{ "type": "URL", "indicator": "https://cuisinecomptoiretcompagnie.fr", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://cuisinecomptoiretcompagnie.fr", "type": "url", "type_title": "URL", "validation": [], "base_indicator": { "id": 3737023611, "indicator": "https://cuisinecomptoiretcompagnie.fr", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 9, "pulses": [ { "id": "6647908c09468f42bc1249f1", "name": "University of Alberta Azure/Entra Compromised Tenant Compromized Institution", "description": "Update: Academic/Non-Academic Staff Unions, 3rd party org, & some profs/students/alumni tried raising concerns to Admins/President/IST & CISO => Maintaining position they will not be looking into reported problems re: Cybersecurity under any circumstances = more time more problems? Attempts to advocate -> Harrass./Discrim./De-humanizing responses from admins (representing all folks - recorded). \nTenant ID: 718b8a9b-44d8-441a-a344-4294ea842172 = This pulse is 1 example (small) of problems.\n\nPrimary domain\nualbertaca.onmicrosoft.com\nCustom Domain Names\nualberta.ca\nVerified\nualbertaca.onmicrosoft.com", "modified": "2025-03-01T04:59:57.222000", "created": "2024-05-17T17:14:52.317000", "tags": [ "false", "true", "visible", "application", "microsoft teams", "microsoft azure", "office", "service", "dynamics", "hidden", "android", "explorer", "write", "connector", "test", "sharepoint", "live", "meister", "tools", "desktop", "spark", "front", "enterprise", "designer", "atlas", "premium", "assistant", "allow", "azureadmyorg", "game", "verify", "microsoft power", "channelsurfcli", "mtd1", "file transfer", "magnus", "microsoft crm", "youth" ], "references": [ "All - EnterpriseAppsList.csv", "AppRegistrationList.csv", "https://tria.ge/240517-vc7c1shc62/behavioral1", "https://tria.ge/240517-vdwb5shc71/behavioral1", "https://tria.ge/240517-vqxezaaa33/behavioral1", "https://tria.ge/240517-t9pc2ahb2t", "https://www.virustotal.com/graph/embed/g9453a2f58a3340f18120987c2b4d710dbb44ded88c434abf8894458a98c7bd4b?theme=dark", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/iocs", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/graph", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/summary", "https://www.filescan.io/uploads/66479b483313f70f0afe3dbb", "https://www.filescan.io/uploads/664799c9d5c40bffee6106d7", "Thor Scan: S-I9VvMTB6cZU", "https://www.filescan.io/uploads/664ba368d5c40bffee63b1ee/reports/31817751-6b5d-45df-8813-472aa6c756a3/overview", "https://www.filescan.io/uploads/664ba8a20663ff3c2ec6428a/reports/09d3d82a-7ec1-4804-93e5-5ae691fbb7f2/overview", "https://imp0rtp3.wordpress.com/2021/08/12/tetris/", "https://www.filescan.io/uploads/664bb0cd7c9fb1468fc610c5/reports/00c78e4d-2156-4906-a106-ebf7e2723251/overview", "https://www.filescan.io/uploads/664bb40fbc04dffa92240ca2/reports/398074f2-c7b6-40e9-9b5c-4225cc990473/overview", "https://www.filescan.io/uploads/664bb683bc04dffa92241015/reports/92b70fd6-97d7-4386-8465-f3fd79043843/overview", "https://tria.ge/240521-q4s79agb25/static1", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/664f906322f5af13cdfb50be", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/664f906222f5af13cdfb5093", "https://www.filescan.io/uploads/666d69ff6b8dba248b414767/reports/dda2c8a1-96fd-4c00-9cbc-c64c4685a804/overview", "https://www.filescan.io/uploads/666d69ff6b8dba248b414767", "https://viz.greynoise.io/analysis/33e9b33b-b932-4c43-9be1-3e2d6f9cb4b3", "https://viz.greynoise.io/analysis/e51d9a15-d802-4d51-9a70-17803dc2693a", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b", "Above Malcore Strings: All - EnterpriseAppsList, AppRegistration, EnterpriseAppslist, exportGroup, exportUsers, HiddenApps - EnterpriseAppsList****", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d00975ea31558d54fceea", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667cff1a5ea31558d54fcbf6", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d0107b44401771de9ebf2", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d00356dd8f43b723a915a", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667cffec5ea31558d54fcda2", "https://www.hudsonrock.com/search?domain=ualberta.ca", "https://www.criminalip.io/domain/report?scan_id=13798622", "https://viz.greynoise.io/analysis/9635144c-db8f-47ab-a83a-5785602244cf - 07.03.24", "https://urlscan.io/search/#ualberta.ca", "https://www.virustotal.com/gui/collection/0ca12fcdd125ec5a5055180ee828b98d47b8b2e920660be559c2b602266b6b1d/iocs", "https://sitereport.netcraft.com/?url=http://ualberta.ca", "https://www.wordfence.com/blog/2022/10/threat-advisory-monitoring-cve-2022-42889-text4shell-exploit-attempts/", "https://tenantresolution.pingcastle.com/Search - Tenant still active (07.19.24) - Good jobs ya'll", "https://www.virustotal.com/graph/embed/gf1d5aa209c7f4fd086e4cb17dcd0af52421ea4bae87d49fe9b4076b382612f0e?theme=dark", "https://viz.greynoise.io/query/AS36351%20classification:%22malicious%22", "https://viz.greynoise.io/query/AS60068%20classification:%22malicious%22", "https://viz.greynoise.io/query/AS8075%20classification:%22malicious%22", "https://viz.greynoise.io/query/AS15169%20classification:%22malicious%22", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b - https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b = Hidden Apps - Enterprise Apps List" ], "public": 1, "adversary": "", "targeted_countries": [ "United States of America", "Canada" ], "malware_families": [], "attack_ids": [], "industries": [ "Education", "Technology", "Healthcare", "Telecommunications", "Government" ], "TLP": "white", "cloned_from": null, "export_count": 25, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 7, "follower_count": 0, "vote": 0, "author": { "username": "Disable_Duck", "id": "244325", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_244325/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 1703, "FileHash-SHA256": 90472, "URL": 99185, "domain": 82954, "hostname": 39041, "FileHash-SHA1": 1624, "email": 4658, "CVE": 12 }, "indicator_count": 319649, "is_author": false, "is_subscribing": null, "subscriber_count": 140, "modified_text": "456 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "659c73db79d680af1c1c8f69", "name": "Data Center [Pulse curated by StreamMiningEx]", "description": "", "modified": "2024-01-08T22:14:51.330000", "created": "2024-01-08T22:14:51.330000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": "6570a01137b1bcae30a77dfa", "export_count": 13, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 2, "FileHash-MD5": 255, "FileHash-SHA256": 1129, "hostname": 1306, "domain": 14829, "FileHash-SHA1": 45, "URL": 9697, "email": 5, "CIDR": 3 }, "indicator_count": 27271, "is_author": false, "is_subscribing": null, "subscriber_count": 224, "modified_text": "874 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a746daf9bcde6a5a80e9", "name": "SSDEEP", "description": "", "modified": "2023-12-06T16:54:27.604000", "created": "2023-12-06T16:54:27.604000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 12, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 2, "FileHash-MD5": 255, "FileHash-SHA256": 1129, "hostname": 1306, "domain": 14829, "FileHash-SHA1": 45, "URL": 9697, "email": 5, "CIDR": 3 }, "indicator_count": 27271, "is_author": false, "is_subscribing": null, "subscriber_count": 112, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a01137b1bcae30a77dfa", "name": "Data Center", "description": "", "modified": "2023-12-06T16:23:45.285000", "created": "2023-12-06T16:23:45.285000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 9, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 2, "FileHash-MD5": 255, "FileHash-SHA256": 1129, "hostname": 1306, "domain": 14829, "FileHash-SHA1": 45, "URL": 9697, "email": 5, "CIDR": 3 }, "indicator_count": 27271, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "65709f90e60d708ce755c510", "name": "Ladys.one", "description": "", "modified": "2023-12-06T16:21:36.587000", "created": "2023-12-06T16:21:36.587000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 6, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 126, "FileHash-SHA256": 131, "domain": 84, "URL": 274, "email": 1, "FileHash-MD5": 15, "FileHash-SHA1": 25 }, "indicator_count": 656, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "653f1fa4726c7449f379d172", "name": "SSDEEP", "description": "", "modified": "2023-10-30T03:14:44.205000", "created": "2023-10-30T03:14:44.205000", "tags": [ "united", "as13335", "unknown", "search", "aaaa", "link", "accept encoding", "entries", "creation date", "record value", "date", "body", "cookie", "domain related", "showing", "maxage0", "colocation data", "maxage2592000", "acceptencoding", "centers", "powered shells", "sabey", "submission", "buildtosuit", "details links", "community", "join", "vt community", "api key", "virtual address", "virtual size", "raw size", "entropy", "sections", "functionality", "file type", "chi2", "contained", "us entropy", "ascii text", "rtmanifest", "rticon", "neutral", "sha256", "type rticon", "vhash", "imphash", "ssdeep", "win32 exe", "magic pe32", "ms windows", "intel", "trid generic", "cil executable", "mono" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [ "United States of America" ], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": "65136e65a6a0e9d07117995a", "export_count": 13, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 284, "URL": 37584, "domain": 58771, "email": 23, "hostname": 4995, "FileHash-SHA256": 3633, "FileHash-SHA1": 57, "CIDR": 14, "CVE": 4 }, "indicator_count": 105365, "is_author": false, "is_subscribing": null, "subscriber_count": 223, "modified_text": "945 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "65136e65a6a0e9d07117995a", "name": "SSDEEP", "description": "", "modified": "2023-09-26T23:51:01.817000", "created": "2023-09-26T23:51:01.817000", "tags": [ "united", "as13335", "unknown", "search", "aaaa", "link", "accept encoding", "entries", "creation date", "record value", "date", "body", "cookie", "domain related", "showing", "maxage0", "colocation data", "maxage2592000", "acceptencoding", "centers", "powered shells", "sabey", "submission", "buildtosuit", "details links", "community", "join", "vt community", "api key", "virtual address", "virtual size", "raw size", "entropy", "sections", "functionality", "file type", "chi2", "contained", "us entropy", "ascii text", "rtmanifest", "rticon", "neutral", "sha256", "type rticon", "vhash", "imphash", "ssdeep", "win32 exe", "magic pe32", "ms windows", "intel", "trid generic", "cil executable", "mono" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [ "United States of America" ], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": "64de492643ea275c2b0e2eb9", "export_count": 14, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "scoreblue", "id": "254100", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_254100/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 284, "URL": 37584, "domain": 58771, "email": 23, "hostname": 4995, "FileHash-SHA256": 3633, "FileHash-SHA1": 57, "CIDR": 14, "CVE": 4 }, "indicator_count": 105365, "is_author": false, "is_subscribing": null, "subscriber_count": 233, "modified_text": "978 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "64de492643ea275c2b0e2eb9", "name": "Data Center", "description": "Tags:\ncve-2014-3931\nwise\ncve-2007-0943\ncve-2017-11882\nbobsoft\nbase64-embedded\ncve-2004-0566\ncve-2005-0233\ncontains-embedded-js\ncontains-elf\ncve-1999-0016\ncve-2017-1188\nattachment\ncve-2018-0802\nthemida\ncontains-pe\ncve-2018-0798\nupx\ncve-2016-0101", "modified": "2023-09-16T17:02:31.206000", "created": "2023-08-17T16:21:58.779000", "tags": [ "united", "as13335", "unknown", "search", "aaaa", "link", "accept encoding", "entries", "creation date", "record value", "date", "body", "cookie", "domain related", "showing", "maxage0", "colocation data", "maxage2592000", "acceptencoding", "centers", "powered shells", "sabey", "submission", "buildtosuit", "details links", "community", "join", "vt community", "api key", "virtual address", "virtual size", "raw size", "entropy", "sections", "functionality", "file type", "chi2", "contained", "us entropy", "ascii text", "rtmanifest", "rticon", "neutral", "sha256", "type rticon", "vhash", "imphash", "ssdeep", "win32 exe", "magic pe32", "ms windows", "intel", "trid generic", "cil executable", "mono" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [ "United States of America" ], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 21, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 284, "URL": 37584, "domain": 58771, "email": 23, "hostname": 4995, "FileHash-SHA256": 3633, "FileHash-SHA1": 57, "CIDR": 14, "CVE": 4 }, "indicator_count": 105365, "is_author": false, "is_subscribing": null, "subscriber_count": 225, "modified_text": "988 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "64d65ac898c5ffa516ddda22", "name": "Ladys.one", "description": "Reputation Mismanagement Campaigners\nAdult content\nAll other reports missing.\nI believe accounts under MITRE ATT&CK\nDuplicates processed and shared. Nonsensical prewritten analysis appears in ' DESCRIPTION' upon submit.", "modified": "2023-09-10T17:05:20.083000", "created": "2023-08-11T15:59:04.207000", "tags": [ "united", "as14061", "passive dns", "scan endpoints", "all search", "otx octoseek", "ipv4", "pulse submit", "url analysis", "urls", "unknown" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 17, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 636, "domain": 149, "hostname": 213, "FileHash-MD5": 32, "FileHash-SHA1": 26, "FileHash-SHA256": 146, "email": 2 }, "indicator_count": 1204, "is_author": false, "is_subscribing": null, "subscriber_count": 220, "modified_text": "994 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "https://www.filescan.io/uploads/66479b483313f70f0afe3dbb", "https://www.hudsonrock.com/search?domain=ualberta.ca", "https://www.filescan.io/uploads/664ba8a20663ff3c2ec6428a/reports/09d3d82a-7ec1-4804-93e5-5ae691fbb7f2/overview", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d00975ea31558d54fceea", "https://imp0rtp3.wordpress.com/2021/08/12/tetris/", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/iocs", "https://tenantresolution.pingcastle.com/Search - Tenant still active (07.19.24) - Good jobs ya'll", "All - EnterpriseAppsList.csv", "https://tria.ge/240521-q4s79agb25/static1", "https://viz.greynoise.io/query/AS60068%20classification:%22malicious%22", "https://www.virustotal.com/graph/embed/g9453a2f58a3340f18120987c2b4d710dbb44ded88c434abf8894458a98c7bd4b?theme=dark", "https://www.filescan.io/uploads/666d69ff6b8dba248b414767", "https://www.filescan.io/uploads/664799c9d5c40bffee6106d7", "https://www.filescan.io/uploads/664bb683bc04dffa92241015/reports/92b70fd6-97d7-4386-8465-f3fd79043843/overview", "https://www.filescan.io/uploads/666d69ff6b8dba248b414767/reports/dda2c8a1-96fd-4c00-9cbc-c64c4685a804/overview", "https://www.virustotal.com/gui/collection/0ca12fcdd125ec5a5055180ee828b98d47b8b2e920660be559c2b602266b6b1d/iocs", "https://www.virustotal.com/graph/embed/gf1d5aa209c7f4fd086e4cb17dcd0af52421ea4bae87d49fe9b4076b382612f0e?theme=dark", "https://www.filescan.io/uploads/664ba368d5c40bffee63b1ee/reports/31817751-6b5d-45df-8813-472aa6c756a3/overview", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667cffec5ea31558d54fcda2", "https://www.wordfence.com/blog/2022/10/threat-advisory-monitoring-cve-2022-42889-text4shell-exploit-attempts/", "Above Malcore Strings: All - EnterpriseAppsList, AppRegistration, EnterpriseAppslist, exportGroup, exportUsers, HiddenApps - EnterpriseAppsList****", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/664f906322f5af13cdfb50be", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/graph", "https://viz.greynoise.io/analysis/33e9b33b-b932-4c43-9be1-3e2d6f9cb4b3", "https://tria.ge/240517-vc7c1shc62/behavioral1", "https://viz.greynoise.io/analysis/9635144c-db8f-47ab-a83a-5785602244cf - 07.03.24", "https://tria.ge/240517-vqxezaaa33/behavioral1", "https://sitereport.netcraft.com/?url=http://ualberta.ca", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/664f906222f5af13cdfb5093", "https://www.filescan.io/uploads/664bb0cd7c9fb1468fc610c5/reports/00c78e4d-2156-4906-a106-ebf7e2723251/overview", "https://viz.greynoise.io/analysis/e51d9a15-d802-4d51-9a70-17803dc2693a", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667cff1a5ea31558d54fcbf6", "https://viz.greynoise.io/query/AS8075%20classification:%22malicious%22", "AppRegistrationList.csv", "Thor Scan: S-I9VvMTB6cZU", "https://tria.ge/240517-vdwb5shc71/behavioral1", "https://tria.ge/240517-t9pc2ahb2t", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b", "https://viz.greynoise.io/query/AS15169%20classification:%22malicious%22", "https://www.criminalip.io/domain/report?scan_id=13798622", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/summary", "https://urlscan.io/search/#ualberta.ca", "https://viz.greynoise.io/query/AS36351%20classification:%22malicious%22", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d00356dd8f43b723a915a", "https://www.filescan.io/uploads/664bb40fbc04dffa92240ca2/reports/398074f2-c7b6-40e9-9b5c-4225cc990473/overview", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b - https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b = Hidden Apps - Enterprise Apps List", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d0107b44401771de9ebf2" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [], "malware_families": [], "industries": [ "Technology", "Government", "Education", "Healthcare", "Telecommunications" ], "unique_indicators": 71600 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/cuisinecomptoiretcompagnie.fr", "whois": "http://whois.domaintools.com/cuisinecomptoiretcompagnie.fr", "domain": "cuisinecomptoiretcompagnie.fr", "hostname": "Unavailable" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 9, "pulses": [ { "id": "6647908c09468f42bc1249f1", "name": "University of Alberta Azure/Entra Compromised Tenant Compromized Institution", "description": "Update: Academic/Non-Academic Staff Unions, 3rd party org, & some profs/students/alumni tried raising concerns to Admins/President/IST & CISO => Maintaining position they will not be looking into reported problems re: Cybersecurity under any circumstances = more time more problems? Attempts to advocate -> Harrass./Discrim./De-humanizing responses from admins (representing all folks - recorded). \nTenant ID: 718b8a9b-44d8-441a-a344-4294ea842172 = This pulse is 1 example (small) of problems.\n\nPrimary domain\nualbertaca.onmicrosoft.com\nCustom Domain Names\nualberta.ca\nVerified\nualbertaca.onmicrosoft.com", "modified": "2025-03-01T04:59:57.222000", "created": "2024-05-17T17:14:52.317000", "tags": [ "false", "true", "visible", "application", "microsoft teams", "microsoft azure", "office", "service", "dynamics", "hidden", "android", "explorer", "write", "connector", "test", "sharepoint", "live", "meister", "tools", "desktop", "spark", "front", "enterprise", "designer", "atlas", "premium", "assistant", "allow", "azureadmyorg", "game", "verify", "microsoft power", "channelsurfcli", "mtd1", "file transfer", "magnus", "microsoft crm", "youth" ], "references": [ "All - EnterpriseAppsList.csv", "AppRegistrationList.csv", "https://tria.ge/240517-vc7c1shc62/behavioral1", "https://tria.ge/240517-vdwb5shc71/behavioral1", "https://tria.ge/240517-vqxezaaa33/behavioral1", "https://tria.ge/240517-t9pc2ahb2t", "https://www.virustotal.com/graph/embed/g9453a2f58a3340f18120987c2b4d710dbb44ded88c434abf8894458a98c7bd4b?theme=dark", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/iocs", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/graph", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/summary", "https://www.filescan.io/uploads/66479b483313f70f0afe3dbb", "https://www.filescan.io/uploads/664799c9d5c40bffee6106d7", "Thor Scan: S-I9VvMTB6cZU", "https://www.filescan.io/uploads/664ba368d5c40bffee63b1ee/reports/31817751-6b5d-45df-8813-472aa6c756a3/overview", "https://www.filescan.io/uploads/664ba8a20663ff3c2ec6428a/reports/09d3d82a-7ec1-4804-93e5-5ae691fbb7f2/overview", "https://imp0rtp3.wordpress.com/2021/08/12/tetris/", "https://www.filescan.io/uploads/664bb0cd7c9fb1468fc610c5/reports/00c78e4d-2156-4906-a106-ebf7e2723251/overview", "https://www.filescan.io/uploads/664bb40fbc04dffa92240ca2/reports/398074f2-c7b6-40e9-9b5c-4225cc990473/overview", "https://www.filescan.io/uploads/664bb683bc04dffa92241015/reports/92b70fd6-97d7-4386-8465-f3fd79043843/overview", "https://tria.ge/240521-q4s79agb25/static1", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/664f906322f5af13cdfb50be", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/664f906222f5af13cdfb5093", "https://www.filescan.io/uploads/666d69ff6b8dba248b414767/reports/dda2c8a1-96fd-4c00-9cbc-c64c4685a804/overview", "https://www.filescan.io/uploads/666d69ff6b8dba248b414767", "https://viz.greynoise.io/analysis/33e9b33b-b932-4c43-9be1-3e2d6f9cb4b3", "https://viz.greynoise.io/analysis/e51d9a15-d802-4d51-9a70-17803dc2693a", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b", "Above Malcore Strings: All - EnterpriseAppsList, AppRegistration, EnterpriseAppslist, exportGroup, exportUsers, HiddenApps - EnterpriseAppsList****", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d00975ea31558d54fceea", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667cff1a5ea31558d54fcbf6", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d0107b44401771de9ebf2", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d00356dd8f43b723a915a", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667cffec5ea31558d54fcda2", "https://www.hudsonrock.com/search?domain=ualberta.ca", "https://www.criminalip.io/domain/report?scan_id=13798622", "https://viz.greynoise.io/analysis/9635144c-db8f-47ab-a83a-5785602244cf - 07.03.24", "https://urlscan.io/search/#ualberta.ca", "https://www.virustotal.com/gui/collection/0ca12fcdd125ec5a5055180ee828b98d47b8b2e920660be559c2b602266b6b1d/iocs", "https://sitereport.netcraft.com/?url=http://ualberta.ca", "https://www.wordfence.com/blog/2022/10/threat-advisory-monitoring-cve-2022-42889-text4shell-exploit-attempts/", "https://tenantresolution.pingcastle.com/Search - Tenant still active (07.19.24) - Good jobs ya'll", "https://www.virustotal.com/graph/embed/gf1d5aa209c7f4fd086e4cb17dcd0af52421ea4bae87d49fe9b4076b382612f0e?theme=dark", "https://viz.greynoise.io/query/AS36351%20classification:%22malicious%22", "https://viz.greynoise.io/query/AS60068%20classification:%22malicious%22", "https://viz.greynoise.io/query/AS8075%20classification:%22malicious%22", "https://viz.greynoise.io/query/AS15169%20classification:%22malicious%22", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b - https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b = Hidden Apps - Enterprise Apps List" ], "public": 1, "adversary": "", "targeted_countries": [ "United States of America", "Canada" ], "malware_families": [], "attack_ids": [], "industries": [ "Education", "Technology", "Healthcare", "Telecommunications", "Government" ], "TLP": "white", "cloned_from": null, "export_count": 25, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 7, "follower_count": 0, "vote": 0, "author": { "username": "Disable_Duck", "id": "244325", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_244325/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 1703, "FileHash-SHA256": 90472, "URL": 99185, "domain": 82954, "hostname": 39041, "FileHash-SHA1": 1624, "email": 4658, "CVE": 12 }, "indicator_count": 319649, "is_author": false, "is_subscribing": null, "subscriber_count": 140, "modified_text": "456 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "659c73db79d680af1c1c8f69", "name": "Data Center [Pulse curated by StreamMiningEx]", "description": "", "modified": "2024-01-08T22:14:51.330000", "created": "2024-01-08T22:14:51.330000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": "6570a01137b1bcae30a77dfa", "export_count": 13, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 2, "FileHash-MD5": 255, "FileHash-SHA256": 1129, "hostname": 1306, "domain": 14829, "FileHash-SHA1": 45, "URL": 9697, "email": 5, "CIDR": 3 }, "indicator_count": 27271, "is_author": false, "is_subscribing": null, "subscriber_count": 224, "modified_text": "874 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a746daf9bcde6a5a80e9", "name": "SSDEEP", "description": "", "modified": "2023-12-06T16:54:27.604000", "created": "2023-12-06T16:54:27.604000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 12, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 2, "FileHash-MD5": 255, "FileHash-SHA256": 1129, "hostname": 1306, "domain": 14829, "FileHash-SHA1": 45, "URL": 9697, "email": 5, "CIDR": 3 }, "indicator_count": 27271, "is_author": false, "is_subscribing": null, "subscriber_count": 112, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a01137b1bcae30a77dfa", "name": "Data Center", "description": "", "modified": "2023-12-06T16:23:45.285000", "created": "2023-12-06T16:23:45.285000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 9, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 2, "FileHash-MD5": 255, "FileHash-SHA256": 1129, "hostname": 1306, "domain": 14829, "FileHash-SHA1": 45, "URL": 9697, "email": 5, "CIDR": 3 }, "indicator_count": 27271, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "65709f90e60d708ce755c510", "name": "Ladys.one", "description": "", "modified": "2023-12-06T16:21:36.587000", "created": "2023-12-06T16:21:36.587000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 6, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 126, "FileHash-SHA256": 131, "domain": 84, "URL": 274, "email": 1, "FileHash-MD5": 15, "FileHash-SHA1": 25 }, "indicator_count": 656, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "907 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "653f1fa4726c7449f379d172", "name": "SSDEEP", "description": "", "modified": "2023-10-30T03:14:44.205000", "created": "2023-10-30T03:14:44.205000", "tags": [ "united", "as13335", "unknown", "search", "aaaa", "link", "accept encoding", "entries", "creation date", "record value", "date", "body", "cookie", "domain related", "showing", "maxage0", "colocation data", "maxage2592000", "acceptencoding", "centers", "powered shells", "sabey", "submission", "buildtosuit", "details links", "community", "join", "vt community", "api key", "virtual address", "virtual size", "raw size", "entropy", "sections", "functionality", "file type", "chi2", "contained", "us entropy", "ascii text", "rtmanifest", "rticon", "neutral", "sha256", "type rticon", "vhash", "imphash", "ssdeep", "win32 exe", "magic pe32", "ms windows", "intel", "trid generic", "cil executable", "mono" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [ "United States of America" ], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": "65136e65a6a0e9d07117995a", "export_count": 13, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 284, "URL": 37584, "domain": 58771, "email": 23, "hostname": 4995, "FileHash-SHA256": 3633, "FileHash-SHA1": 57, "CIDR": 14, "CVE": 4 }, "indicator_count": 105365, "is_author": false, "is_subscribing": null, "subscriber_count": 223, "modified_text": "945 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "65136e65a6a0e9d07117995a", "name": "SSDEEP", "description": "", "modified": "2023-09-26T23:51:01.817000", "created": "2023-09-26T23:51:01.817000", "tags": [ "united", "as13335", "unknown", "search", "aaaa", "link", "accept encoding", "entries", "creation date", "record value", "date", "body", "cookie", "domain related", "showing", "maxage0", "colocation data", "maxage2592000", "acceptencoding", "centers", "powered shells", "sabey", "submission", "buildtosuit", "details links", "community", "join", "vt community", "api key", "virtual address", "virtual size", "raw size", "entropy", "sections", "functionality", "file type", "chi2", "contained", "us entropy", "ascii text", "rtmanifest", "rticon", "neutral", "sha256", "type rticon", "vhash", "imphash", "ssdeep", "win32 exe", "magic pe32", "ms windows", "intel", "trid generic", "cil executable", "mono" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [ "United States of America" ], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": "64de492643ea275c2b0e2eb9", "export_count": 14, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "scoreblue", "id": "254100", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_254100/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 284, "URL": 37584, "domain": 58771, "email": 23, "hostname": 4995, "FileHash-SHA256": 3633, "FileHash-SHA1": 57, "CIDR": 14, "CVE": 4 }, "indicator_count": 105365, "is_author": false, "is_subscribing": null, "subscriber_count": 233, "modified_text": "978 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "64de492643ea275c2b0e2eb9", "name": "Data Center", "description": "Tags:\ncve-2014-3931\nwise\ncve-2007-0943\ncve-2017-11882\nbobsoft\nbase64-embedded\ncve-2004-0566\ncve-2005-0233\ncontains-embedded-js\ncontains-elf\ncve-1999-0016\ncve-2017-1188\nattachment\ncve-2018-0802\nthemida\ncontains-pe\ncve-2018-0798\nupx\ncve-2016-0101", "modified": "2023-09-16T17:02:31.206000", "created": "2023-08-17T16:21:58.779000", "tags": [ "united", "as13335", "unknown", "search", "aaaa", "link", "accept encoding", "entries", "creation date", "record value", "date", "body", "cookie", "domain related", "showing", "maxage0", "colocation data", "maxage2592000", "acceptencoding", "centers", "powered shells", "sabey", "submission", "buildtosuit", "details links", "community", "join", "vt community", "api key", "virtual address", "virtual size", "raw size", "entropy", "sections", "functionality", "file type", "chi2", "contained", "us entropy", "ascii text", "rtmanifest", "rticon", "neutral", "sha256", "type rticon", "vhash", "imphash", "ssdeep", "win32 exe", "magic pe32", "ms windows", "intel", "trid generic", "cil executable", "mono" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [ "United States of America" ], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 21, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 284, "URL": 37584, "domain": 58771, "email": 23, "hostname": 4995, "FileHash-SHA256": 3633, "FileHash-SHA1": 57, "CIDR": 14, "CVE": 4 }, "indicator_count": 105365, "is_author": false, "is_subscribing": null, "subscriber_count": 225, "modified_text": "988 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "64d65ac898c5ffa516ddda22", "name": "Ladys.one", "description": "Reputation Mismanagement Campaigners\nAdult content\nAll other reports missing.\nI believe accounts under MITRE ATT&CK\nDuplicates processed and shared. Nonsensical prewritten analysis appears in ' DESCRIPTION' upon submit.", "modified": "2023-09-10T17:05:20.083000", "created": "2023-08-11T15:59:04.207000", "tags": [ "united", "as14061", "passive dns", "scan endpoints", "all search", "otx octoseek", "ipv4", "pulse submit", "url analysis", "urls", "unknown" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 17, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 636, "domain": 149, "hostname": 213, "FileHash-MD5": 32, "FileHash-SHA1": 26, "FileHash-SHA256": 146, "email": 2 }, "indicator_count": 1204, "is_author": false, "is_subscribing": null, "subscriber_count": 220, "modified_text": "994 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://cuisinecomptoiretcompagnie.fr", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://cuisinecomptoiretcompagnie.fr", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780284923.546398 }