{ "type": "Domain", "indicator": "datacrab-analytics.com", "general": { "sections": [ "general", "geo", "url_list", "passive_dns", "malware", "whois", "http_scans" ], "whois": "http://whois.domaintools.com/datacrab-analytics.com", "alexa": "http://www.alexa.com/siteinfo/datacrab-analytics.com", "indicator": "datacrab-analytics.com", "type": "domain", "type_title": "Domain", "validation": [], "base_indicator": { "id": 4100545469, "indicator": "datacrab-analytics.com", "type": "domain", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 6, "pulses": [ { "id": "69708309d2278ae3906e9e78", "name": "block ioc;s", "description": "The full text of the full report on the events of 26 March 2017:-1-18 March 2018.. and the details will appear on Facebook, Twitter, Instagram and iPlayer on Wednesday", "modified": "2026-01-21T07:40:57.535000", "created": "2026-01-21T07:40:57.535000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 5, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "krishnababu", "id": "347852", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 14, "FileHash-SHA1": 14, "FileHash-SHA256": 14, "URL": 8, "domain": 6, "hostname": 3 }, "indicator_count": 59, "is_author": false, "is_subscribing": null, "subscriber_count": 21, "modified_text": "129 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6889ff2cfa6a2c08cb85336a", "name": "EbeeJuly2025 Pt2", "description": "IOCs of multiple threaats observed and collected in July 2025", "modified": "2025-08-29T10:02:20.542000", "created": "2025-07-30T11:17:00.302000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 15, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "IMEBEEIMFINE", "id": "343873", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 65, "FileHash-MD5": 177, "FileHash-SHA1": 132, "FileHash-SHA256": 216, "domain": 136, "email": 1, "hostname": 101 }, "indicator_count": 828, "is_author": false, "is_subscribing": null, "subscriber_count": 39, "modified_text": "274 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6887e6e0c419286be8c1f257", "name": "ACTIVIDAD MALICIOSA | Relacionada con varias RAT y Botnet 28-07-2025", "description": "Relacionada con varias Botnet 28-07-2025", "modified": "2025-07-28T21:08:48.471000", "created": "2025-07-28T21:08:48.471000", "tags": [ "lumma stealer", "xworm" ], "references": [ "https://www.virustotal.com/graph/embed/gc4f682507d3240c08d0c6a6a2f90b3daaca0f20594464570bd7d7027af57c93a?theme=light", "https://www.virustotal.com/gui/collection/ebb04dbaae5b7d6ac28dafff93afc5230e189fa9a8e4998454f68f6d2ed45944" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Scavenger", "display_name": "Scavenger", "target": null }, { "id": "ValleyRAT", "display_name": "ValleyRAT", "target": null }, { "id": "QuasarRAT - S0262", "display_name": "QuasarRAT - S0262", "target": null }, { "id": "XWorm", "display_name": "XWorm", "target": null }, { "id": "GhoLoader", "display_name": "GhoLoader", "target": null }, { "id": "NetSupport ManagerRAT", "display_name": "NetSupport ManagerRAT", "target": null }, { "id": "ClearFake", "display_name": "ClearFake", "target": null }, { "id": "Vidar", "display_name": "Vidar", "target": null }, { "id": "LummaStealer", "display_name": "LummaStealer", "target": null }, { "id": "Remvio", "display_name": "Remvio", "target": null }, { "id": "Mirai", "display_name": "Mirai", "target": null }, { "id": "BEACON", "display_name": "BEACON", "target": null }, { "id": "Havoc", "display_name": "Havoc", "target": null }, { "id": "Pinkslipbot", "display_name": "Pinkslipbot", "target": null }, { "id": "AsyncRAT - S1087", "display_name": "AsyncRAT - S1087", "target": null } ], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 10, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "esoporteingenieria2020", "id": "121604", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_121604/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 18, "hostname": 17 }, "indicator_count": 35, "is_author": false, "is_subscribing": null, "subscriber_count": 266, "modified_text": "306 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6880ba80f7ea7fd17645a532", "name": "2025-07-20 - Install Linters, Get Malware - DevSecOps Speedrun Edition - Humpty's RE Blog", "description": "", "modified": "2025-07-23T10:33:36.993000", "created": "2025-07-23T10:33:36.993000", "tags": [ "get malware", "edition", "humpty", "re blog", "iocs", "hashes" ], "references": [ "https://c-b.io/2025-07-20+-+Install+Linters%2C+Get+Malware+-+DevSecOps+Speedrun+Edition" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 14, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Sand-Storm", "id": "94093", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_94093/resized/80/avatar_281f69b768.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 12, "FileHash-SHA1": 12, "FileHash-SHA256": 14, "URL": 7, "domain": 6, "hostname": 1 }, "indicator_count": 52, "is_author": false, "is_subscribing": null, "subscriber_count": 415, "modified_text": "311 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "688056a016c17bab68949138", "name": "Gamers get ready: under the guise of cheats and mods, scammers distribute Trojan.Scavenger for the theft of cryptocurrency and passwords.", "description": "Dr. Web has identified a family of malicious Trojans known as ScaveNger, which are designed to target Windows users to steal sensitive information related to cryptocurrencies and password managers. These Trojans employ the DLL Search Order Hijacking technique to infect systems, using legitimate applications as vectors for deployment. This method involves placing malicious DLLs in locations prioritized by Windows for library searches, ensuring the malicious code is executed as part of the legitimate application.\n\nThe infection process with Trojan.Scavenger is multi-layered and begins with Trojan loaders, which can arrive on target systems through various means, including pirated software from torrent sites. For instance, Trojan.Scavenger.1 poses as a DLL named umpdc.dll and typically spreads alongside games, such as Oblivion Remastered. Once activated, it retrieves additional malicious modules like Trojan.Scavenger.2 and subsequently Trojan.Scavenger.3 and Trojan.Scavenger.4.", "modified": "2025-07-23T03:27:28.693000", "created": "2025-07-23T03:27:28.693000", "tags": [ "email", "javascript", "cookie", "windows", "windir", "exodus", "close", "dll search", "order hijacking", "chromium", "oblivion", "phantom", "c2 server" ], "references": [ "https://news.drweb.ru/show/?i=15036&lng=ru&c=5" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1005", "name": "Data from Local System", "display_name": "T1005 - Data from Local System" }, { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071.001", "name": "Web Protocols", "display_name": "T1071.001 - Web Protocols" }, { "id": "T1074", "name": "Data Staged", "display_name": "T1074 - Data Staged" }, { "id": "T1105", "name": "Ingress Tool Transfer", "display_name": "T1105 - Ingress Tool Transfer" }, { "id": "T1119", "name": "Automated Collection", "display_name": "T1119 - Automated Collection" }, { "id": "T1132", "name": "Data Encoding", "display_name": "T1132 - Data Encoding" }, { "id": "T1204.002", "name": "Malicious File", "display_name": "T1204.002 - Malicious File" } ], "industries": [ "entertaiment" ], "TLP": "white", "cloned_from": null, "export_count": 163, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "PetrP.73", "id": "154605", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 9, "FileHash-SHA1": 23, "FileHash-SHA256": 8, "domain": 3 }, "indicator_count": 43, "is_author": false, "is_subscribing": null, "subscriber_count": 539, "modified_text": "312 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "688039a7818cda8d24f2977c", "name": "Scavenger Malware Compromises Popular npm Packages", "description": "The popular npm package eslint-config-prettier was recently published without authorization raising concerns of a supply chain attack.", "modified": "2025-07-23T01:23:51.412000", "created": "2025-07-23T01:23:51.412000", "tags": [ "urls", "hxxps" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 14, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "cryptocti", "id": "110256", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_110256/resized/80/avatar_e237a4257c.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 12, "FileHash-SHA1": 12, "FileHash-SHA256": 14, "domain": 6, "hostname": 1 }, "indicator_count": 45, "is_author": false, "is_subscribing": null, "subscriber_count": 499, "modified_text": "312 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "references": [ "https://c-b.io/2025-07-20+-+Install+Linters%2C+Get+Malware+-+DevSecOps+Speedrun+Edition", "https://www.virustotal.com/graph/embed/gc4f682507d3240c08d0c6a6a2f90b3daaca0f20594464570bd7d7027af57c93a?theme=light", "https://news.drweb.ru/show/?i=15036&lng=ru&c=5", "https://www.virustotal.com/gui/collection/ebb04dbaae5b7d6ac28dafff93afc5230e189fa9a8e4998454f68f6d2ed45944" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [] }, "other": { "adversary": [], "malware_families": [ "Valleyrat", "Netsupport managerrat", "Lummastealer", "Quasarrat - s0262", "Vidar", "Remvio", "Beacon", "Havoc", "Mirai", "Pinkslipbot", "Gholoader", "Scavenger", "Xworm", "Asyncrat - s1087", "Clearfake" ], "industries": [ "Entertaiment" ] } } }, "false_positive": [] }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 6, "pulses": [ { "id": "69708309d2278ae3906e9e78", "name": "block ioc;s", "description": "The full text of the full report on the events of 26 March 2017:-1-18 March 2018.. and the details will appear on Facebook, Twitter, Instagram and iPlayer on Wednesday", "modified": "2026-01-21T07:40:57.535000", "created": "2026-01-21T07:40:57.535000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 5, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "krishnababu", "id": "347852", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 14, "FileHash-SHA1": 14, "FileHash-SHA256": 14, "URL": 8, "domain": 6, "hostname": 3 }, "indicator_count": 59, "is_author": false, "is_subscribing": null, "subscriber_count": 21, "modified_text": "129 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6889ff2cfa6a2c08cb85336a", "name": "EbeeJuly2025 Pt2", "description": "IOCs of multiple threaats observed and collected in July 2025", "modified": "2025-08-29T10:02:20.542000", "created": "2025-07-30T11:17:00.302000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 15, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "IMEBEEIMFINE", "id": "343873", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 65, "FileHash-MD5": 177, "FileHash-SHA1": 132, "FileHash-SHA256": 216, "domain": 136, "email": 1, "hostname": 101 }, "indicator_count": 828, "is_author": false, "is_subscribing": null, "subscriber_count": 39, "modified_text": "274 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6887e6e0c419286be8c1f257", "name": "ACTIVIDAD MALICIOSA | Relacionada con varias RAT y Botnet 28-07-2025", "description": "Relacionada con varias Botnet 28-07-2025", "modified": "2025-07-28T21:08:48.471000", "created": "2025-07-28T21:08:48.471000", "tags": [ "lumma stealer", "xworm" ], "references": [ "https://www.virustotal.com/graph/embed/gc4f682507d3240c08d0c6a6a2f90b3daaca0f20594464570bd7d7027af57c93a?theme=light", "https://www.virustotal.com/gui/collection/ebb04dbaae5b7d6ac28dafff93afc5230e189fa9a8e4998454f68f6d2ed45944" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Scavenger", "display_name": "Scavenger", "target": null }, { "id": "ValleyRAT", "display_name": "ValleyRAT", "target": null }, { "id": "QuasarRAT - S0262", "display_name": "QuasarRAT - S0262", "target": null }, { "id": "XWorm", "display_name": "XWorm", "target": null }, { "id": "GhoLoader", "display_name": "GhoLoader", "target": null }, { "id": "NetSupport ManagerRAT", "display_name": "NetSupport ManagerRAT", "target": null }, { "id": "ClearFake", "display_name": "ClearFake", "target": null }, { "id": "Vidar", "display_name": "Vidar", "target": null }, { "id": "LummaStealer", "display_name": "LummaStealer", "target": null }, { "id": "Remvio", "display_name": "Remvio", "target": null }, { "id": "Mirai", "display_name": "Mirai", "target": null }, { "id": "BEACON", "display_name": "BEACON", "target": null }, { "id": "Havoc", "display_name": "Havoc", "target": null }, { "id": "Pinkslipbot", "display_name": "Pinkslipbot", "target": null }, { "id": "AsyncRAT - S1087", "display_name": "AsyncRAT - S1087", "target": null } ], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 10, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "esoporteingenieria2020", "id": "121604", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_121604/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 18, "hostname": 17 }, "indicator_count": 35, "is_author": false, "is_subscribing": null, "subscriber_count": 266, "modified_text": "306 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6880ba80f7ea7fd17645a532", "name": "2025-07-20 - Install Linters, Get Malware - DevSecOps Speedrun Edition - Humpty's RE Blog", "description": "", "modified": "2025-07-23T10:33:36.993000", "created": "2025-07-23T10:33:36.993000", "tags": [ "get malware", "edition", "humpty", "re blog", "iocs", "hashes" ], "references": [ "https://c-b.io/2025-07-20+-+Install+Linters%2C+Get+Malware+-+DevSecOps+Speedrun+Edition" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 14, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Sand-Storm", "id": "94093", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_94093/resized/80/avatar_281f69b768.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 12, "FileHash-SHA1": 12, "FileHash-SHA256": 14, "URL": 7, "domain": 6, "hostname": 1 }, "indicator_count": 52, "is_author": false, "is_subscribing": null, "subscriber_count": 415, "modified_text": "311 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "688056a016c17bab68949138", "name": "Gamers get ready: under the guise of cheats and mods, scammers distribute Trojan.Scavenger for the theft of cryptocurrency and passwords.", "description": "Dr. Web has identified a family of malicious Trojans known as ScaveNger, which are designed to target Windows users to steal sensitive information related to cryptocurrencies and password managers. These Trojans employ the DLL Search Order Hijacking technique to infect systems, using legitimate applications as vectors for deployment. This method involves placing malicious DLLs in locations prioritized by Windows for library searches, ensuring the malicious code is executed as part of the legitimate application.\n\nThe infection process with Trojan.Scavenger is multi-layered and begins with Trojan loaders, which can arrive on target systems through various means, including pirated software from torrent sites. For instance, Trojan.Scavenger.1 poses as a DLL named umpdc.dll and typically spreads alongside games, such as Oblivion Remastered. Once activated, it retrieves additional malicious modules like Trojan.Scavenger.2 and subsequently Trojan.Scavenger.3 and Trojan.Scavenger.4.", "modified": "2025-07-23T03:27:28.693000", "created": "2025-07-23T03:27:28.693000", "tags": [ "email", "javascript", "cookie", "windows", "windir", "exodus", "close", "dll search", "order hijacking", "chromium", "oblivion", "phantom", "c2 server" ], "references": [ "https://news.drweb.ru/show/?i=15036&lng=ru&c=5" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1005", "name": "Data from Local System", "display_name": "T1005 - Data from Local System" }, { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071.001", "name": "Web Protocols", "display_name": "T1071.001 - Web Protocols" }, { "id": "T1074", "name": "Data Staged", "display_name": "T1074 - Data Staged" }, { "id": "T1105", "name": "Ingress Tool Transfer", "display_name": "T1105 - Ingress Tool Transfer" }, { "id": "T1119", "name": "Automated Collection", "display_name": "T1119 - Automated Collection" }, { "id": "T1132", "name": "Data Encoding", "display_name": "T1132 - Data Encoding" }, { "id": "T1204.002", "name": "Malicious File", "display_name": "T1204.002 - Malicious File" } ], "industries": [ "entertaiment" ], "TLP": "white", "cloned_from": null, "export_count": 163, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "PetrP.73", "id": "154605", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 9, "FileHash-SHA1": 23, "FileHash-SHA256": 8, "domain": 3 }, "indicator_count": 43, "is_author": false, "is_subscribing": null, "subscriber_count": 539, "modified_text": "312 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "688039a7818cda8d24f2977c", "name": "Scavenger Malware Compromises Popular npm Packages", "description": "The popular npm package eslint-config-prettier was recently published without authorization raising concerns of a supply chain attack.", "modified": "2025-07-23T01:23:51.412000", "created": "2025-07-23T01:23:51.412000", "tags": [ "urls", "hxxps" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 14, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "cryptocti", "id": "110256", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_110256/resized/80/avatar_e237a4257c.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 12, "FileHash-SHA1": 12, "FileHash-SHA256": 14, "domain": 6, "hostname": 1 }, "indicator_count": 45, "is_author": false, "is_subscribing": null, "subscriber_count": 499, "modified_text": "312 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "datacrab-analytics.com", "type": "Domain" }, "abuseipdb": null, "urlhaus": { "indicator": "datacrab-analytics.com", "found": false, "verdict": "clean", "urls": [], "error": null }, "from_cache": true, "_cached_at": 1780212671.3647184 }