{
  "type": "URL",
  "indicator": "https://gagnob.com",
  "general": {
    "sections": [
      "general",
      "url_list",
      "http_scans",
      "screenshot"
    ],
    "indicator": "https://gagnob.com",
    "type": "url",
    "type_title": "URL",
    "validation": [],
    "base_indicator": {
      "id": 3679087538,
      "indicator": "https://gagnob.com",
      "type": "URL",
      "title": "",
      "description": "",
      "content": "",
      "access_type": "public",
      "access_reason": ""
    },
    "pulse_info": {
      "count": 1,
      "pulses": [
        {
          "id": "645ca30c064f9724bb4abfe5",
          "name": "gagnob.com/cl/73c395f8c4c84f9c?p1&p2&source&site",
          "description": "",
          "modified": "2023-05-11T08:12:19.681000",
          "created": "2023-05-11T08:10:52.632000",
          "tags": [
            "null",
            "integer not",
            "varchar",
            "drmedgeua",
            "integer default",
            "roboto",
            "facebook",
            "meta",
            "blink",
            "win64",
            "android",
            "trident",
            "suspicious",
            "sonic",
            "mini",
            "infinity",
            "4629",
            "temp",
            "localappdata",
            "ascii text",
            "json data",
            "unicode text",
            "fat filesystem",
            "msdos os2",
            "html document",
            "sqlite version",
            "sqlite rollback",
            "binary file",
            "British Tel",
            "Yahoo",
            "Weird Redirects",
            "RU's"
          ],
          "references": [
            "Exploit/Shellcode Contains escaped byte string (often part of obfuscated shellcode) details \"</script><div><div><div class=\"gb_rd\">Google apps</div></div></div></div><textarea class=\"csi\" name=\"csi\" style=\"display:none\"></textarea><script nonce=\"cuR7J9KsqfEGfvAZwFpeyQ\">(function(){(function(){var d=Date.now(),a=google.c.sxs?\"load2\":\"load\";if(google.timers&&google.timers[a].t){for(var b=document.getElementsByTagName(\"img\"),e=0,c=void 0;c=b[e++];)google.c.setup(c,!1,-1);google.c.bofr=!1;google.c.e(a,\"imn\",Str",
            "Spyware/Information Retrieval Found strings related to file managers details \"\"fasttracktohealth.shop\",\" (Indicator: \"fasttrack\") \"\"thefasttrackgirl.com\",\" (Indicator: \"fasttrack\") source File/Memory",
            "https://www.hybrid-analysis.com/sample/b8835c5d504928af6fe9410fe767122093a621f9e38a8443ea8fc1487abd934e/645bd434d9887372e5041e0e"
          ],
          "public": 1,
          "adversary": "",
          "targeted_countries": [],
          "malware_families": [],
          "attack_ids": [
            {
              "id": "T1071",
              "name": "Application Layer Protocol",
              "display_name": "T1071 - Application Layer Protocol"
            },
            {
              "id": "T1083",
              "name": "File and Directory Discovery",
              "display_name": "T1083 - File and Directory Discovery"
            },
            {
              "id": "T1105",
              "name": "Ingress Tool Transfer",
              "display_name": "T1105 - Ingress Tool Transfer"
            },
            {
              "id": "T1140",
              "name": "Deobfuscate/Decode Files or Information",
              "display_name": "T1140 - Deobfuscate/Decode Files or Information"
            },
            {
              "id": "T1555",
              "name": "Credentials from Password Stores",
              "display_name": "T1555 - Credentials from Password Stores"
            }
          ],
          "industries": [],
          "TLP": "white",
          "cloned_from": null,
          "export_count": 6,
          "upvotes_count": 0,
          "downvotes_count": 0,
          "votes_count": 0,
          "locked": false,
          "pulse_source": "web",
          "validator_count": 0,
          "comment_count": 0,
          "follower_count": 0,
          "vote": 0,
          "author": {
            "username": "callmeDoris",
            "id": "205385",
            "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png",
            "is_subscribed": false,
            "is_following": false
          },
          "indicator_type_counts": {
            "FileHash-SHA256": 118,
            "domain": 4,
            "URL": 43,
            "hostname": 9,
            "FileHash-MD5": 83,
            "FileHash-SHA1": 66,
            "IPv4": 10
          },
          "indicator_count": 333,
          "is_author": false,
          "is_subscribing": null,
          "subscriber_count": 90,
          "modified_text": "1118 days ago ",
          "is_modified": false,
          "groups": [],
          "in_group": false,
          "threat_hunter_scannable": true,
          "threat_hunter_has_agents": 1,
          "related_indicator_type": "URL",
          "related_indicator_is_active": 1
        }
      ],
      "references": [
        "Exploit/Shellcode Contains escaped byte string (often part of obfuscated shellcode) details \"</script><div><div><div class=\"gb_rd\">Google apps</div></div></div></div><textarea class=\"csi\" name=\"csi\" style=\"display:none\"></textarea><script nonce=\"cuR7J9KsqfEGfvAZwFpeyQ\">(function(){(function(){var d=Date.now(),a=google.c.sxs?\"load2\":\"load\";if(google.timers&&google.timers[a].t){for(var b=document.getElementsByTagName(\"img\"),e=0,c=void 0;c=b[e++];)google.c.setup(c,!1,-1);google.c.bofr=!1;google.c.e(a,\"imn\",Str",
        "https://www.hybrid-analysis.com/sample/b8835c5d504928af6fe9410fe767122093a621f9e38a8443ea8fc1487abd934e/645bd434d9887372e5041e0e",
        "Spyware/Information Retrieval Found strings related to file managers details \"\"fasttracktohealth.shop\",\" (Indicator: \"fasttrack\") \"\"thefasttrackgirl.com\",\" (Indicator: \"fasttrack\") source File/Memory"
      ],
      "related": {
        "alienvault": {
          "adversary": [],
          "malware_families": [],
          "industries": [],
          "unique_indicators": 0
        },
        "other": {
          "adversary": [],
          "malware_families": [],
          "industries": [],
          "unique_indicators": 333
        }
      }
    },
    "false_positive": [],
    "alexa": "http://www.alexa.com/siteinfo/gagnob.com",
    "whois": "http://whois.domaintools.com/gagnob.com",
    "domain": "gagnob.com",
    "hostname": "Unavailable"
  },
  "geo": {},
  "geo_ipapicom": {},
  "pulse_count": 1,
  "pulses": [
    {
      "id": "645ca30c064f9724bb4abfe5",
      "name": "gagnob.com/cl/73c395f8c4c84f9c?p1&p2&source&site",
      "description": "",
      "modified": "2023-05-11T08:12:19.681000",
      "created": "2023-05-11T08:10:52.632000",
      "tags": [
        "null",
        "integer not",
        "varchar",
        "drmedgeua",
        "integer default",
        "roboto",
        "facebook",
        "meta",
        "blink",
        "win64",
        "android",
        "trident",
        "suspicious",
        "sonic",
        "mini",
        "infinity",
        "4629",
        "temp",
        "localappdata",
        "ascii text",
        "json data",
        "unicode text",
        "fat filesystem",
        "msdos os2",
        "html document",
        "sqlite version",
        "sqlite rollback",
        "binary file",
        "British Tel",
        "Yahoo",
        "Weird Redirects",
        "RU's"
      ],
      "references": [
        "Exploit/Shellcode Contains escaped byte string (often part of obfuscated shellcode) details \"</script><div><div><div class=\"gb_rd\">Google apps</div></div></div></div><textarea class=\"csi\" name=\"csi\" style=\"display:none\"></textarea><script nonce=\"cuR7J9KsqfEGfvAZwFpeyQ\">(function(){(function(){var d=Date.now(),a=google.c.sxs?\"load2\":\"load\";if(google.timers&&google.timers[a].t){for(var b=document.getElementsByTagName(\"img\"),e=0,c=void 0;c=b[e++];)google.c.setup(c,!1,-1);google.c.bofr=!1;google.c.e(a,\"imn\",Str",
        "Spyware/Information Retrieval Found strings related to file managers details \"\"fasttracktohealth.shop\",\" (Indicator: \"fasttrack\") \"\"thefasttrackgirl.com\",\" (Indicator: \"fasttrack\") source File/Memory",
        "https://www.hybrid-analysis.com/sample/b8835c5d504928af6fe9410fe767122093a621f9e38a8443ea8fc1487abd934e/645bd434d9887372e5041e0e"
      ],
      "public": 1,
      "adversary": "",
      "targeted_countries": [],
      "malware_families": [],
      "attack_ids": [
        {
          "id": "T1071",
          "name": "Application Layer Protocol",
          "display_name": "T1071 - Application Layer Protocol"
        },
        {
          "id": "T1083",
          "name": "File and Directory Discovery",
          "display_name": "T1083 - File and Directory Discovery"
        },
        {
          "id": "T1105",
          "name": "Ingress Tool Transfer",
          "display_name": "T1105 - Ingress Tool Transfer"
        },
        {
          "id": "T1140",
          "name": "Deobfuscate/Decode Files or Information",
          "display_name": "T1140 - Deobfuscate/Decode Files or Information"
        },
        {
          "id": "T1555",
          "name": "Credentials from Password Stores",
          "display_name": "T1555 - Credentials from Password Stores"
        }
      ],
      "industries": [],
      "TLP": "white",
      "cloned_from": null,
      "export_count": 6,
      "upvotes_count": 0,
      "downvotes_count": 0,
      "votes_count": 0,
      "locked": false,
      "pulse_source": "web",
      "validator_count": 0,
      "comment_count": 0,
      "follower_count": 0,
      "vote": 0,
      "author": {
        "username": "callmeDoris",
        "id": "205385",
        "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png",
        "is_subscribed": false,
        "is_following": false
      },
      "indicator_type_counts": {
        "FileHash-SHA256": 118,
        "domain": 4,
        "URL": 43,
        "hostname": 9,
        "FileHash-MD5": 83,
        "FileHash-SHA1": 66,
        "IPv4": 10
      },
      "indicator_count": 333,
      "is_author": false,
      "is_subscribing": null,
      "subscriber_count": 90,
      "modified_text": "1118 days ago ",
      "is_modified": false,
      "groups": [],
      "in_group": false,
      "threat_hunter_scannable": true,
      "threat_hunter_has_agents": 1,
      "related_indicator_type": "URL",
      "related_indicator_is_active": 1
    }
  ],
  "error": null,
  "vt": {
    "error": "VirusTotal rate limit reached. Try again shortly.",
    "indicator": "https://gagnob.com",
    "type": "URL"
  },
  "abuseipdb": null,
  "urlhaus": {
    "indicator": "https://gagnob.com",
    "type": "URL",
    "found": false,
    "verdict": "clean",
    "error": null
  },
  "from_cache": true,
  "_cached_at": 1780460654.6139858
}