{ "type": "URL", "indicator": "https://crm.eurocert.pl", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://crm.eurocert.pl", "type": "url", "type_title": "URL", "validation": [], "base_indicator": { "id": 4073392045, "indicator": "https://crm.eurocert.pl", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 2, "pulses": [ { "id": "6848c105e22453c2bec2258d", "name": "Ogrodnictwo - Baza Firm 2024.xls adorno.pl", "description": "Researchers at the University of California at Berkeley, in the United States, have published their findings on the subject of a security vulnerability in Microsoft's PowerShell operating system, also known as \"Chocolatey\".", "modified": "2025-07-28T08:00:49.288000", "created": "2025-06-10T23:34:29.281000", "tags": [ "vhash", "ssdeep", "inquest labs", "microsoft excel", "d0 cf", "e0 a1", "hiddenss", "statess", "hidden", "nocase", "sha256", "externalnet", "homenet", "mtu denial", "5762", "needed", "df bit", "reply", "policies", "insecure level", "registry type", "powershell", "powershell id", "script block", "logging", "windows", "getfreespace", "imageendswith", "example", "imagestartswith", "files", "sandbox author", "securityuserid", "windows upgrade", "k netsvcs", "defender", "update", "cache entry", "gzip chrome", "user", "woff chrome", "javascript c", "doscom c", "text c", "bmp c", "text chrome" ], "references": [ "MD5 da63ff099674eab612f7101116bddaa5", "https://virustotalcloud.firebaseapp.com/__/auth/handler?state=AMbdmDmB7R-mobcjqlNn5Tk3TSMlTTChMo-X0Gu7sho4DBhHzFXXT13BnjoMIZ2BiUB9IwoPL5YHSk3Ad2Hjsn7dL9LVBA89o2Xy4CjQj6siPR5s_G-pxcVnajQCDVEG7aXwBPaq8QmoPG5sRErBd_3iX0RDSzNL0_AU9_ldsWsakbA0LOLkIluupkaXhS72NREPpemuXBzy0pI7pvWidxXFtfFklcG_-fzn8KLDIO4BVRcktGFwWvQ2Oa46KE8oqkAynQoBDw-ssMd-fZwwNdPME_GWE9q4dvXE8cHt7rUcfStwp9XZ7_Jd82zJHsp-cFPguYZx-a0NGA&code=4%2F0AUJR-x6e6ebOwSRIdn1ETUESvDBcpCwDMA12A8aZtVcAffxzGkWb2YWoSX-_VtzNaYcw6w&scope=email+profile+https%3A%2F%2F", "d37481f608bdf78117b2f8819bcfd6744c3934b5c08c2ec8b8cbd36030a6fbd3 g_Faktury__FAKTURA_Bruttoppn.pdf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 24, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 14, "FileHash-SHA1": 12, "FileHash-SHA256": 51, "URL": 239, "YARA": 1, "domain": 35, "hostname": 22, "CVE": 1 }, "indicator_count": 375, "is_author": false, "is_subscribing": null, "subscriber_count": 123, "modified_text": "307 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6840dced3080556150634fa5", "name": "VGT INTERNET - pozycjonowanie, serwery, domeny, strony www, poligrafia", "description": "https://www.virustotal.com/gui/file-analysis/YjljOTQzMGFmMjYyNjBjNWQ5YmYwOGM5MmM2NTRhNzI6MTc0OTA4MTI5NQ==", "modified": "2025-07-05T08:00:58.306000", "created": "2025-06-04T23:55:25.528000", "tags": [ "ssdeep", "file type", "ms windows", "pe32", "intel", "utf16", "crlf", "unicode", "tekst unicode", "wersja pliku", "dane obrazu", "rgba", "profesjonalne", "projektowanie", "tworzenie", "stron", "internetowych", "strony", "internetowe", "pozycjonowanie", "poligrafia", "web design", "hosting", "internet", "cms", "reklama", "vgt internet", "skuteczna", "przegldaj", "skontaktuj", "z nami", "info", "ssl domeny", "copyright", "string", "bareword", "might", "unknown regexp", "os x", "sandbox", "snort", "memory pattern", "number", "wping", "shell" ], "references": [ "(stream_tcp) data sent on stream after TCP reset sent (1).txt", "http://vgt.pl/static/js/bootstrap-typeahead.js" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 5, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 75, "FileHash-SHA1": 20, "FileHash-SHA256": 76, "URL": 273, "hostname": 78, "domain": 73 }, "indicator_count": 595, "is_author": false, "is_subscribing": null, "subscriber_count": 124, "modified_text": "330 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "http://vgt.pl/static/js/bootstrap-typeahead.js", "d37481f608bdf78117b2f8819bcfd6744c3934b5c08c2ec8b8cbd36030a6fbd3 g_Faktury__FAKTURA_Bruttoppn.pdf", "(stream_tcp) data sent on stream after TCP reset sent (1).txt", "MD5 da63ff099674eab612f7101116bddaa5", "https://virustotalcloud.firebaseapp.com/__/auth/handler?state=AMbdmDmB7R-mobcjqlNn5Tk3TSMlTTChMo-X0Gu7sho4DBhHzFXXT13BnjoMIZ2BiUB9IwoPL5YHSk3Ad2Hjsn7dL9LVBA89o2Xy4CjQj6siPR5s_G-pxcVnajQCDVEG7aXwBPaq8QmoPG5sRErBd_3iX0RDSzNL0_AU9_ldsWsakbA0LOLkIluupkaXhS72NREPpemuXBzy0pI7pvWidxXFtfFklcG_-fzn8KLDIO4BVRcktGFwWvQ2Oa46KE8oqkAynQoBDw-ssMd-fZwwNdPME_GWE9q4dvXE8cHt7rUcfStwp9XZ7_Jd82zJHsp-cFPguYZx-a0NGA&code=4%2F0AUJR-x6e6ebOwSRIdn1ETUESvDBcpCwDMA12A8aZtVcAffxzGkWb2YWoSX-_VtzNaYcw6w&scope=email+profile+https%3A%2F%2F" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 812 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/eurocert.pl", "whois": "http://whois.domaintools.com/eurocert.pl", "domain": "eurocert.pl", "hostname": "crm.eurocert.pl" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 2, "pulses": [ { "id": "6848c105e22453c2bec2258d", "name": "Ogrodnictwo - Baza Firm 2024.xls adorno.pl", "description": "Researchers at the University of California at Berkeley, in the United States, have published their findings on the subject of a security vulnerability in Microsoft's PowerShell operating system, also known as \"Chocolatey\".", "modified": "2025-07-28T08:00:49.288000", "created": "2025-06-10T23:34:29.281000", "tags": [ "vhash", "ssdeep", "inquest labs", "microsoft excel", "d0 cf", "e0 a1", "hiddenss", "statess", "hidden", "nocase", "sha256", "externalnet", "homenet", "mtu denial", "5762", "needed", "df bit", "reply", "policies", "insecure level", "registry type", "powershell", "powershell id", "script block", "logging", "windows", "getfreespace", "imageendswith", "example", "imagestartswith", "files", "sandbox author", "securityuserid", "windows upgrade", "k netsvcs", "defender", "update", "cache entry", "gzip chrome", "user", "woff chrome", "javascript c", "doscom c", "text c", "bmp c", "text chrome" ], "references": [ "MD5 da63ff099674eab612f7101116bddaa5", "https://virustotalcloud.firebaseapp.com/__/auth/handler?state=AMbdmDmB7R-mobcjqlNn5Tk3TSMlTTChMo-X0Gu7sho4DBhHzFXXT13BnjoMIZ2BiUB9IwoPL5YHSk3Ad2Hjsn7dL9LVBA89o2Xy4CjQj6siPR5s_G-pxcVnajQCDVEG7aXwBPaq8QmoPG5sRErBd_3iX0RDSzNL0_AU9_ldsWsakbA0LOLkIluupkaXhS72NREPpemuXBzy0pI7pvWidxXFtfFklcG_-fzn8KLDIO4BVRcktGFwWvQ2Oa46KE8oqkAynQoBDw-ssMd-fZwwNdPME_GWE9q4dvXE8cHt7rUcfStwp9XZ7_Jd82zJHsp-cFPguYZx-a0NGA&code=4%2F0AUJR-x6e6ebOwSRIdn1ETUESvDBcpCwDMA12A8aZtVcAffxzGkWb2YWoSX-_VtzNaYcw6w&scope=email+profile+https%3A%2F%2F", "d37481f608bdf78117b2f8819bcfd6744c3934b5c08c2ec8b8cbd36030a6fbd3 g_Faktury__FAKTURA_Bruttoppn.pdf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 24, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 14, "FileHash-SHA1": 12, "FileHash-SHA256": 51, "URL": 239, "YARA": 1, "domain": 35, "hostname": 22, "CVE": 1 }, "indicator_count": 375, "is_author": false, "is_subscribing": null, "subscriber_count": 123, "modified_text": "307 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6840dced3080556150634fa5", "name": "VGT INTERNET - pozycjonowanie, serwery, domeny, strony www, poligrafia", "description": "https://www.virustotal.com/gui/file-analysis/YjljOTQzMGFmMjYyNjBjNWQ5YmYwOGM5MmM2NTRhNzI6MTc0OTA4MTI5NQ==", "modified": "2025-07-05T08:00:58.306000", "created": "2025-06-04T23:55:25.528000", "tags": [ "ssdeep", "file type", "ms windows", "pe32", "intel", "utf16", "crlf", "unicode", "tekst unicode", "wersja pliku", "dane obrazu", "rgba", "profesjonalne", "projektowanie", "tworzenie", "stron", "internetowych", "strony", "internetowe", "pozycjonowanie", "poligrafia", "web design", "hosting", "internet", "cms", "reklama", "vgt internet", "skuteczna", "przegldaj", "skontaktuj", "z nami", "info", "ssl domeny", "copyright", "string", "bareword", "might", "unknown regexp", "os x", "sandbox", "snort", "memory pattern", "number", "wping", "shell" ], "references": [ "(stream_tcp) data sent on stream after TCP reset sent (1).txt", "http://vgt.pl/static/js/bootstrap-typeahead.js" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 5, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 75, "FileHash-SHA1": 20, "FileHash-SHA256": 76, "URL": 273, "hostname": 78, "domain": 73 }, "indicator_count": 595, "is_author": false, "is_subscribing": null, "subscriber_count": 124, "modified_text": "330 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://crm.eurocert.pl", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://crm.eurocert.pl", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780235420.2099679 }