{ "type": "Domain", "indicator": "ea.select", "general": { "sections": [ "general", "geo", "url_list", "passive_dns", "malware", "whois", "http_scans" ], "whois": "http://whois.domaintools.com/ea.select", "alexa": "http://www.alexa.com/siteinfo/ea.select", "indicator": "ea.select", "type": "domain", "type_title": "Domain", "validation": [], "base_indicator": { "id": 2815911820, "indicator": "ea.select", "type": "domain", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 11, "pulses": [ { "id": "69eb254f17eb4a2a990f07e5", "name": "LevelBlue - Open Threat Exchange", "description": "[ As part of security research, we look at some of the most well-known vulnerabilities in the PDF ecosystem, and how they can be identified and mitigated, with the help of a simple hash.] [64xxxx]", "modified": "2026-05-28T07:10:11.800000", "created": "2026-04-24T08:09:51.488000", "tags": [ "pdfkit", "cve202225765", "exploit script", "github", "unicordev", "cves", "xml external", "entity", "pdfs", "knowledge base", "python", "mozilla", "virustotal", "cisa", "apple", "microsoft", "pdfkit ruby", "remote code", "execution", "urls", "malware", "raid", "caddywiper", "wipes", "cve202543529", "webkit", "february", "cve202620643", "bypass", "march", "webkit bug", "command", "control", "levelblue", "open threat" ], "references": [ "https://otx.alienvault.com/indicator/ip/198.49.23.145#:~:text=CIDR:%206%20%7C%20CVE:%20107,infrastructure%20into%20global%20botnet%20clusters." ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Wipes", "display_name": "Wipes", "target": null } ], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 1, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 1084, "FileHash-SHA1": 874, "FileHash-SHA256": 3052, "CVE": 36, "domain": 437, "hostname": 1086, "URL": 1411, "CIDR": 15, "email": 13 }, "indicator_count": 8008, "is_author": false, "is_subscribing": null, "subscriber_count": 70, "modified_text": "4 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65708e178755574d9812e4c9", "name": "Followed lead to brechlerinsurance.com", "description": "", "modified": "2023-12-06T15:07:03.528000", "created": "2023-12-06T15:07:03.528000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 2, "FileHash-SHA256": 1329, "domain": 2068, "hostname": 4185, "URL": 12454, "email": 1, "FileHash-MD5": 3, "FileHash-SHA1": 1 }, "indicator_count": 20043, "is_author": false, "is_subscribing": null, "subscriber_count": 110, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65708c712f63f24552fa3e38", "name": "bgp.net malicious hosting", "description": "", "modified": "2023-12-06T15:00:01.600000", "created": "2023-12-06T15:00:01.600000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 173, "hostname": 417, "URL": 1208, "domain": 267, "CVE": 1 }, "indicator_count": 2066, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65708c68b4f63f4ac0d16ff5", "name": "egihosting.com - malware", "description": "", "modified": "2023-12-06T14:59:52.017000", "created": "2023-12-06T14:59:52.017000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 120, "hostname": 352, "domain": 115, "URL": 934 }, "indicator_count": 1521, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65708c0f5981b6d81d0fa423", "name": "data102 and colohouse. Malware hosting", "description": "", "modified": "2023-12-06T14:58:23.206000", "created": "2023-12-06T14:58:23.206000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 458, "domain": 557, "URL": 2599, "hostname": 952 }, "indicator_count": 4566, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "628077c330f33dfd254e5a8b", "name": "Followed lead to brechlerinsurance.com", "description": "", "modified": "2022-06-13T00:00:32.864000", "created": "2022-05-15T03:47:15.835000", "tags": [ "bomboraconsent", "gdpr", "ccpa", "date", "nthis", "array", "typeof e", "typeerror", "class", "image", "typeof symbol", "afsh", "copyright", "rights reserved", "comscore", "typeof o", "uspapi", "null", "s271733878", "secure hash", "algorithm", "sha1", "a1732584193", "1518500249", "imgurl", "oiqfpsjs", "script", "iframe", "oiqaddpagecat", "inte", "oiqdotag", "track", "regexp", "pseudo", "child", "typeof b", "error", "sufeffxa0", "attr", "void", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "udfcbudfcc", "u2640u2642", "uddb0uddb3", "udd74udd75", "wpbruiserclient", "browserinfo", "mozinnerscreenx", "xmlhttprequest", "activexobject", "bf7e56f2f3", "zpbcat", "zcluidkrs", "promise", "boolean", "verification", "object", "reflect", "typeof proxy", "demo", "shareaholic", "sfunction", "bearer", "patch", "accept", "function", "symbol", "weakmap", "dataview", "typeof module", "cfunction", "event", "afunction", "efunction", "mfunction", "binnerheightc", "number", "string", "trackevent", "click", "uint8array", "gtmng3vqql", "classes", "path", "code", "typeof r", "function code", "typeof n", "angular", "angularjs", "ember", "meteor", "zepto", "jquery", "vd", "utmb", "firefox", "shockwave flash", "utma", "utmz", "ieproto", "typeof", "widgetrootqa", "driftconductor", "addcookiedomain", "hubspot", "typeof t", "quora pixel", "4294967295", "uint32array", "viewcontent", "infinity", "register domain names", "domain registration", "business web hosting services", "web hosting provider", "business email accounts", "web site hosting", "domain name registration", "ecommerce hosting services", "buy domains", "bulk domain search", "domain name search", "domain hosting", "registrations", "websites", "whois", "registrar", "registry", "domainpeople", "domain name", "registration", "year discount", "web hosting", "us whois", "us contact", "lookup alerts", "support login", "call" ], "references": [ "https://domainpeople.com", "xfe-URL-Domainpeople.com-stix2-2.1-export.json", "xfe-URL-shareaholic.com-stix2-2.1-export.json", "https://js.hubspot.com/analytics/1652585100000/210895.js", "https://js.driftt.com/include/1652585100000/mezhk4858hn8.js", "https://bam.nr-data.net/1/f37cf8a208?a=1772678&v=1216.487a282&to=dlwNQEdeWVgHSxlDV1JWEBtdXlhR&rst=1074&ck=1&ref=https://www.shareaholic.com/&ap=9&be=11&fe=795&dc=37&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1652584962293,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:0,%22rp%22:0,%22rpe%22:0,%22dl%22:6,%22di%22:37,%22ds%22:37,%22de%22:45,%22dc%22:636,%22l%22:793,%22le%22:796%7D,%22navigation%22:%7B%22ty%22:2%7D%7D&fcp=123&jsonp=NREUM.setToken", "https://js-agent.newrelic.com/nr-1216.min.js", "https://js-na1.hs-scripts.com/210895.js", "https://www.googletagmanager.com/gtm.js?id=GTM-NG3VQQL", "https://dsms0mj1bbhn4.cloudfront.net/assets/pages-afd7ed46648f01def74df6e4c245da53bde609b863bf63ff94a87154f2f82de0.js", "https://dsms0mj1bbhn4.cloudfront.net/webpack/vendors~header~related-content~share-buttons~site-settings~user-settings~yarpp-header~yarpp-sites~ya~7d559390-c92fe44d0731743b2d8e.js", "https://dsms0mj1bbhn4.cloudfront.net/webpack/default~header~related-content~share-buttons~site-settings~user-settings~yarpp-header~yarpp-sites~ya~2fbcff42-06fb1418b4e0c0383855.js", "https://dsms0mj1bbhn4.cloudfront.net/ui-header/loader.js", "https://de.tynt.com/deb/v2?id=sh!sh&dn=AFSH&cc=1&r=", "http://www.brechlerinsurance.com/?gdbc-client=3.1.25-1652585170383", "http://www.brechlerinsurance.com/wwblcms/wp-includes/js/wp-emoji-release.min.js?ver=479aaeefa13948f8aa1a2479d7a751df", "http://www.brechlerinsurance.com/wwblcms/wp-includes/js/jquery/jquery.js?ver=1.12.4", "https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fwww.brechlerinsurance.com%2F&cl=en-US&id_sync=19da2f0f-8191-4a73-b27d-e95f97e9a686&minify=1&pvs=1&site=d016349f31f268b5ce94fa8e70f6eddd", "https://px.owneriq.net/stas/s/sholic.js", "https://i.simpli.fi/dpx.js?cid=66112&m=0&sifi_tuid=37830&referrer=http%3A%2F%2Fwww.brechlerinsurance.com%2F", "https://sb.scorecardresearch.com/beacon.js", "https://cdn.tynt.com/afsh.js", "xfe-URL-ml314.com-stix2-2.1-export.json", "xfe-URL-bombora.com-stix2-2.1-export.json", "xfe-URL-Owneriq.net-stix2-2.1-export.json" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "BomboraConsent", "display_name": "BomboraConsent", "target": null }, { "id": "Vd", "display_name": "Vd", "target": null } ], "attack_ids": [ { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 13, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 4185, "URL": 12454, "FileHash-SHA256": 1329, "CVE": 2, "domain": 2068, "email": 1, "FileHash-MD5": 3, "FileHash-SHA1": 1 }, "indicator_count": 20043, "is_author": false, "is_subscribing": null, "subscriber_count": 69, "modified_text": "1449 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62626072973e68ce985c7a64", "name": "egihosting.com - malware", "description": "Here is the full code of the code, following the basic rules::. (t.2*o, t.3) for each of n's bizo-data-partner.", "modified": "2022-05-22T00:01:01.264000", "created": "2022-04-22T07:59:46.386000", "tags": [ "ui tabs", "http", "foundation", "mit license", "typeof define", "width", "ui core", "usemap", "backspace8", "comma188", "delete46", "this", "datasecret", "date", "image", "dorandvlxthvep", "click", "chat", "linux", "chrome", "safari", "konqueror", "opera", "false", "body", "regexp", "function", "typeof b", "error", "pseudo", "child", "null", "array", "sufeffxa0", "class", "void", "accept", "attr", "string", "number", "script", "copyright", "closure library", "typeerror", "symbol", "array int8array", "caregexp", "legacy", "functional", "member", "hnew regexp", "qfunction", "adview", "addbillinginfo", "addtocart", "addtolist", "contact", "download", "install" ], "references": [ "xfe-URL-egihosting.com-stix2-2.1-export.json", "https://snap.licdn.com/li.lms-analytics/insight.min.js", "https://www.googleadservices.com/pagead/conversion_async.js", "https://egihosting.com/wp-includes/js/jquery/jquery.js?ver=1.12.4", "https://egihosting.com/wp-includes/js/wp-embed.min.js?ver=4.9.20", "https://googleads.g.doubleclick.net/pagead/viewthroughconversion/530527736/?random=1650613875466&cv=9&fst=1650613875466&num=1&rdp=1&label=R7TDCJOysOMBEPjr_PwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=844&u_w=390&u_ah=844&u_aw=390&u_cd=32&u_his=5&u_tz=-240&u_java=false&u_nplug=0&u_nmime=0>m=2wg4k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fegihosting.com%2F&tiba=Best%20dedicated%20server%20for%20hosting%20in%20Silicon%20Valley%20%7C%20EGI&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4", "https://egihosting.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 934, "hostname": 352, "domain": 115, "FileHash-SHA256": 120 }, "indicator_count": 1521, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "1471 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62630d254b29696c094f7cb8", "name": "bgp.net malicious hosting", "description": "", "modified": "2022-05-22T00:01:01.264000", "created": "2022-04-22T20:16:37.675000", "tags": [ "2000px", "20px", "90deg", "10px", "30px", "3deg", "10deg", "5deg", "1deg", "30deg", "datasecret", "typeof", "wpbakery page", "copyright", "michael m", "wpbakery", "license", "jscs", "index1", "prev", "parallaximage", "error", "yfunction", "bfunction", "date", "nulld", "dfunction", "ffunction", "efunction", "nullb", "typeof console", "nonce", "script", "please do", "not copy", "and paste", "this code", "cgrecaptchacfg", "ngrecaptcha", "recaptchaapi", "render", "boolean", "modernizr", "custom build", "build", "afunction", "cfunction", "typeerror", "object", "documenttouch", "websocket", "regexp", "pseudo", "child", "typeof b", "array", "sufeffxa0", "class", "attr", "null", "void", "function", "width", "body", "accept", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "image", "udfcbudfcc", "u2640u2642", "09af", "source", "ud83dudc6cud83c" ], "references": [ "xfe-URL-bgp.net-stix2-2.1-export.json", "https://bgp.net/wp-includes/js/wp-emoji-release.min.js?ver=5.5.9", "https://bgp.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp", "https://bgp.net/wp-content/themes/multihost/framework/js/public/modernizr.min.js?ver=5.5.9", "https://www.google.com/recaptcha/api.js?render=6LfPdckUAAAAAMPH_0crY_k4tdvDN7GVgKtWUyjU&ver=3.0", "https://bgp.net/wp-content/themes/multihost/framework/js/public/pace.min.js?ver=5.5.9", "https://bgp.net/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.3", "https://bgp.net/wp-includes/js/wp-embed.min.js?ver=5.5.9", "https://bgp.net/wp-content/plugins/designthemes-core-features/shortcodes/css/animations.css?ver=5.5.9" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 5, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 417, "URL": 1208, "CVE": 1, "domain": 267, "FileHash-SHA256": 173 }, "indicator_count": 2066, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "1471 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62601d5f1c8672141d3c2afb", "name": "Malware hosting - rackip.com = astutemedia.asia", "description": "New RegExp:function(a,b), a new type, has its own built-up property, as well as an ability to store information in place when it is not already available.", "modified": "2022-05-20T00:01:19.453000", "created": "2022-04-20T14:49:03.781000", "tags": [ "datasecret", "easeoutcubic", "jquery", "select", "span", "class js", "html", "topsearch", "menu", "mobile", "menu dropdown", "class", "retinaimagepath", "copyright", "imulus", "mit license", "retina", "function", "xmlhttprequest", "head", "contenttype", "imagei", "viljamis", "navigation", "date", "typeof h", "woothemes", "tyler smith", "documenttouch", "number", "knumber", "previous", "next", "supersubs", "joel birch", "dual", "google group", "fontsize", "whitespace", "nowrap", "float", "superfish", "changelog", "visibility", "hidden", "setposition", "isset", "srcyoutube", "srcvimeo", "image", "lightbox clone", "stephane caron", "typeof therel", "regexp", "play", "close", "isotope", "commercial use", "http", "david desandro", "metafizzy", "moz webkit", "o ms", "reset", "null", "value", "clamp", "nullrgba", "nullhsla", "execresult", "cache", "local", "right", "including", "this software", "but not", "limited to", "terms of", "open", "bsd license", "redistribution", "redistributions", "neither", "direct", "placeheld", "form", "wpcf7", "alert", "minimum", "tooshort", "unittag", "false", "fast", "typesubmit", "form plugin", "version", "requires jquery", "examples", "typeof define", "typeimage", "formdata", "stop", "modernizr", "custom build", "build", "afunction", "cfunction", "typeerror", "object", "kfunction", "pseudo", "child", "typeof b", "array", "error", "sufeffxa0", "attr", "void", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "udfcbudfcc", "u2640u2642", "source", "ud83dudc6cud83c", "secure", "result" ], "references": [ "http://www.powr.io/powr.js", "http://astutemedia.asia/rackip/wp-includes/js/wp-emoji-release.min.js?ver=5.5.9", "xfe-URL-astutemedia.asia-stix2-2.1-export.json", "http://astutemedia.asia/rackip/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/modernizr.js?ver=2.5.3", "http://astutemedia.asia/rackip/wp-includes/js/comment-reply.min.js?ver=5.5.9", "http://astutemedia.asia/rackip/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20", "http://astutemedia.asia/rackip/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.5.1", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.easing.js?ver=1.2", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.color.js?ver=2.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.isotope.min.js?ver=1.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.prettyPhoto.js?ver=3.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/superfish.js?ver=1.4.8", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/supersubs.js?ver=0.2", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.flexslider-min.js?ver=1.8", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/tinynav.min.js?ver=1.03", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/retina.min.js?ver=1.1.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/custom.js?ver=1.0", "http://astutemedia.asia/rackip/wp-includes/js/wp-embed.min.js?ver=5.5.9", "xfe-URL-Powr.io-stix2-2.1-export.json" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 6, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 515, "URL": 1487, "domain": 242, "FileHash-SHA256": 351, "CVE": 1 }, "indicator_count": 2596, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "1473 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62609c764fab13bbe96613f8", "name": "Pegasus - pegtech.com", "description": "New RegExp:function(a,b), a new type, has its own built-up property, as well as an ability to store information in place when it is not already available.", "modified": "2022-05-20T00:01:19.453000", "created": "2022-04-20T23:51:18.734000", "tags": [ "fontface", "woff", "sans", "woff2", "u1c801c88", "u20b4", "u2de02dff", "ua640a69f", "ufe2efe2f", "u04b004b1", "u2116", "datasecret", "chrome", "opredge", "isoperaedge", "opera", "browsername", "gecko", "iphone", "body", "srchttp", "strhashchange", "software", "sectionindex", "srchttps", "etslidertimer", "copyright", "typeof define", "etslidesnumber", "columns", "date", "error", "cowboy", "function", "placeheld", "customevent", "click", "minimum", "tooshort", "wpcf7wfreetext", "alert", "invert", "null", "form", "fast", "false", "path", "next", "video lightbox", "plugin", "expand", "previous", "setposition", "isset", "srcyoutube", "srcvimeo", "image", "lightbox clone", "stephane caron", "typeof therel", "regexp", "play", "close", "pseudo", "child", "typeof b", "array", "sufeffxa0", "class", "attr", "void", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "udfcbudfcc", "u2640u2642", "uddb0uddb3", "udd74udd75" ], "references": [ "xfe-URL-pegtech.com-stix2-2.1-export.json", "https://pegtech.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.20", "https://pegtech.com/wp-includes/js/jquery/jquery.js?ver=1.12.4", "https://pegtech.com/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6", "https://pegtech.com/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6", "https://pegtech.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.2", "https://pegtech.com/wp-content/themes/Divi/js/custom.min.js?ver=3.0.100", "https://pegtech.com/wp-content/themes/Divi/core/admin/js/common.js?ver=3.0.100", "https://pegtech.com/wp-includes/js/wp-embed.min.js?ver=4.9.20", "https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext", "https://pegtech.com/wp-includes/css/dashicons.min.css?ver=4.9.20" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 5, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 856, "domain": 190, "hostname": 364, "FileHash-SHA256": 216 }, "indicator_count": 1626, "is_author": false, "is_subscribing": null, "subscriber_count": 69, "modified_text": "1473 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "625f42dcc369f59f6a1e8b58", "name": "data102 and colohouse. Malware hosting", "description": "var a,b,c,d, f.substr(d),a=f, a.href, and a number of other elements:a.b.search.com.", "modified": "2022-05-19T00:00:49.028000", "created": "2022-04-19T23:16:44.418000", "tags": [ "regexp", "rangeerror", "typeerror", "date", "array", "error", "this", "uint8array", "typeof b", "buffer", "class", "null", "path", "void", "marketo forms", "cross domain", "typetext", "typeurl", "typeemail", "typetel", "typenumber", "typedate", "color", "label", "input", "typerange", "typecheckbox", "woff2", "fontface", "u1c801c88", "u20b4", "u2de02dff", "ua640a69f", "ufe2efe2f", "u04b004b1", "u2116", "u1ea01ef9", "franklin", "woff", "u20ab", "u0259", "u1e001eff", "u2020", "u20a020ab", "u20ad20cf", "gradienttype0", "webkitkeyframes", "span", "button", "tbody", "textarea", "helvetica neue", "tfoot", "body", "alpha", "twitter", "roboto", "pitch", "datasecret", "q1kg", "q17g", "d2dg", "c d3r", "q171zg", "e c2ttttb", "c g7", "6n184z", "6f6g", "typeof", "wpcf7redirect", "cf7mlscurrentfs", "handle fire", "popuptemplate", "templatename", "click", "fieldset", "cf7mlsbackfs", "section", "classwidget", "idmenu", "idfooter", "idwidget", "idcomment", "classmenu", "classfooter", "classcomment", "target", "blank", "typeof e", "formdata", "typeof symbol", "customevent", "post", "refill", "wpcf7", "wpcf7locale", "wpcf7unittag", "typeof wpcf7", "boolean", "modernizr", "custom build", "build", "afunction", "cfunction", "object", "documenttouch", "websocket", "symbol", "generator", "function", "select", "harvest", "mit license", "optgroup", "nnn n", "n nnnn", "explorer", "options", "abbr", "element", "unknownerror", "overquerylimit", "requestdenied", "zeroresults", "node", "edge", "android", "trident", "unknown", "false", "iframe", "marker", "hybrid", "tawkspinner", "failed", "resend", "tawkavatar", "tawkvideo", "tawkalert", "tawkemoji", "tawkicon", "enter", "number", "startchatbutton", "u26a1", "typeof t", "invalid attempt", "copyright", "marketo", "remove", "commentform", "author", "mouseenter", "secure", "ccpa", "bottom", "fixed", "widget", "embed", "trigger", "antispam", "please", "cleantalk", "typeof o", "ajaxnonce", "unkown", "apbctajaxerror", "typeof define", "typeof module", "html tags", "ox20trnf", "dom element", "attr", "pseudo", "child", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "udfcbudfcc", "u2640u2642", "source", "image", "ud83dudc6cud83c", "qe", "string", "xhfunction", "yhfunction", "gtmptxlxz4", "host", "code", "script", "promise", "complete", "reduceright", "g7be8pmlskx", "r300", "typeof d", "caca", "ufunction", "ffunction", "gfunction", "mchtd", "azaz", "firefox", "opera", "chrome", "iemobile", "black", "incorrect", "xfunction", "typeof p", "typeof btoa", "vnode", "colohouse", "york", "learn more", "data center", "miami", "e cermak", "springs", "read", "cloud", "managed", "fast", "philadelphia", "bare", "metal", "chat", "accept", "placeheld", "minimum", "tooshort", "wpcf7wfreetext", "alert", "invert", "form", "animation", "value", "foundation", "migrate", "backcompat", "quirks mode", "typeof f", "html", "sufeffxa0", "legacy", "contenttype", "wivobjkey", "typehit", "data", "closure library", "pfunction", "zfunction", "bfunction", "mvoid", "ofunction" ], "references": [ "xfe-URL-Data102.com-stix2-2.1-export.json", "https://www.google-analytics.com/analytics.js", "https://chimpstatic.com/mcjs-connected/js/users/6c3abfa7ff8634c75cdb2b22e/ddf7a436c1746be666f330e4a.js", "https://app.whoisvisiting.com/who.js", "https://www.data102.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp", "https://www.data102.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1", "https://www.data102.com/?wordfence_lh=1&hid=2D6A812A7EB197E80D5A3978A6386BE4&r=0.5029022326538093", "https://www.data102.com/wp-includes/js/wp-embed.min.js?ver=00b0ffc433836dcf9f57035fded0b908", "https://www.data102.com/wp-content/plugins/cta/shared//shortcodes/js/spin.min.js", "https://www.data102.com/wp-content/plugins/contact-form-7/includes/js/scripts.js", "https://colohouse.com/", "xfe-URL-colohouse.com-stix2-2.1-export.json", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-main.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-vendor.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-vendors.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-common.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-runtime.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-app.js", "https://munchkin.marketo.net/161/munchkin.js", "https://www.googletagmanager.com/gtag/js?id=G-7BE8PMLSKX&l=dataLayer&cx=c", "https://embed.tawk.to/5697c34527b9b5d40b66960f/default", "https://www.googletagmanager.com/gtm.js?id=GTM-PTXLXZ4", "https://colohouse.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8", "https://colohouse.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0", "https://colohouse.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public--functions.min.js?ver=5.173", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public.min.js?ver=5.173", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/cleantalk-modal.min.js?ver=5.173", "https://colohouse.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.4", "https://colohouse.com/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.3.31", "https://colohouse.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1", "https://munchkin.marketo.net/munchkin.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-2d0d2b7c.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-32507910.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-f163fcd0.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-2d0b9454.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-4fe9d5dd.js", "https://app-ab02.marketo.com/js/forms2/js/forms2.min.js", "https://maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyDR76rjQL_2raonHiZ6ZrPqJr-FPb7pGH0", "https://colohouse.com/wp-content/themes/Netrouting/assets/chosen/chosen.jquery.min.js", "https://colohouse.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7", "https://colohouse.com/wp-content/themes/Netrouting/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js", "https://colohouse.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2", "https://colohouse.com/wp-content/plugins/link-whisper-premium/js/frontend.js?ver=1632756485", "https://colohouse.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7-redirect-frontend-script.js?ver=1.1", "https://colohouse.com/wp-content/plugins/kingcomposer/assets/frontend/js/kingcomposer.min.js?ver=2.9.6", "https://colohouse.com/wp-includes/js/wp-embed.min.js?ver=5.8", "https://colohouse.com/wp-content/plugins/wp-schema-pro/admin/assets/min-js/frontend.min.js?ver=2.7.2", "https://colohouse.com/wp-content/cache/autoptimize/css/autoptimize_5e11636f7dd8fb4f55e0ff84f0ed5faa.css", "https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext", "https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&subset=greek%2Clatin%2Cvietnamese%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext&ver=2.9.6", "https://app-ab02.marketo.com/js/forms2/css/forms2.css", "https://app-ab02.marketo.com/js/forms2/css/forms2-theme-simple.css", "https://app-ab02.marketo.com/index.php/form/XDFrame" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Qe", "display_name": "Qe", "target": null }, { "id": "ReduceRight", "display_name": "ReduceRight", "target": null } ], "attack_ids": [ { "id": "T1036", "name": "Masquerading", "display_name": "T1036 - Masquerading" }, { "id": "T1049", "name": "System Network Connections Discovery", "display_name": "T1049 - System Network Connections Discovery" }, { "id": "T1140", "name": "Deobfuscate/Decode Files or Information", "display_name": "T1140 - Deobfuscate/Decode Files or Information" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 2599, "hostname": 952, "FileHash-SHA256": 458, "domain": 557 }, "indicator_count": 4566, "is_author": false, "is_subscribing": null, "subscriber_count": 69, "modified_text": "1474 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "references": [ "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-32507910.js", "https://snap.licdn.com/li.lms-analytics/insight.min.js", "https://otx.alienvault.com/indicator/ip/198.49.23.145#:~:text=CIDR:%206%20%7C%20CVE:%20107,infrastructure%20into%20global%20botnet%20clusters.", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/tinynav.min.js?ver=1.03", "https://embed.tawk.to/5697c34527b9b5d40b66960f/default", "https://dsms0mj1bbhn4.cloudfront.net/webpack/vendors~header~related-content~share-buttons~site-settings~user-settings~yarpp-header~yarpp-sites~ya~7d559390-c92fe44d0731743b2d8e.js", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.prettyPhoto.js?ver=3.0", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-vendor.js", "https://pegtech.com/wp-includes/js/jquery/jquery.js?ver=1.12.4", "https://app-ab02.marketo.com/js/forms2/js/forms2.min.js", "http://www.brechlerinsurance.com/wwblcms/wp-includes/js/jquery/jquery.js?ver=1.12.4", "https://egihosting.com/wp-includes/js/wp-embed.min.js?ver=4.9.20", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-4fe9d5dd.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-2d0b9454.js", "https://bgp.net/wp-includes/js/wp-embed.min.js?ver=5.5.9", "https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext", "https://pegtech.com/wp-includes/css/dashicons.min.css?ver=4.9.20", "http://astutemedia.asia/rackip/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.5.1", "xfe-URL-pegtech.com-stix2-2.1-export.json", "http://astutemedia.asia/rackip/wp-includes/js/wp-embed.min.js?ver=5.5.9", "xfe-URL-Data102.com-stix2-2.1-export.json", "https://colohouse.com/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.3.31", "https://pegtech.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.2", "https://www.data102.com/wp-content/plugins/contact-form-7/includes/js/scripts.js", "https://www.data102.com/wp-content/plugins/cta/shared//shortcodes/js/spin.min.js", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/modernizr.js?ver=2.5.3", "https://www.data102.com/?wordfence_lh=1&hid=2D6A812A7EB197E80D5A3978A6386BE4&r=0.5029022326538093", "https://www.data102.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1", "https://bgp.net/wp-content/themes/multihost/framework/js/public/modernizr.min.js?ver=5.5.9", "https://colohouse.com/wp-content/plugins/link-whisper-premium/js/frontend.js?ver=1632756485", "https://colohouse.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-runtime.js", "https://googleads.g.doubleclick.net/pagead/viewthroughconversion/530527736/?random=1650613875466&cv=9&fst=1650613875466&num=1&rdp=1&label=R7TDCJOysOMBEPjr_PwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=844&u_w=390&u_ah=844&u_aw=390&u_cd=32&u_his=5&u_tz=-240&u_java=false&u_nplug=0&u_nmime=0>m=2wg4k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fegihosting.com%2F&tiba=Best%20dedicated%20server%20for%20hosting%20in%20Silicon%20Valley%20%7C%20EGI&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4", "https://app-ab02.marketo.com/js/forms2/css/forms2.css", "xfe-URL-Owneriq.net-stix2-2.1-export.json", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.color.js?ver=2.0", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-app.js", "xfe-URL-astutemedia.asia-stix2-2.1-export.json", "https://js.driftt.com/include/1652585100000/mezhk4858hn8.js", "https://pegtech.com/wp-content/themes/Divi/core/admin/js/common.js?ver=3.0.100", "https://www.google.com/recaptcha/api.js?render=6LfPdckUAAAAAMPH_0crY_k4tdvDN7GVgKtWUyjU&ver=3.0", "https://www.googleadservices.com/pagead/conversion_async.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-f163fcd0.js", "http://astutemedia.asia/rackip/wp-includes/js/comment-reply.min.js?ver=5.5.9", "https://colohouse.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1", "https://bgp.net/wp-includes/js/wp-emoji-release.min.js?ver=5.5.9", "https://egihosting.com/wp-includes/js/jquery/jquery.js?ver=1.12.4", "https://colohouse.com/wp-content/themes/Netrouting/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js", "https://www.data102.com/wp-includes/js/wp-embed.min.js?ver=00b0ffc433836dcf9f57035fded0b908", "https://colohouse.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7-redirect-frontend-script.js?ver=1.1", "xfe-URL-egihosting.com-stix2-2.1-export.json", "http://astutemedia.asia/rackip/wp-includes/js/wp-emoji-release.min.js?ver=5.5.9", "https://bam.nr-data.net/1/f37cf8a208?a=1772678&v=1216.487a282&to=dlwNQEdeWVgHSxlDV1JWEBtdXlhR&rst=1074&ck=1&ref=https://www.shareaholic.com/&ap=9&be=11&fe=795&dc=37&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1652584962293,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:0,%22rp%22:0,%22rpe%22:0,%22dl%22:6,%22di%22:37,%22ds%22:37,%22de%22:45,%22dc%22:636,%22l%22:793,%22le%22:796%7D,%22navigation%22:%7B%22ty%22:2%7D%7D&fcp=123&jsonp=NREUM.setToken", "https://maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyDR76rjQL_2raonHiZ6ZrPqJr-FPb7pGH0", "xfe-URL-ml314.com-stix2-2.1-export.json", "https://colohouse.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8", "https://colohouse.com/wp-content/themes/Netrouting/assets/chosen/chosen.jquery.min.js", "https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fwww.brechlerinsurance.com%2F&cl=en-US&id_sync=19da2f0f-8191-4a73-b27d-e95f97e9a686&minify=1&pvs=1&site=d016349f31f268b5ce94fa8e70f6eddd", "https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&subset=greek%2Clatin%2Cvietnamese%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext&ver=2.9.6", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/custom.js?ver=1.0", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-main.js", "https://sb.scorecardresearch.com/beacon.js", "https://pegtech.com/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6", "https://munchkin.marketo.net/161/munchkin.js", "https://colohouse.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.4", "https://app.whoisvisiting.com/who.js", "http://www.brechlerinsurance.com/?gdbc-client=3.1.25-1652585170383", "https://cdn.tynt.com/afsh.js", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-2d0d2b7c.js", "https://bgp.net/wp-content/plugins/designthemes-core-features/shortcodes/css/animations.css?ver=5.5.9", "http://astutemedia.asia/rackip/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20", "https://colohouse.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7", "https://colohouse.com/wp-content/plugins/wp-schema-pro/admin/assets/min-js/frontend.min.js?ver=2.7.2", "https://egihosting.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4", "https://www.googletagmanager.com/gtm.js?id=GTM-PTXLXZ4", "https://www.google-analytics.com/analytics.js", "https://colohouse.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0", "https://colohouse.com/wp-includes/js/wp-embed.min.js?ver=5.8", "https://js.hubspot.com/analytics/1652585100000/210895.js", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/superfish.js?ver=1.4.8", "https://www.googletagmanager.com/gtm.js?id=GTM-NG3VQQL", "https://colohouse.com/wp-content/plugins/kingcomposer/assets/frontend/js/kingcomposer.min.js?ver=2.9.6", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/supersubs.js?ver=0.2", "https://px.owneriq.net/stas/s/sholic.js", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public--functions.min.js?ver=5.173", "https://domainpeople.com", "xfe-URL-bgp.net-stix2-2.1-export.json", "https://js-agent.newrelic.com/nr-1216.min.js", "https://chimpstatic.com/mcjs-connected/js/users/6c3abfa7ff8634c75cdb2b22e/ddf7a436c1746be666f330e4a.js", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.isotope.min.js?ver=1.0", "xfe-URL-Powr.io-stix2-2.1-export.json", "https://i.simpli.fi/dpx.js?cid=66112&m=0&sifi_tuid=37830&referrer=http%3A%2F%2Fwww.brechlerinsurance.com%2F", "xfe-URL-colohouse.com-stix2-2.1-export.json", "https://munchkin.marketo.net/munchkin.js", "https://colohouse.com/", "https://dsms0mj1bbhn4.cloudfront.net/assets/pages-afd7ed46648f01def74df6e4c245da53bde609b863bf63ff94a87154f2f82de0.js", "xfe-URL-bombora.com-stix2-2.1-export.json", "http://www.powr.io/powr.js", "http://astutemedia.asia/rackip/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp", "https://de.tynt.com/deb/v2?id=sh!sh&dn=AFSH&cc=1&r=", "https://pegtech.com/wp-includes/js/wp-embed.min.js?ver=4.9.20", "http://www.brechlerinsurance.com/wwblcms/wp-includes/js/wp-emoji-release.min.js?ver=479aaeefa13948f8aa1a2479d7a751df", "https://colohouse.com/wp-content/cache/autoptimize/css/autoptimize_5e11636f7dd8fb4f55e0ff84f0ed5faa.css", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.easing.js?ver=1.2", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.flexslider-min.js?ver=1.8", "https://colohouse.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public.min.js?ver=5.173", "https://dsms0mj1bbhn4.cloudfront.net/ui-header/loader.js", "https://pegtech.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.20", "https://pegtech.com/wp-content/themes/Divi/js/custom.min.js?ver=3.0.100", "https://colohouse.com/wp-content/plugins/cleantalk-spam-protect/js/cleantalk-modal.min.js?ver=5.173", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-vendors.js", "https://bgp.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/retina.min.js?ver=1.1.0", "https://bgp.net/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.3", "xfe-URL-shareaholic.com-stix2-2.1-export.json", "https://js-na1.hs-scripts.com/210895.js", "https://www.googletagmanager.com/gtag/js?id=G-7BE8PMLSKX&l=dataLayer&cx=c", "https://app-ab02.marketo.com/js/forms2/css/forms2-theme-simple.css", "https://app-ab02.marketo.com/index.php/form/XDFrame", "https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext", "https://embed.tawk.to/_s/v4/app/625d36b405c/js/twk-chunk-common.js", "https://pegtech.com/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6", "xfe-URL-Domainpeople.com-stix2-2.1-export.json", "https://www.data102.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp", "https://dsms0mj1bbhn4.cloudfront.net/webpack/default~header~related-content~share-buttons~site-settings~user-settings~yarpp-header~yarpp-sites~ya~2fbcff42-06fb1418b4e0c0383855.js", "https://bgp.net/wp-content/themes/multihost/framework/js/public/pace.min.js?ver=5.5.9" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [] }, "other": { "adversary": [], "malware_families": [ "Qe", "Vd", "Bomboraconsent", "Wipes", "Reduceright" ], "industries": [] } } }, "false_positive": [] }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 11, "pulses": [ { "id": "69eb254f17eb4a2a990f07e5", "name": "LevelBlue - Open Threat Exchange", "description": "[ As part of security research, we look at some of the most well-known vulnerabilities in the PDF ecosystem, and how they can be identified and mitigated, with the help of a simple hash.] [64xxxx]", "modified": "2026-05-28T07:10:11.800000", "created": "2026-04-24T08:09:51.488000", "tags": [ "pdfkit", "cve202225765", "exploit script", "github", "unicordev", "cves", "xml external", "entity", "pdfs", "knowledge base", "python", "mozilla", "virustotal", "cisa", "apple", "microsoft", "pdfkit ruby", "remote code", "execution", "urls", "malware", "raid", "caddywiper", "wipes", "cve202543529", "webkit", "february", "cve202620643", "bypass", "march", "webkit bug", "command", "control", "levelblue", "open threat" ], "references": [ "https://otx.alienvault.com/indicator/ip/198.49.23.145#:~:text=CIDR:%206%20%7C%20CVE:%20107,infrastructure%20into%20global%20botnet%20clusters." ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Wipes", "display_name": "Wipes", "target": null } ], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 1, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 1084, "FileHash-SHA1": 874, "FileHash-SHA256": 3052, "CVE": 36, "domain": 437, "hostname": 1086, "URL": 1411, "CIDR": 15, "email": 13 }, "indicator_count": 8008, "is_author": false, "is_subscribing": null, "subscriber_count": 70, "modified_text": "4 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65708e178755574d9812e4c9", "name": "Followed lead to brechlerinsurance.com", "description": "", "modified": "2023-12-06T15:07:03.528000", "created": "2023-12-06T15:07:03.528000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 2, "FileHash-SHA256": 1329, "domain": 2068, "hostname": 4185, "URL": 12454, "email": 1, "FileHash-MD5": 3, "FileHash-SHA1": 1 }, "indicator_count": 20043, "is_author": false, "is_subscribing": null, "subscriber_count": 110, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65708c712f63f24552fa3e38", "name": "bgp.net malicious hosting", "description": "", "modified": "2023-12-06T15:00:01.600000", "created": "2023-12-06T15:00:01.600000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 173, "hostname": 417, "URL": 1208, "domain": 267, "CVE": 1 }, "indicator_count": 2066, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65708c68b4f63f4ac0d16ff5", "name": "egihosting.com - malware", "description": "", "modified": "2023-12-06T14:59:52.017000", "created": "2023-12-06T14:59:52.017000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 120, "hostname": 352, "domain": 115, "URL": 934 }, "indicator_count": 1521, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65708c0f5981b6d81d0fa423", "name": "data102 and colohouse. Malware hosting", "description": "", "modified": "2023-12-06T14:58:23.206000", "created": "2023-12-06T14:58:23.206000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 458, "domain": 557, "URL": 2599, "hostname": 952 }, "indicator_count": 4566, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "628077c330f33dfd254e5a8b", "name": "Followed lead to brechlerinsurance.com", "description": "", "modified": "2022-06-13T00:00:32.864000", "created": "2022-05-15T03:47:15.835000", "tags": [ "bomboraconsent", "gdpr", "ccpa", "date", "nthis", "array", "typeof e", "typeerror", "class", "image", "typeof symbol", "afsh", "copyright", "rights reserved", "comscore", "typeof o", "uspapi", "null", "s271733878", "secure hash", "algorithm", "sha1", "a1732584193", "1518500249", "imgurl", "oiqfpsjs", "script", "iframe", "oiqaddpagecat", "inte", "oiqdotag", "track", "regexp", "pseudo", "child", "typeof b", "error", "sufeffxa0", "attr", "void", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "udfcbudfcc", "u2640u2642", "uddb0uddb3", "udd74udd75", "wpbruiserclient", "browserinfo", "mozinnerscreenx", "xmlhttprequest", "activexobject", "bf7e56f2f3", "zpbcat", "zcluidkrs", "promise", "boolean", "verification", "object", "reflect", "typeof proxy", "demo", "shareaholic", "sfunction", "bearer", "patch", "accept", "function", "symbol", "weakmap", "dataview", "typeof module", "cfunction", "event", "afunction", "efunction", "mfunction", "binnerheightc", "number", "string", "trackevent", "click", "uint8array", "gtmng3vqql", "classes", "path", "code", "typeof r", "function code", "typeof n", "angular", "angularjs", "ember", "meteor", "zepto", "jquery", "vd", "utmb", "firefox", "shockwave flash", "utma", "utmz", "ieproto", "typeof", "widgetrootqa", "driftconductor", "addcookiedomain", "hubspot", "typeof t", "quora pixel", "4294967295", "uint32array", "viewcontent", "infinity", "register domain names", "domain registration", "business web hosting services", "web hosting provider", "business email accounts", "web site hosting", "domain name registration", "ecommerce hosting services", "buy domains", "bulk domain search", "domain name search", "domain hosting", "registrations", "websites", "whois", "registrar", "registry", "domainpeople", "domain name", "registration", "year discount", "web hosting", "us whois", "us contact", "lookup alerts", "support login", "call" ], "references": [ "https://domainpeople.com", "xfe-URL-Domainpeople.com-stix2-2.1-export.json", "xfe-URL-shareaholic.com-stix2-2.1-export.json", "https://js.hubspot.com/analytics/1652585100000/210895.js", "https://js.driftt.com/include/1652585100000/mezhk4858hn8.js", "https://bam.nr-data.net/1/f37cf8a208?a=1772678&v=1216.487a282&to=dlwNQEdeWVgHSxlDV1JWEBtdXlhR&rst=1074&ck=1&ref=https://www.shareaholic.com/&ap=9&be=11&fe=795&dc=37&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1652584962293,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:0,%22rp%22:0,%22rpe%22:0,%22dl%22:6,%22di%22:37,%22ds%22:37,%22de%22:45,%22dc%22:636,%22l%22:793,%22le%22:796%7D,%22navigation%22:%7B%22ty%22:2%7D%7D&fcp=123&jsonp=NREUM.setToken", "https://js-agent.newrelic.com/nr-1216.min.js", "https://js-na1.hs-scripts.com/210895.js", "https://www.googletagmanager.com/gtm.js?id=GTM-NG3VQQL", "https://dsms0mj1bbhn4.cloudfront.net/assets/pages-afd7ed46648f01def74df6e4c245da53bde609b863bf63ff94a87154f2f82de0.js", "https://dsms0mj1bbhn4.cloudfront.net/webpack/vendors~header~related-content~share-buttons~site-settings~user-settings~yarpp-header~yarpp-sites~ya~7d559390-c92fe44d0731743b2d8e.js", "https://dsms0mj1bbhn4.cloudfront.net/webpack/default~header~related-content~share-buttons~site-settings~user-settings~yarpp-header~yarpp-sites~ya~2fbcff42-06fb1418b4e0c0383855.js", "https://dsms0mj1bbhn4.cloudfront.net/ui-header/loader.js", "https://de.tynt.com/deb/v2?id=sh!sh&dn=AFSH&cc=1&r=", "http://www.brechlerinsurance.com/?gdbc-client=3.1.25-1652585170383", "http://www.brechlerinsurance.com/wwblcms/wp-includes/js/wp-emoji-release.min.js?ver=479aaeefa13948f8aa1a2479d7a751df", "http://www.brechlerinsurance.com/wwblcms/wp-includes/js/jquery/jquery.js?ver=1.12.4", "https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fwww.brechlerinsurance.com%2F&cl=en-US&id_sync=19da2f0f-8191-4a73-b27d-e95f97e9a686&minify=1&pvs=1&site=d016349f31f268b5ce94fa8e70f6eddd", "https://px.owneriq.net/stas/s/sholic.js", "https://i.simpli.fi/dpx.js?cid=66112&m=0&sifi_tuid=37830&referrer=http%3A%2F%2Fwww.brechlerinsurance.com%2F", "https://sb.scorecardresearch.com/beacon.js", "https://cdn.tynt.com/afsh.js", "xfe-URL-ml314.com-stix2-2.1-export.json", "xfe-URL-bombora.com-stix2-2.1-export.json", "xfe-URL-Owneriq.net-stix2-2.1-export.json" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "BomboraConsent", "display_name": "BomboraConsent", "target": null }, { "id": "Vd", "display_name": "Vd", "target": null } ], "attack_ids": [ { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 13, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 4185, "URL": 12454, "FileHash-SHA256": 1329, "CVE": 2, "domain": 2068, "email": 1, "FileHash-MD5": 3, "FileHash-SHA1": 1 }, "indicator_count": 20043, "is_author": false, "is_subscribing": null, "subscriber_count": 69, "modified_text": "1449 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62626072973e68ce985c7a64", "name": "egihosting.com - malware", "description": "Here is the full code of the code, following the basic rules::. (t.2*o, t.3) for each of n's bizo-data-partner.", "modified": "2022-05-22T00:01:01.264000", "created": "2022-04-22T07:59:46.386000", "tags": [ "ui tabs", "http", "foundation", "mit license", "typeof define", "width", "ui core", "usemap", "backspace8", "comma188", "delete46", "this", "datasecret", "date", "image", "dorandvlxthvep", "click", "chat", "linux", "chrome", "safari", "konqueror", "opera", "false", "body", "regexp", "function", "typeof b", "error", "pseudo", "child", "null", "array", "sufeffxa0", "class", "void", "accept", "attr", "string", "number", "script", "copyright", "closure library", "typeerror", "symbol", "array int8array", "caregexp", "legacy", "functional", "member", "hnew regexp", "qfunction", "adview", "addbillinginfo", "addtocart", "addtolist", "contact", "download", "install" ], "references": [ "xfe-URL-egihosting.com-stix2-2.1-export.json", "https://snap.licdn.com/li.lms-analytics/insight.min.js", "https://www.googleadservices.com/pagead/conversion_async.js", "https://egihosting.com/wp-includes/js/jquery/jquery.js?ver=1.12.4", "https://egihosting.com/wp-includes/js/wp-embed.min.js?ver=4.9.20", "https://googleads.g.doubleclick.net/pagead/viewthroughconversion/530527736/?random=1650613875466&cv=9&fst=1650613875466&num=1&rdp=1&label=R7TDCJOysOMBEPjr_PwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=844&u_w=390&u_ah=844&u_aw=390&u_cd=32&u_his=5&u_tz=-240&u_java=false&u_nplug=0&u_nmime=0>m=2wg4k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fegihosting.com%2F&tiba=Best%20dedicated%20server%20for%20hosting%20in%20Silicon%20Valley%20%7C%20EGI&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4", "https://egihosting.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 934, "hostname": 352, "domain": 115, "FileHash-SHA256": 120 }, "indicator_count": 1521, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "1471 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62630d254b29696c094f7cb8", "name": "bgp.net malicious hosting", "description": "", "modified": "2022-05-22T00:01:01.264000", "created": "2022-04-22T20:16:37.675000", "tags": [ "2000px", "20px", "90deg", "10px", "30px", "3deg", "10deg", "5deg", "1deg", "30deg", "datasecret", "typeof", "wpbakery page", "copyright", "michael m", "wpbakery", "license", "jscs", "index1", "prev", "parallaximage", "error", "yfunction", "bfunction", "date", "nulld", "dfunction", "ffunction", "efunction", "nullb", "typeof console", "nonce", "script", "please do", "not copy", "and paste", "this code", "cgrecaptchacfg", "ngrecaptcha", "recaptchaapi", "render", "boolean", "modernizr", "custom build", "build", "afunction", "cfunction", "typeerror", "object", "documenttouch", "websocket", "regexp", "pseudo", "child", "typeof b", "array", "sufeffxa0", "class", "attr", "null", "void", "function", "width", "body", "accept", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "image", "udfcbudfcc", "u2640u2642", "09af", "source", "ud83dudc6cud83c" ], "references": [ "xfe-URL-bgp.net-stix2-2.1-export.json", "https://bgp.net/wp-includes/js/wp-emoji-release.min.js?ver=5.5.9", "https://bgp.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp", "https://bgp.net/wp-content/themes/multihost/framework/js/public/modernizr.min.js?ver=5.5.9", "https://www.google.com/recaptcha/api.js?render=6LfPdckUAAAAAMPH_0crY_k4tdvDN7GVgKtWUyjU&ver=3.0", "https://bgp.net/wp-content/themes/multihost/framework/js/public/pace.min.js?ver=5.5.9", "https://bgp.net/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.3", "https://bgp.net/wp-includes/js/wp-embed.min.js?ver=5.5.9", "https://bgp.net/wp-content/plugins/designthemes-core-features/shortcodes/css/animations.css?ver=5.5.9" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 5, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 417, "URL": 1208, "CVE": 1, "domain": 267, "FileHash-SHA256": 173 }, "indicator_count": 2066, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "1471 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62601d5f1c8672141d3c2afb", "name": "Malware hosting - rackip.com = astutemedia.asia", "description": "New RegExp:function(a,b), a new type, has its own built-up property, as well as an ability to store information in place when it is not already available.", "modified": "2022-05-20T00:01:19.453000", "created": "2022-04-20T14:49:03.781000", "tags": [ "datasecret", "easeoutcubic", "jquery", "select", "span", "class js", "html", "topsearch", "menu", "mobile", "menu dropdown", "class", "retinaimagepath", "copyright", "imulus", "mit license", "retina", "function", "xmlhttprequest", "head", "contenttype", "imagei", "viljamis", "navigation", "date", "typeof h", "woothemes", "tyler smith", "documenttouch", "number", "knumber", "previous", "next", "supersubs", "joel birch", "dual", "google group", "fontsize", "whitespace", "nowrap", "float", "superfish", "changelog", "visibility", "hidden", "setposition", "isset", "srcyoutube", "srcvimeo", "image", "lightbox clone", "stephane caron", "typeof therel", "regexp", "play", "close", "isotope", "commercial use", "http", "david desandro", "metafizzy", "moz webkit", "o ms", "reset", "null", "value", "clamp", "nullrgba", "nullhsla", "execresult", "cache", "local", "right", "including", "this software", "but not", "limited to", "terms of", "open", "bsd license", "redistribution", "redistributions", "neither", "direct", "placeheld", "form", "wpcf7", "alert", "minimum", "tooshort", "unittag", "false", "fast", "typesubmit", "form plugin", "version", "requires jquery", "examples", "typeof define", "typeimage", "formdata", "stop", "modernizr", "custom build", "build", "afunction", "cfunction", "typeerror", "object", "kfunction", "pseudo", "child", "typeof b", "array", "error", "sufeffxa0", "attr", "void", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "udfcbudfcc", "u2640u2642", "source", "ud83dudc6cud83c", "secure", "result" ], "references": [ "http://www.powr.io/powr.js", "http://astutemedia.asia/rackip/wp-includes/js/wp-emoji-release.min.js?ver=5.5.9", "xfe-URL-astutemedia.asia-stix2-2.1-export.json", "http://astutemedia.asia/rackip/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/modernizr.js?ver=2.5.3", "http://astutemedia.asia/rackip/wp-includes/js/comment-reply.min.js?ver=5.5.9", "http://astutemedia.asia/rackip/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20", "http://astutemedia.asia/rackip/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.5.1", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.easing.js?ver=1.2", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.color.js?ver=2.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.isotope.min.js?ver=1.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.prettyPhoto.js?ver=3.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/superfish.js?ver=1.4.8", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/supersubs.js?ver=0.2", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/jquery.flexslider-min.js?ver=1.8", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/tinynav.min.js?ver=1.03", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/retina.min.js?ver=1.1.0", "http://astutemedia.asia/rackip/wp-content/themes/servereza/js/custom.js?ver=1.0", "http://astutemedia.asia/rackip/wp-includes/js/wp-embed.min.js?ver=5.5.9", "xfe-URL-Powr.io-stix2-2.1-export.json" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 6, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 515, "URL": 1487, "domain": 242, "FileHash-SHA256": 351, "CVE": 1 }, "indicator_count": 2596, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "1473 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62609c764fab13bbe96613f8", "name": "Pegasus - pegtech.com", "description": "New RegExp:function(a,b), a new type, has its own built-up property, as well as an ability to store information in place when it is not already available.", "modified": "2022-05-20T00:01:19.453000", "created": "2022-04-20T23:51:18.734000", "tags": [ "fontface", "woff", "sans", "woff2", "u1c801c88", "u20b4", "u2de02dff", "ua640a69f", "ufe2efe2f", "u04b004b1", "u2116", "datasecret", "chrome", "opredge", "isoperaedge", "opera", "browsername", "gecko", "iphone", "body", "srchttp", "strhashchange", "software", "sectionindex", "srchttps", "etslidertimer", "copyright", "typeof define", "etslidesnumber", "columns", "date", "error", "cowboy", "function", "placeheld", "customevent", "click", "minimum", "tooshort", "wpcf7wfreetext", "alert", "invert", "null", "form", "fast", "false", "path", "next", "video lightbox", "plugin", "expand", "previous", "setposition", "isset", "srcyoutube", "srcvimeo", "image", "lightbox clone", "stephane caron", "typeof therel", "regexp", "play", "close", "pseudo", "child", "typeof b", "array", "sufeffxa0", "class", "attr", "void", "udc66udc67", "ud83d", "ufe0f", "ud83e", "udc68udc69", "udfcbudfcc", "u2640u2642", "uddb0uddb3", "udd74udd75" ], "references": [ "xfe-URL-pegtech.com-stix2-2.1-export.json", "https://pegtech.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.20", "https://pegtech.com/wp-includes/js/jquery/jquery.js?ver=1.12.4", "https://pegtech.com/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6", "https://pegtech.com/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6", "https://pegtech.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.2", "https://pegtech.com/wp-content/themes/Divi/js/custom.min.js?ver=3.0.100", "https://pegtech.com/wp-content/themes/Divi/core/admin/js/common.js?ver=3.0.100", "https://pegtech.com/wp-includes/js/wp-embed.min.js?ver=4.9.20", "https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext", "https://pegtech.com/wp-includes/css/dashicons.min.css?ver=4.9.20" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 5, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 856, "domain": 190, "hostname": 364, "FileHash-SHA256": 216 }, "indicator_count": 1626, "is_author": false, "is_subscribing": null, "subscriber_count": 69, "modified_text": "1473 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "ea.select", "type": "Domain" }, "abuseipdb": null, "urlhaus": { "indicator": "ea.select", "found": false, "verdict": "clean", "urls": [], "error": null }, "from_cache": true, "_cached_at": 1780315096.2866795 }