "informacja o", "notify ui", "widget", "eric hynds", "dual", "name", "dtopt", "example", "using", "open", "adata", "hungarian", "aria", "legacy", "trident", "format", "nuke", "apos", "bitcoin", "outer", "mark", "info", "reload", "behaviour", "write", "buttons", "anything", "prop", "thecookie", "create", "thevalue", "string name", "pluginscookie", "author", "eventkey", "datakey", "default", "dataapikey", "defaulttype", "config", "shown", "trigger", "delta", "guard", "arrow", "leave", "scroll", "dataspy", "sessiontimeout", "return", "settimeout", "mytimerid", "requestcounter", "starttimer", "stop", "typeof n", "adminlte", "typeof o", "main", "js application", "adminlte v2", "colorlib", "ui date", "written", "jacek wysocki", "poprzedni", "marzec", "kwiecie", "czerwiec", "lipiec", "sierpie", "wrzesie", "openpopup", "href", "toggle", "msviewport", "popover", "json", "json text", "string", "otherwise", "holder", "mind", "copy", "meta", "third", "text", "choice", "confirm", "nie pytaj", "site", "title", "value", "alert", "warn", "migrate", "foundation", "see http", "forget", "newvalue", "nones5", "fall", "wrongvalid", "onerror", "year", "fast", "argument", "popper", "method", "data", "html", "flip", "factory", "onload", "tbody", "courier", "elem", "handle", "expando", "match", "selector", "sizzle", "android", "capture", "seed", "pass", "enough", "code", "bind", "core", "local", "verify", "accept", "done", "override", "inject", "possible", "hold", "45deg", "larger", "screen styling", "90deg", "support", "sidebar mini", "e1f0ff", "font awesome", "free", "autocomplete", "folder", "expanded folder", "tabela", "sorting", "xform", "nadpisane style", "menlo", "monaco", "consolas", "mono", "courier new", "browse", "twitter", "pt serif", "georgia", "times new", "roman", "times", "typetime", "import", "roboto", "http", "label", "demos", "effect", "inst", "super", "speed", "bounce", "hack", "logic", "shift", "double", "february", "april", "june", "august", "friday", "erase", "atom", "caja", "spinner", "refresh", "alpha", "sentinel", "back", "blind", "drop", "ceidg.gov.pl - centralna ewidencja i informacja o dzia\u0142alno\u015bci g", "prosz czeka", "pobierz plik" ], "references": [ "https://aplikacja.ceidg.gov.pl/CEIDG/CEIDG.Public.UI/EntryChangeHistory.aspx?Id=855bdfc1-7dbc-4a86-9d27-89ebb0ecf166&archival=False", "UE_pl_top.svg", "UE_pl_top_sm.svg", "XZ4AH-ABKPW-SQPBC-CYWES-BCG6V", "dataTables.lang.js.pobrane", "EntryChangeHistory.aspx.js.pobrane", "dataTables.input.js.pobrane", "responsive.bootstrap4.js.pobrane", "dataTables.bootstrap4.js.pobrane", "dataTables.responsive.js.pobrane", "jquery.session.js.pobrane", "inputmask.binding.js.pobrane", "daterangepicker.js.pobrane", "jquery.inputmask.min.js.pobrane", "ScriptResource.axd", "moment-with-locales.min.js.pobrane", "jquery.maskedinput-1.2.2.js.pobrane", "feedback.js.pobrane", "jquery.notify.min.js.pobrane", "jquery.dataTables.js.pobrane", "jquery.cookie.js.pobrane", "bootstrap.js.pobrane", "SessionTimeout.js.pobrane", "adminlte.min.js.pobrane", "jquery.easing.1.3.js.pobrane", "jquery.feedbackBadge.min.js.pobrane", "ui.datepicker-pl.js.pobrane", "ceidg-master.js.pobrane", "CommonResponsive.js.pobrane", "json2.js.pobrane", "jquery.alerts.js.pobrane", "jquery-migrate-1.2.1.js.pobrane", "dataTables.bootstrap4.css", "CommonScripts.js.pobrane", "popper.js.pobrane", "responsive.bootstrap4.css", "jquery-3.0.0.js.pobrane", "daterangepicker.css", "AdminLTE.css", "ui.notify.css", "ceidg.css", "bootstrap-gov-pl.css", "biznes.css", "jquery-ui.js.pobrane", "saved_resource.html" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 3, "FileHash-SHA1": 4, "FileHash-SHA256": 25, "URL": 165, "domain": 353, "hostname": 215, "email": 2 }, "indicator_count": 767, "is_author": false, "is_subscribing": null, "subscriber_count": 123, "modified_text": "274 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "663d2869e0f3a42bbddc42ff", "name": "UPX executable packer.", "description": "A new rule has been introduced a \"suspicious\" ELF binary that is packed with the UPX executable packer.\nSuggested ATT&CK IDs: rule SUSP_ELF_LNX_UPX_Compressed_File { meta: description = \"Detects a suspicious ELF binary with UPX compression\" author = \"Florian Roth (Nextron Systems)\" reference = \"Internal Research\" date = \"2018-12-12\" score = 40 hash1 = \"038ff8b2fef16f8ee9d70e6c219c5f380afe1a21761791e8cbda21fa4d09fdb4\" id = \"078937de-59b3-538e-a5c3-57f4e6050212\" strings: $s1 = \"PROT_EXEC|PROT_WRITE failed.\" fullword ascii $s2 = \"$Id: UPX\" fullword ascii $s3 = \"$Info: This file is packed with the UPX executable packer\" ascii $fp1 = \"check your UCL installation !\"", "modified": "2024-10-14T00:01:17.069000", "created": "2024-05-09T19:47:53.786000", "tags": [ "cioch adrian", "centrum usug", "sieciowych", "elf binary", "upx compression", "roth", "nextron", "info", "javascript", "html", "office open", "xml document", "network capture", "win32 exe", "xml pakietu", "pdf zestawy", "przechwytywanie", "office", "filehashsha1", "url https", "cve cve20201070", "cve cve20203153", "cve cve20201048", "cve cve20211732", "cve20201048 apr", "filehashmd5", "cve cve20010901", "cve cve20021841", "cve20153202 apr", "cve cve20160728", "cve cve20161807", "cve cve20175123", "cve20185407 apr", "cve cve20054605", "cve cve20060745", "cve cve20070452", "cve cve20070453", "cve cve20070454", "cve cve20071355", "cve cve20071358", "cve cve20071871", "cve20149614 apr", "cve cve20151503", "cve cve20152080", "cve cve20157377", "cve cve20170131", "cve20200796 may", "cve cve20113403" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 6861, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 5771, "domain": 3139, "URL": 14525, "FileHash-SHA1": 2610, "IPv4": 108, "CIDR": 40, "FileHash-SHA256": 10705, "FileHash-MD5": 3373, "YARA": 2, "CVE": 148, "Mutex": 7, "FilePath": 3, "SSLCertFingerprint": 3, "email": 23, "JA3": 1, "IPv6": 2 }, "indicator_count": 40460, "is_author": false, "is_subscribing": null, "subscriber_count": 138, "modified_text": "596 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65708c0f5981b6d81d0fa423", "name": "data102 and colohouse. Malware hosting", "description": "", "modified": "2023-12-06T14:58:23.206000", "created": "2023-12-06T14:58:23.206000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 458, "domain": 557, "URL": 2599, "hostname": 952 }, "indicator_count": 4566, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62601d5f1c8672141d3c2afb", "name": "Malware hosting - rackip.com = astutemedia.asia", "description": "New RegExp:function(a,b), a new type, has its own built-up property, as well as an ability to store information in place when it is not already available.", "modified": "2022-05-20T00:01:19.453000", "created": "2022-04-20T14:49:03.781000", "tags": [ "datasecret", "easeoutcubic", "jquery", "select", "span", "class js", "html", "topsearch", "menu", "mobile", "menu dropdown", "class", "retinaimagepath", "copyright", "imulus", "mit license", "retina", "function", "xmlhttprequest", "head", "contenttype", "imagei", "viljamis", "navigation", "date", "typeof h", "woothemes", "tyler smith", "documenttouch", "number", "knumber", "previous", "next", "supersubs", "joel birch", "dual", "google group", "fontsize", "whitespace", "nowrap", "float", "superfish", "changelog", "visibility", "hidden", "setposition", "isset", "srcyoutube", "srcvimeo", "image", "lightbox clone", "stephane caron", "typeof therel", "regexp", "play", "close", "isotope", "commercial use", "http", "david desandro", "metafizzy", "moz webkit", "o ms", "reset", "null", "value", "clamp", "nullrgba", "nullhsla", "execresult", "cache", "local", "right", "including", "this software", "but not", "limited to", "terms of", "open", "bsd license", "redistribution", "redistributions", "neither", "direct", "placeheld", "form", "wpcf7", "alert", "minimum", "tooshort", "unittag", "false", "fast", "typesubmit", "form plugin", "version", "requires jquery", "examples", "typeof define", "typeimage", "formdata", "stop", "modernizr", "custom build", "build", "afunction", "cfunction", "typeerror", "object", "kfunction", "pseudo", "child", "typeof b", "array", "error", "sufeffxa0", "attr", "void", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "udfcbudfcc", "u2640u2642", "source", "ud83dudc6cud83c", "secure", "result" ], "references": [ "http://www.powr.io/powr.js", "http://astutemedia.asia/rackip/wp-includes/js/wp-emoji-release.min.js?ver=5.5.9", "xfe-URL-astutemedia.asia-stix2-2.1-export.json", "http://astutemedia.asia/rackip/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/modernizr.js?ver=2.5.3", "http://astutemedia.asia/rackip/wp-includes/js/comment-reply.min.js?ver=5.5.9", "http://astutemedia.asia/rackip/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20", "http://astutemedia.asia/rackip/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.5.1", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.easing.js?ver=1.2", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.color.js?ver=2.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.isotope.min.js?ver=1.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.prettyPhoto.js?ver=3.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/superfish.js?ver=1.4.8", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/supersubs.js?ver=0.2", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.flexslider-min.js?ver=1.8", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/tinynav.min.js?ver=1.03", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/retina.min.js?ver=1.1.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/custom.js?ver=1.0", "http://astutemedia.asia/rackip/wp-includes/js/wp-embed.min.js?ver=5.5.9", "xfe-URL-Powr.io-stix2-2.1-export.json" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 6, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 515, "URL": 1487, "domain": 242, "FileHash-SHA256": 351, "CVE": 1 }, "indicator_count": 2596, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "1474 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62609c764fab13bbe96613f8", "name": "Pegasus - pegtech.com", "description": "New RegExp:function(a,b), a new type, has its own built-up property, as well as an ability to store information in place when it is not already available.", "modified": "2022-05-20T00:01:19.453000", "created": "2022-04-20T23:51:18.734000", "tags": [ "fontface", "woff", "sans", "woff2", "u1c801c88", "u20b4", "u2de02dff", "ua640a69f", "ufe2efe2f", "u04b004b1", "u2116", "datasecret", "chrome", "opredge", "isoperaedge", "opera", "browsername", "gecko", "iphone", "body", "srchttp", "strhashchange", "software", "sectionindex", "srchttps", "etslidertimer", "copyright", "typeof define", "etslidesnumber", "columns", "date", "error", "cowboy", "function", "placeheld", "customevent", "click", "minimum", "tooshort", "wpcf7wfreetext", "alert", "invert", "null", "form", "fast", "false", "path", "next", "video lightbox", "plugin", "expand", "previous", "setposition", "isset", "srcyoutube", "srcvimeo", "image", "lightbox clone", "stephane caron", "typeof therel", "regexp", "play", "close", "pseudo", "child", "typeof b", "array", "sufeffxa0", "class", "attr", "void", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "udfcbudfcc", "u2640u2642", "uddb0uddb3", "udd74udd75" ], "references": [ "xfe-URL-pegtech.com-stix2-2.1-export.json", "https://pegtech.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.20", "https://pegtech.com/wp-includes/js/jquery/jquery.js?ver=1.12.4", "https://pegtech.com/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6", "https://pegtech.com/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6", "https://pegtech.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.2", "https://pegtech.com/wp-content/themes/Divi/js/custom.min.js?ver=3.0.100", "https://pegtech.com/wp-content/themes/Divi/core/admin/js/common.js?ver=3.0.100", "https://pegtech.com/wp-includes/js/wp-embed.min.js?ver=4.9.20", "https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext", "https://pegtech.com/wp-includes/css/dashicons.min.css?ver=4.9.20" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 5, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 856, "domain": 190, "hostname": 364, "FileHash-SHA256": 216 }, "indicator_count": 1626, "is_author": false, "is_subscribing": null, "subscriber_count": 69, "modified_text": "1474 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "625f42dcc369f59f6a1e8b58", "name": "data102 and colohouse. Malware hosting", "description": "var a,b,c,d, f.substr(d),a=f, a.href, and a number of other elements:a.b.search.com.", "modified": "2022-05-19T00:00:49.028000", "created": "2022-04-19T23:16:44.418000", "tags": [ "regexp", "rangeerror", "typeerror", "date", "array", "error", "this", "uint8array", "typeof b", "buffer", "class", "null", "path", "void", "marketo forms", "cross domain", "typetext", "typeurl", "typeemail", "typetel", "typenumber", "typedate", "color", "label", "input", "typerange", "typecheckbox", "woff2", "fontface", "u1c801c88", "u20b4", "u2de02dff", "ua640a69f", "ufe2efe2f", "u04b004b1", "u2116", "u1ea01ef9", "franklin", "woff", "u20ab", "u0259", "u1e001eff", "u2020", "u20a020ab", "u20ad20cf", "gradienttype0", "webkitkeyframes", "span", "button", "tbody", "textarea", "helvetica neue", "tfoot", "body", "alpha", "twitter", "roboto", "pitch", "datasecret", "q1kg", "q17g", "d2dg", "c d3r", "q171zg", "e c2ttttb", "c g7", "6n184z", "6f6g", "typeof", "wpcf7redirect", "cf7mlscurrentfs", "handle fire", "popuptemplate", "templatename", "click", "fieldset", "cf7mlsbackfs", "section", "classwidget", "idmenu", "idfooter", "idwidget", "idcomment", "classmenu", "classfooter", "classcomment", "target", "blank", "typeof e", "formdata", "typeof symbol", "customevent", "post", "refill", "wpcf7", "wpcf7locale", "wpcf7unittag", "typeof wpcf7", "boolean", "modernizr", "custom build", "build", "afunction", "cfunction", "object", "documenttouch", "websocket", "symbol", "generator", "function", "select", "harvest", "mit license", "optgroup", "nnn n", "n nnnn", "explorer", "options", "abbr", "element", "unknownerror", "overquerylimit", "requestdenied", "zeroresults", "node", "edge", "android", "trident", "unknown", "false", "iframe", "marker", "hybrid", "tawkspinner", "failed", "resend", "tawkavatar", "tawkvideo", "tawkalert", "tawkemoji", "tawkicon", "enter", "number", "startchatbutton", "u26a1", "typeof t", "invalid attempt", "copyright", "marketo", "remove", "commentform", "author", "mouseenter", "secure", "ccpa", "bottom", "fixed", "widget", "embed", "trigger", "antispam", "please", "cleantalk", "typeof o", "ajaxnonce", "unkown", "apbctajaxerror", "typeof define", "typeof module", "html tags", "ox20trnf", "dom element", "attr", "pseudo", "child", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "udfcbudfcc", "u2640u2642", "source", "image", "ud83dudc6cud83c", "qe", "string", "xhfunction", "yhfunction", "gtmptxlxz4", "host", "code", "script", "promise", "complete", "reduceright", "g7be8pmlskx", "r300", "typeof d", "caca", "ufunction", "ffunction", "gfunction", "mchtd", "azaz", "firefox", "opera", "chrome", "iemobile", "black", "incorrect", "xfunction", "typeof p", "typeof btoa", "vnode", "colohouse", "york", "learn more", "data center", "miami", "e cermak", "springs", "read", "cloud", "managed", "fast", "philadelphia", "bare", "metal", "chat", "accept", "placeheld", "minimum", "tooshort", "wpcf7wfreetext", "alert", "invert", "form", "animation", "value", "foundation", "migrate", "backcompat", "quirks mode", "typeof f", "html", "sufeffxa0", "legacy", "contenttype", "wivobjkey", "typehit", "data", "closure library", "pfunction", "zfunction", "bfunction", "mvoid", "ofunction" ], "references": [ "xfe-URL-Data102.com-stix2-2.1-export.json", "https://www.google-analytics.com/analytics.js", "https://chimpstatic.com/mcjs-connected/js/users/6c3abfa7ff8634c75cdb2b22e/ddf7a436c1746be666f330e4a.js", "https://app.whoisvisiting.com/who.js", "https://www.data102.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp", "https://www.data102.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1", "https://www.data102.com/?wordfence_lh=1&hid=2D6A812A7EB197E80D5A3978A6386BE4&r=0.5029022326538093", "https://www.data102.com/wp-includes/js/wp-embed.min.js?ver=00b0ffc433836dcf9f57035fded0b908", "https://www.data102.com/wp-content/plugins/cta/shared//shortcodes/js/spin.min.js", "https://www.data102.com/wp-content/plugins/contact-form-7/includes/js/scripts.js", "https://colohouse.com/", "xfe-URL-colohouse.com-stix2-2.1-export.json", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-main.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-vendor.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-vendors.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-common.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-runtime.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-app.js", "https://munchkin.marketo.net/161/munchkin.js", "https://www.googletagmanager.com/gtag/js?id=G-7BE8PMLSKX&l=dataLayer&cx=c", "https://embed.tawk.to/5697c34527b9b5d40b66960f/default", "https://www.googletagmanager.com/gtm.js?id=GTM-PTXLXZ4", "https://colohouse.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8", "https://colohouse.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0", "https://colohouse.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public--functions.min.js?ver=5.173", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public.min.js?ver=5.173", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/cleantalk-modal.min.js?ver=5.173", "https://colohouse.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.4", "https://colohouse.com/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.3.31", "https://colohouse.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1", "https://munchkin.marketo.net/munchkin.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-2d0d2b7c.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-32507910.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-f163fcd0.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-2d0b9454.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-4fe9d5dd.js", "https://app-ab02.marketo.com/js/forms2/js/forms2.min.js", "https://maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyDR76rjQL_2raonHiZ6ZrPqJr-FPb7pGH0", "https://colohouse.com/wp-content/themes/Netrouting/assets/chosen/chosen.jquery.min.js", "https://colohouse.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7", "https://colohouse.com/wp-content/themes/Netrouting/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js", "https://colohouse.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2", "https://colohouse.com/wp-content/plugins/link-whisper-premium/js/frontend.js?ver=1632756485", "https://colohouse.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7-redirect-frontend-script.js?ver=1.1", "https://colohouse.com/wp-content/plugins/kingcomposer/assets/frontend/js/kingcomposer.min.js?ver=2.9.6", "https://colohouse.com/wp-includes/js/wp-embed.min.js?ver=5.8", "https://colohouse.com/wp-content/plugins/wp-schema-pro/admin/assets/min-js/frontend.min.js?ver=2.7.2", "https://colohouse.com/wp-content/cache/autoptimize/css/autoptimize_5e11636f7dd8fb4f55e0ff84f0ed5faa.css", "https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext", "https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&subset=greek%2Clatin%2Cvietnamese%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext&ver=2.9.6", "https://app-ab02.marketo.com/js/forms2/css/forms2.css", "https://app-ab02.marketo.com/js/forms2/css/forms2-theme-simple.css", "https://app-ab02.marketo.com/index.php/form/XDFrame" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Qe", "display_name": "Qe", "target": null }, { "id": "ReduceRight", "display_name": "ReduceRight", "target": null } ], "attack_ids": [ { "id": "T1036", "name": "Masquerading", "display_name": "T1036 - Masquerading" }, { "id": "T1049", "name": "System Network Connections Discovery", "display_name": "T1049 - System Network Connections Discovery" }, { "id": "T1140", "name": "Deobfuscate/Decode Files or Information", "display_name": "T1140 - Deobfuscate/Decode Files or Information" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 2599, "hostname": 952, "FileHash-SHA256": 458, "domain": 557 }, "indicator_count": 4566, "is_author": false, "is_subscribing": null, "subscriber_count": 69, "modified_text": "1475 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "cb.is", "type": "Domain" }, "abuseipdb": null, "urlhaus": { "indicator": "cb.is", "found": false, "verdict": "clean", "urls": [], "error": null }, "from_cache": true, "_cached_at": 1780401296.873299 }