{ "type": "URL", "indicator": "https://kompoz2.com/find/rotherham-pakistani/", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://kompoz2.com/find/rotherham-pakistani/", "type": "url", "type_title": "URL", "validation": [], "base_indicator": { "id": 3736390095, "indicator": "https://kompoz2.com/find/rotherham-pakistani/", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 22, "pulses": [ { "id": "69bea5d2987c3d14aeb2b0c9", "name": "Delete service Deleted over 1200 Brian Sabeys Porn Revenge Campaign \u2022 LevelBlue? Dopple AI | Poem Hunter: Poems ", "description": "", "modified": "2026-03-21T14:06:10.007000", "created": "2026-03-21T14:06:10.007000", "tags": [ "active related", "search filter", "time tsara", "x show", "cidr", "email", "learn more", "information", "t1027", "t1036", "t1057", "discovery", "t1059", "t1071", "title added", "poem", "the day", "wild eyesand", "unknown power", "shakespeare", "repeats", "ere man", "dowell oreilly", "read poem", "snit", "website", "loading", "rl https", "y0 nov", "vj96", "uyebaaeabaaaaac", "jid442122029", "active", "url http", "url https", "types", "indicators show", "type indicator", "added active", "tbmvid", "sourcelnms", "zx1724209326040", "read c", "module load", "showing", "delphi", "delete", "rgba", "unicode", "malware", "write", "win32", "execution", "next", "extraction", "data upload", "extre", "include data", "sc type", "url tot", "role title", "tsara brashears", "live sex", "porn video", "levelblue", "porn", "pornhub", "porn videos", "watch tsara", "most relevant", "q estimation", "green", "tsara", "online chat", "spicychat ai", "visa", "sex chat", "miss stella", "january", "philadelphia", "dopple ai", "b1 dec", "videos", "red porn", "free porn", "sunny leone", "hardcore porn", "jeffrey reimer", "puts", "love", "super", "download", "top tsara", "google search", "la iniciacin", "xxx hd", "bdsm scene", "nsfw experience", "ck ids", "open threat", "filepath https", "foundry", "palantir", "brian sabey", "yas", "tiny penis", "slander", "indicator role", "pulses url", "search" ], "references": [ "OTX must have an issue. A delete app seen before has deleted a majority of malicious IoCs. Im", "I don\u2019t appreciate OTX populated Malware suggestion \u2018SNIT\u2019 \u2018 Dopple AI\u2019 NOT malware", "OTX description for SNIT- I love to compose letters of resignation; now and then I send one in", "and leave in a lemon- hued Huff da Country or a Snit with four on the MALWARE fOORILIES", "OTX description for Dopple AI - There\u2019s someone for everyone out there in the BDSM scene, you can enjoy the", "free NSFW experience offered by Dopple AI.MALWARE", "Makes zero sense. Malicious. I don\u2019t get it. I have a Malware gift for you too!", "Y.A.S:1Byte/TinyRod SeeDescription @ Y.A.S. OFFICIAL MUSIC VIDEO" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Snit", "display_name": "Snit", "target": null }, { "id": "Dopple AI", "display_name": "Dopple AI", "target": null }, { "id": "Y.A.S:1Byte/TinyRod", "display_name": "Y.A.S:1Byte/TinyRod", "target": "/malware/Y.A.S:1Byte/TinyRod" } ], "attack_ids": [ { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" }, { "id": "T1036", "name": "Masquerading", "display_name": "T1036 - Masquerading" }, { "id": "T1045", "name": "Software Packing", "display_name": "T1045 - Software Packing" }, { "id": "T1057", "name": "Process Discovery", "display_name": "T1057 - Process Discovery" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1060", "name": "Registry Run Keys / Startup Folder", "display_name": "T1060 - Registry Run Keys / Startup Folder" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1083", "name": "File and Directory Discovery", "display_name": "T1083 - File and Directory Discovery" }, { "id": "T1105", "name": "Ingress Tool Transfer", "display_name": "T1105 - Ingress Tool Transfer" }, { "id": "T1106", "name": "Native API", "display_name": "T1106 - Native API" }, { "id": "T1129", "name": "Shared Modules", "display_name": "T1129 - Shared Modules" }, { "id": "T1140", "name": "Deobfuscate/Decode Files or Information", "display_name": "T1140 - Deobfuscate/Decode Files or Information" }, { "id": "T1449", "name": "Exploit SS7 to Redirect Phone Calls/SMS", "display_name": "T1449 - Exploit SS7 to Redirect Phone Calls/SMS" }, { "id": "T1546", "name": "Event Triggered Execution", "display_name": "T1546 - Event Triggered Execution" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1070", "name": "Indicator Removal on Host", "display_name": "T1070 - Indicator Removal on Host" }, { "id": "T1143", "name": "Hidden Window", "display_name": "T1143 - Hidden Window" }, { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" }, { "id": "T1125", "name": "Video Capture", "display_name": "T1125 - Video Capture" }, { "id": "T1495", "name": "Firmware Corruption", "display_name": "T1495 - Firmware Corruption" } ], "industries": [], "TLP": "green", "cloned_from": "691ead29f61101bfa3700998", "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Q.Vashti", "id": "337942", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 2497, "hostname": 742, "FileHash-SHA256": 523, "domain": 223, "FileHash-MD5": 85, "FileHash-SHA1": 56, "email": 4 }, "indicator_count": 4130, "is_author": false, "is_subscribing": null, "subscriber_count": 143, "modified_text": "72 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "691ead29f61101bfa3700998", "name": "Dopple AI | Poem Hunter: Poems - Poets - Poetry", "description": "Online terms that sexulize SA victim : Tsara brashears slander red porn videos ,\nHardcore porn, is pornography that features detailed depictions of sexual organs or sexual acts such as vaginal, anal or oral intercourse, fingering, brashears , Red Porn Videos , Tsara brashears slandered red porn\nyoujizz sex\n, Tsara brashears submission on august 27 via manual free , College fuck fest Super japanese hd compilation , \none kinky student fucks tsara brashears porn xxx porn , the best internet porn site\n, tsara brashears slandered, porn video uploaded to hardcore ,\nxxxxxxxxxx sex videos\nsearch , xxxxxxxxxx hd porn. tsara brashears\u09ac\u09b2\u09a6\u09b6\u09b0 \u09a8\u09a4\u09a8 \u09ad\u09acfrench retro gangbang in the hotel room, You will Tsara brashears porn ,\nChunky babe loves to be on top Hot Milf , xxx Movies, updates hourly.\n tsara brashears slandered,\nfrench retro gangbang in the hotel room , free porn videos. You will Tsara brashears porn jeffrey reimer puts his love on top tsara brashears brother", "modified": "2025-12-20T03:00:41.407000", "created": "2025-11-20T05:54:49.968000", "tags": [ "active related", "search filter", "time tsara", "x show", "cidr", "email", "learn more", "information", "t1027", "t1036", "t1057", "discovery", "t1059", "t1071", "title added", "poem", "the day", "wild eyesand", "unknown power", "shakespeare", "repeats", "ere man", "dowell oreilly", "read poem", "snit", "website", "loading", "rl https", "y0 nov", "vj96", "uyebaaeabaaaaac", "jid442122029", "active", "url http", "url https", "types", "indicators show", "type indicator", "added active", "tbmvid", "sourcelnms", "zx1724209326040", "read c", "module load", "showing", "delphi", "delete", "rgba", "unicode", "malware", "write", "win32", "execution", "next", "extraction", "data upload", "extre", "include data", "sc type", "url tot", "role title", "tsara brashears", "live sex", "porn video", "levelblue", "porn", "pornhub", "porn videos", "watch tsara", "most relevant", "q estimation", "green", "tsara", "online chat", "spicychat ai", "visa", "sex chat", "miss stella", "january", "philadelphia", "dopple ai", "b1 dec", "videos", "red porn", "free porn", "sunny leone", "hardcore porn", "jeffrey reimer", "puts", "love", "super", "download", "top tsara", "google search", "la iniciacin", "xxx hd", "bdsm scene", "nsfw experience", "ck ids", "open threat", "filepath https", "foundry", "palantir", "brian sabey", "yas", "tiny penis", "slander", "indicator role", "pulses url", "search" ], "references": [ "OTX must have an issue. A delete app seen before has deleted a majority of malicious IoCs. Im", "I don\u2019t appreciate OTX populated Malware suggestion \u2018SNIT\u2019 \u2018 Dopple AI\u2019 NOT malware", "OTX description for SNIT- I love to compose letters of resignation; now and then I send one in", "and leave in a lemon- hued Huff da Country or a Snit with four on the MALWARE fOORILIES", "OTX description for Dopple AI - There\u2019s someone for everyone out there in the BDSM scene, you can enjoy the", "free NSFW experience offered by Dopple AI.MALWARE", "Makes zero sense. Malicious. I don\u2019t get it. I have a Malware gift for you too!", "Y.A.S:1Byte/TinyRod SeeDescription @ Y.A.S. OFFICIAL MUSIC VIDEO" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Snit", "display_name": "Snit", "target": null }, { "id": "Dopple AI", "display_name": "Dopple AI", "target": null }, { "id": "Y.A.S:1Byte/TinyRod", "display_name": "Y.A.S:1Byte/TinyRod", "target": "/malware/Y.A.S:1Byte/TinyRod" } ], "attack_ids": [ { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" }, { "id": "T1036", "name": "Masquerading", "display_name": "T1036 - Masquerading" }, { "id": "T1045", "name": "Software Packing", "display_name": "T1045 - Software Packing" }, { "id": "T1057", "name": "Process Discovery", "display_name": "T1057 - Process Discovery" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1060", "name": "Registry Run Keys / Startup Folder", "display_name": "T1060 - Registry Run Keys / Startup Folder" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1083", "name": "File and Directory Discovery", "display_name": "T1083 - File and Directory Discovery" }, { "id": "T1105", "name": "Ingress Tool Transfer", "display_name": "T1105 - Ingress Tool Transfer" }, { "id": "T1106", "name": "Native API", "display_name": "T1106 - Native API" }, { "id": "T1129", "name": "Shared Modules", "display_name": "T1129 - Shared Modules" }, { "id": "T1140", "name": "Deobfuscate/Decode Files or Information", "display_name": "T1140 - Deobfuscate/Decode Files or Information" }, { "id": "T1449", "name": "Exploit SS7 to Redirect Phone Calls/SMS", "display_name": "T1449 - Exploit SS7 to Redirect Phone Calls/SMS" }, { "id": "T1546", "name": "Event Triggered Execution", "display_name": "T1546 - Event Triggered Execution" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1070", "name": "Indicator Removal on Host", "display_name": "T1070 - Indicator Removal on Host" }, { "id": "T1143", "name": "Hidden Window", "display_name": "T1143 - Hidden Window" }, { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" }, { "id": "T1125", "name": "Video Capture", "display_name": "T1125 - Video Capture" }, { "id": "T1495", "name": "Firmware Corruption", "display_name": "T1495 - Firmware Corruption" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Q.Vashti", "id": "337942", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 2497, "hostname": 742, "FileHash-SHA256": 523, "domain": 223, "FileHash-MD5": 85, "FileHash-SHA1": 56, "email": 4 }, "indicator_count": 4130, "is_author": false, "is_subscribing": null, "subscriber_count": 143, "modified_text": "164 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "66b8fe985a7460e0ee01be8a", "name": "r3.o.lencr.org", "description": "", "modified": "2024-08-11T18:14:13.378000", "created": "2024-08-11T18:10:32.276000", "tags": [ "as20940", "united", "trojan", "search", "passive dns", "urls", "entries", "dashboard", "browse scan", "endpoints all", "date", "a domains", "aaaa", "record value", "scan endpoints", "all search", "otx octoseek", "domain related", "showing" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1003", "name": "OS Credential Dumping", "display_name": "T1003 - OS Credential Dumping" }, { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" } ], "industries": [], "TLP": "green", "cloned_from": "64dc045f5344129c48c41826", "export_count": 9, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "scoreblue", "id": "254100", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_254100/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 664, "email": 13, "hostname": 1352, "FileHash-SHA256": 2550, "URL": 5422, "FileHash-MD5": 761, "FileHash-SHA1": 615 }, "indicator_count": 11377, "is_author": false, "is_subscribing": null, "subscriber_count": 227, "modified_text": "659 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a4bc7487548e66d6f004", "name": "Virus:DOS/Goma", "description": "", "modified": "2023-12-06T16:43:40.375000", "created": "2023-12-06T16:43:40.375000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 111, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a4b4259cafcf79907b2f", "name": "APPLE ALERT: nr-data.net - Private Apple and iOS Data Collection and Distribution", "description": "", "modified": "2023-12-06T16:43:32.408000", "created": "2023-12-06T16:43:32.408000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 111, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a4ac54885a7e866cedca", "name": "Elevated Exposure", "description": "", "modified": "2023-12-06T16:43:24.027000", "created": "2023-12-06T16:43:24.027000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 110, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a4a3ac21d7733c8e1040", "name": "Malvertising", "description": "", "modified": "2023-12-06T16:43:15.632000", "created": "2023-12-06T16:43:15.632000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 111, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a49b0b6595444a3fdd9a", "name": "passkey.tracker.net", "description": "", "modified": "2023-12-06T16:43:07.031000", "created": "2023-12-06T16:43:07.031000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 9, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 110, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a49207f81d6791c30194", "name": "Cyber Espionage w/B(.) Link / Infringement (Tracking)", "description": "", "modified": "2023-12-06T16:42:58.146000", "created": "2023-12-06T16:42:58.146000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 111, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a4876f8d1d174f717e7b", "name": "Cyber Espionage w/B(.) Link / Infringement (Tracking)", "description": "", "modified": "2023-12-06T16:42:47.591000", "created": "2023-12-06T16:42:47.591000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 110, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a47e33876ed78e19e1da", "name": "Cyber Espionage w/B(.) Link / Infringement (Tracking)", "description": "", "modified": "2023-12-06T16:42:38.479000", "created": "2023-12-06T16:42:38.479000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 110, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "65709f38353a6151ed506123", "name": "tsara brashears porn Google search", "description": "", "modified": "2023-12-06T16:20:08.474000", "created": "2023-12-06T16:20:08.474000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 6, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 16, "URL": 152, "FileHash-SHA256": 100, "FileHash-MD5": 58, "FileHash-SHA1": 40, "domain": 20 }, "indicator_count": 386, "is_author": false, "is_subscribing": null, "subscriber_count": 110, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "650361b276a56506778d9231", "name": "Virus:DOS/Goma", "description": "", "modified": "2023-10-14T17:02:29.483000", "created": "2023-09-14T19:40:34.562000", "tags": [ "resolutions", "referrer", "elevated exposure", "malformed links", "fraud", "abuse", "united", "cyber threat", "phishing", "blockchain", "covid19", "coalition", "engineering", "facebook", "police agency", "japan", "download", "blacklist", "site", "cisco umbrella", "assassin's pride chapter 12 scans", "chapter", "pride chapter", "assassin", "read", "viewed today", "promise", "apotheosis", "rampage", "magister", "goma", "conan", "magician", "click", "Suricata Alert", "Malvertising", "ssl certificate", "contacted", "execution", "whois record", "pfqlnhi4ex http", "pe resource", "investigation", "team", "metro", "malicious", "social engineering", "cyber crime Alina", "tracker(.)net", "spyware", "monitoring", "tracking", "MITRE ATT&CKS", "malware", "http://www.evantrah.com/b0ar/ (phishing)", "https(:)//b(.)link / infringement (tracking)", "37.235.49.205 (scan host)", "scan hosts", "passkey", "APPLE ALERT: nr-data.net - Private Apple and iOS Data Collection", "nr-data.net", "iOS Unlocker", "iOS Data Collection", "Private Data", "distribution", "hacking" ], "references": [ "https://hifiporn.pw/xxx/1/white-dpt-jeffrey-reimer-loves-pretty-indian-patient-forces-sex-3gp-video-tsara-brashears/she-loves-how-i-pound-her-pussy", "http://mangahasu.se/assassins-pride/chapter-12-a-promise-c629157.html?__cf_chl_jschl_tk__=7b4aeee234e6fcb906189a0ee99bff391aedad3f-1591653736-0-ATuxnw3UaJxen2hXCyv", "Data Analysis", "Pattern Behavior Research" ], "public": 1, "adversary": "", "targeted_countries": [ "United States of America", "Japan", "Canada", "Germany" ], "malware_families": [ { "id": "Alina POS", "display_name": "Alina POS", "target": null }, { "id": "Virus:DOS/Goma", "display_name": "Virus:DOS/Goma", "target": "/malware/Virus:DOS/Goma" }, { "id": "DEcovid19", "display_name": "DEcovid19", "target": null }, { "id": "Assassin", "display_name": "Assassin", "target": null }, { "id": "Virus:Win32/Magistr", "display_name": "Virus:Win32/Magistr", "target": "/malware/Virus:Win32/Magistr" }, { "id": "Darktrack RAT", "display_name": "Darktrack RAT", "target": null }, { "id": "B.link/infringement (tracking)", "display_name": "B.link/infringement (tracking)", "target": null }, { "id": "Malware", "display_name": "Malware", "target": null }, { "id": "Trojan.Agent", "display_name": "Trojan.Agent", "target": null }, { "id": "TrojanDownloader:JS/MalSpam", "display_name": "TrojanDownloader:JS/MalSpam", "target": "/malware/TrojanDownloader:JS/MalSpam" } ], "attack_ids": [ { "id": "T1179", "name": "Hooking", "display_name": "T1179 - Hooking" }, { "id": "T1035", "name": "Service Execution", "display_name": "T1035 - Service Execution" }, { "id": "T1132", "name": "Data Encoding", "display_name": "T1132 - Data Encoding" }, { "id": "T1043", "name": "Commonly Used Port", "display_name": "T1043 - Commonly Used Port" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1071.002", "name": "File Transfer Protocols", "display_name": "T1071.002 - File Transfer Protocols" }, { "id": "TA0011", "name": "Command and Control", "display_name": "TA0011 - Command and Control" }, { "id": "TA0009", "name": "Collection", "display_name": "TA0009 - Collection" }, { "id": "T1449", "name": "Exploit SS7 to Redirect Phone Calls/SMS", "display_name": "T1449 - Exploit SS7 to Redirect Phone Calls/SMS" } ], "industries": [], "TLP": "white", "cloned_from": "6503618b59e32805d0bbead7", "export_count": 15, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 2, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 2931, "domain": 1095, "hostname": 1798, "URL": 5593, "FileHash-MD5": 23, "FileHash-SHA1": 17, "CVE": 1 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 223, "modified_text": "961 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6503618b59e32805d0bbead7", "name": "APPLE ALERT: nr-data.net - Private Apple and iOS Data Collection and Distribution ", "description": "", "modified": "2023-10-14T17:02:29.483000", "created": "2023-09-14T19:39:55.364000", "tags": [ "resolutions", "referrer", "elevated exposure", "malformed links", "fraud", "abuse", "united", "cyber threat", "phishing", "blockchain", "covid19", "coalition", "engineering", "facebook", "police agency", "japan", "download", "blacklist", "site", "cisco umbrella", "assassin's pride chapter 12 scans", "chapter", "pride chapter", "assassin", "read", "viewed today", "promise", "apotheosis", "rampage", "magister", "goma", "conan", "magician", "click", "Suricata Alert", "Malvertising", "ssl certificate", "contacted", "execution", "whois record", "pfqlnhi4ex http", "pe resource", "investigation", "team", "metro", "malicious", "social engineering", "cyber crime Alina", "tracker(.)net", "spyware", "monitoring", "tracking", "MITRE ATT&CKS", "malware", "http://www.evantrah.com/b0ar/ (phishing)", "https(:)//b(.)link / infringement (tracking)", "37.235.49.205 (scan host)", "scan hosts", "passkey", "APPLE ALERT: nr-data.net - Private Apple and iOS Data Collection", "nr-data.net", "iOS Unlocker", "iOS Data Collection", "Private Data", "distribution", "hacking" ], "references": [ "https://hifiporn.pw/xxx/1/white-dpt-jeffrey-reimer-loves-pretty-indian-patient-forces-sex-3gp-video-tsara-brashears/she-loves-how-i-pound-her-pussy", "http://mangahasu.se/assassins-pride/chapter-12-a-promise-c629157.html?__cf_chl_jschl_tk__=7b4aeee234e6fcb906189a0ee99bff391aedad3f-1591653736-0-ATuxnw3UaJxen2hXCyv", "Data Analysis", "Pattern Behavior Research" ], "public": 1, "adversary": "", "targeted_countries": [ "United States of America", "Japan", "Canada", "Germany" ], "malware_families": [ { "id": "Alina POS", "display_name": "Alina POS", "target": null }, { "id": "Virus:DOS/Goma", "display_name": "Virus:DOS/Goma", "target": "/malware/Virus:DOS/Goma" }, { "id": "DEcovid19", "display_name": "DEcovid19", "target": null }, { "id": "Assassin", "display_name": "Assassin", "target": null }, { "id": "Virus:Win32/Magistr", "display_name": "Virus:Win32/Magistr", "target": "/malware/Virus:Win32/Magistr" }, { "id": "Darktrack RAT", "display_name": "Darktrack RAT", "target": null }, { "id": "B.link/infringement (tracking)", "display_name": "B.link/infringement (tracking)", "target": null }, { "id": "Malware", "display_name": "Malware", "target": null }, { "id": "Trojan.Agent", "display_name": "Trojan.Agent", "target": null }, { "id": "TrojanDownloader:JS/MalSpam", "display_name": "TrojanDownloader:JS/MalSpam", "target": "/malware/TrojanDownloader:JS/MalSpam" } ], "attack_ids": [ { "id": "T1179", "name": "Hooking", "display_name": "T1179 - Hooking" }, { "id": "T1035", "name": "Service Execution", "display_name": "T1035 - Service Execution" }, { "id": "T1132", "name": "Data Encoding", "display_name": "T1132 - Data Encoding" }, { "id": "T1043", "name": "Commonly Used Port", "display_name": "T1043 - Commonly Used Port" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1071.002", "name": "File Transfer Protocols", "display_name": "T1071.002 - File Transfer Protocols" }, { "id": "TA0011", "name": "Command and Control", "display_name": "TA0011 - Command and Control" }, { "id": "TA0009", "name": "Collection", "display_name": "TA0009 - Collection" }, { "id": "T1449", "name": "Exploit SS7 to Redirect Phone Calls/SMS", "display_name": "T1449 - Exploit SS7 to Redirect Phone Calls/SMS" } ], "industries": [], "TLP": "white", "cloned_from": "6503612851bdda6828f488da", "export_count": 14, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 2931, "domain": 1095, "hostname": 1798, "URL": 5593, "FileHash-MD5": 23, "FileHash-SHA1": 17, "CVE": 1 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 222, "modified_text": "961 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6503612851bdda6828f488da", "name": "Elevated Exposure ", "description": "", "modified": "2023-10-14T17:02:29.483000", "created": "2023-09-14T19:38:16.617000", "tags": [ "resolutions", "referrer", "elevated exposure", "malformed links", "fraud", "abuse", "united", "cyber threat", "phishing", "blockchain", "covid19", "coalition", "engineering", "facebook", "police agency", "japan", "download", "blacklist", "site", "cisco umbrella", "assassin's pride chapter 12 scans", "chapter", "pride chapter", "assassin", "read", "viewed today", "promise", "apotheosis", "rampage", "magister", "goma", "conan", "magician", "click", "Suricata Alert", "Malvertising", "ssl certificate", "contacted", "execution", "whois record", "pfqlnhi4ex http", "pe resource", "investigation", "team", "metro", "malicious", "social engineering", "cyber crime Alina", "tracker(.)net", "spyware", "monitoring", "tracking", "MITRE ATT&CKS", "malware", "http://www.evantrah.com/b0ar/ (phishing)", "https(:)//b(.)link / infringement (tracking)", "37.235.49.205 (scan host)", "scan hosts", "passkey", "APPLE ALERT: nr-data.net - Private Apple and iOS Data Collection", "nr-data.net", "iOS Unlocker", "iOS Data Collection", "Private Data", "distribution", "hacking" ], "references": [ "https://hifiporn.pw/xxx/1/white-dpt-jeffrey-reimer-loves-pretty-indian-patient-forces-sex-3gp-video-tsara-brashears/she-loves-how-i-pound-her-pussy", "http://mangahasu.se/assassins-pride/chapter-12-a-promise-c629157.html?__cf_chl_jschl_tk__=7b4aeee234e6fcb906189a0ee99bff391aedad3f-1591653736-0-ATuxnw3UaJxen2hXCyv", "Data Analysis", "Pattern Behavior Research" ], "public": 1, "adversary": "", "targeted_countries": [ "United States of America", "Japan", "Canada", "Germany" ], "malware_families": [ { "id": "Alina POS", "display_name": "Alina POS", "target": null }, { "id": "Virus:DOS/Goma", "display_name": "Virus:DOS/Goma", "target": "/malware/Virus:DOS/Goma" }, { "id": "DEcovid19", "display_name": "DEcovid19", "target": null }, { "id": "Assassin", "display_name": "Assassin", "target": null }, { "id": "Virus:Win32/Magistr", "display_name": "Virus:Win32/Magistr", "target": "/malware/Virus:Win32/Magistr" }, { "id": "Darktrack RAT", "display_name": "Darktrack RAT", "target": null }, { "id": "B.link/infringement (tracking)", "display_name": "B.link/infringement (tracking)", "target": null }, { "id": "Malware", "display_name": "Malware", "target": null }, { "id": "Trojan.Agent", "display_name": "Trojan.Agent", "target": null }, { "id": "TrojanDownloader:JS/MalSpam", "display_name": "TrojanDownloader:JS/MalSpam", "target": "/malware/TrojanDownloader:JS/MalSpam" } ], "attack_ids": [ { "id": "T1179", "name": "Hooking", "display_name": "T1179 - Hooking" }, { "id": "T1035", "name": "Service Execution", "display_name": "T1035 - Service Execution" }, { "id": "T1132", "name": "Data Encoding", "display_name": "T1132 - Data Encoding" }, { "id": "T1043", "name": "Commonly Used Port", "display_name": "T1043 - Commonly Used Port" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1071.002", "name": "File Transfer Protocols", "display_name": "T1071.002 - File Transfer Protocols" }, { "id": "TA0011", "name": "Command and Control", "display_name": "TA0011 - Command and Control" }, { "id": "TA0009", "name": "Collection", "display_name": "TA0009 - Collection" }, { "id": "T1449", "name": "Exploit SS7 to Redirect Phone Calls/SMS", "display_name": "T1449 - Exploit SS7 to Redirect Phone Calls/SMS" } ], "industries": [], "TLP": "white", "cloned_from": "6503610f5f100cd8acad748e", "export_count": 14, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 2931, "domain": 1095, "hostname": 1798, "URL": 5593, "FileHash-MD5": 23, "FileHash-SHA1": 17, "CVE": 1 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 221, "modified_text": "961 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6503610f5f100cd8acad748e", "name": "Malvertising", "description": "", "modified": "2023-10-14T17:02:29.483000", "created": "2023-09-14T19:37:51.730000", "tags": [ "resolutions", "referrer", "elevated exposure", "malformed links", "fraud", "abuse", "united", "cyber threat", "phishing", "blockchain", "covid19", "coalition", "engineering", "facebook", "police agency", "japan", "download", "blacklist", "site", "cisco umbrella", "assassin's pride chapter 12 scans", "chapter", "pride chapter", "assassin", "read", "viewed today", "promise", "apotheosis", "rampage", "magister", "goma", "conan", "magician", "click", "Suricata Alert", "Malvertising", "ssl certificate", "contacted", "execution", "whois record", "pfqlnhi4ex http", "pe resource", "investigation", "team", "metro", "malicious", "social engineering", "cyber crime Alina", "tracker(.)net", "spyware", "monitoring", "tracking", "MITRE ATT&CKS", "malware", "http://www.evantrah.com/b0ar/ (phishing)", "https(:)//b(.)link / infringement (tracking)", "37.235.49.205 (scan host)", "scan hosts", "passkey", "APPLE ALERT: nr-data.net - Private Apple and iOS Data Collection", "nr-data.net", "iOS Unlocker", "iOS Data Collection", "Private Data", "distribution", "hacking" ], "references": [ "https://hifiporn.pw/xxx/1/white-dpt-jeffrey-reimer-loves-pretty-indian-patient-forces-sex-3gp-video-tsara-brashears/she-loves-how-i-pound-her-pussy", "http://mangahasu.se/assassins-pride/chapter-12-a-promise-c629157.html?__cf_chl_jschl_tk__=7b4aeee234e6fcb906189a0ee99bff391aedad3f-1591653736-0-ATuxnw3UaJxen2hXCyv", "Data Analysis", "Pattern Behavior Research" ], "public": 1, "adversary": "", "targeted_countries": [ "United States of America", "Japan", "Canada", "Germany" ], "malware_families": [ { "id": "Alina POS", "display_name": "Alina POS", "target": null }, { "id": "Virus:DOS/Goma", "display_name": "Virus:DOS/Goma", "target": "/malware/Virus:DOS/Goma" }, { "id": "DEcovid19", "display_name": "DEcovid19", "target": null }, { "id": "Assassin", "display_name": "Assassin", "target": null }, { "id": "Virus:Win32/Magistr", "display_name": "Virus:Win32/Magistr", "target": "/malware/Virus:Win32/Magistr" }, { "id": "Darktrack RAT", "display_name": "Darktrack RAT", "target": null }, { "id": "B.link/infringement (tracking)", "display_name": "B.link/infringement (tracking)", "target": null }, { "id": "Malware", "display_name": "Malware", "target": null }, { "id": "Trojan.Agent", "display_name": "Trojan.Agent", "target": null }, { "id": "TrojanDownloader:JS/MalSpam", "display_name": "TrojanDownloader:JS/MalSpam", "target": "/malware/TrojanDownloader:JS/MalSpam" } ], "attack_ids": [ { "id": "T1179", "name": "Hooking", "display_name": "T1179 - Hooking" }, { "id": "T1035", "name": "Service Execution", "display_name": "T1035 - Service Execution" }, { "id": "T1132", "name": "Data Encoding", "display_name": "T1132 - Data Encoding" }, { "id": "T1043", "name": "Commonly Used Port", "display_name": "T1043 - Commonly Used Port" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1071.002", "name": "File Transfer Protocols", "display_name": "T1071.002 - File Transfer Protocols" }, { "id": "TA0011", "name": "Command and Control", "display_name": "TA0011 - Command and Control" }, { "id": "TA0009", "name": "Collection", "display_name": "TA0009 - Collection" }, { "id": "T1449", "name": "Exploit SS7 to Redirect Phone Calls/SMS", "display_name": "T1449 - Exploit SS7 to Redirect Phone Calls/SMS" } ], "industries": [], "TLP": "white", "cloned_from": "65036040d3847fa5df0b8496", "export_count": 14, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 2931, "domain": 1095, "hostname": 1798, "URL": 5593, "FileHash-MD5": 23, "FileHash-SHA1": 17, "CVE": 1 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 224, "modified_text": "961 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "65036040d3847fa5df0b8496", "name": "passkey.tracker.net", "description": "", "modified": "2023-10-14T17:02:29.483000", "created": "2023-09-14T19:34:24.232000", "tags": [ "resolutions", "referrer", "elevated exposure", "malformed links", "fraud", "abuse", "united", "cyber threat", "phishing", "blockchain", "covid19", "coalition", "engineering", "facebook", "police agency", "japan", "download", "blacklist", "site", "cisco umbrella", "assassin's pride chapter 12 scans", "chapter", "pride chapter", "assassin", "read", "viewed today", "promise", "apotheosis", "rampage", "magister", "goma", "conan", "magician", "click", "Suricata Alert", "Malvertising", "ssl certificate", "contacted", "execution", "whois record", "pfqlnhi4ex http", "pe resource", "investigation", "team", "metro", "malicious", "social engineering", "cyber crime Alina", "tracker(.)net", "spyware", "monitoring", "tracking", "MITRE ATT&CKS", "malware", "http://www.evantrah.com/b0ar/ (phishing)", "https(:)//b(.)link / infringement (tracking)", "37.235.49.205 (scan host)", "scan hosts", "passkey", "APPLE ALERT: nr-data.net - Private Apple and iOS Data Collection", "nr-data.net", "iOS Unlocker", "iOS Data Collection", "Private Data", "distribution", "hacking" ], "references": [ "https://hifiporn.pw/xxx/1/white-dpt-jeffrey-reimer-loves-pretty-indian-patient-forces-sex-3gp-video-tsara-brashears/she-loves-how-i-pound-her-pussy", "http://mangahasu.se/assassins-pride/chapter-12-a-promise-c629157.html?__cf_chl_jschl_tk__=7b4aeee234e6fcb906189a0ee99bff391aedad3f-1591653736-0-ATuxnw3UaJxen2hXCyv", "Data Analysis", "Pattern Behavior Research" ], "public": 1, "adversary": "", "targeted_countries": [ "United States of America", "Japan", "Canada", "Germany" ], "malware_families": [ { "id": "Alina POS", "display_name": "Alina POS", "target": null }, { "id": "Virus:DOS/Goma", "display_name": "Virus:DOS/Goma", "target": "/malware/Virus:DOS/Goma" }, { "id": "DEcovid19", "display_name": "DEcovid19", "target": null }, { "id": "Assassin", "display_name": "Assassin", "target": null }, { "id": "Virus:Win32/Magistr", "display_name": "Virus:Win32/Magistr", "target": "/malware/Virus:Win32/Magistr" }, { "id": "Darktrack RAT", "display_name": "Darktrack RAT", "target": null }, { "id": "B.link/infringement (tracking)", "display_name": "B.link/infringement (tracking)", "target": null }, { "id": "Malware", "display_name": "Malware", "target": null }, { "id": "Trojan.Agent", "display_name": "Trojan.Agent", "target": null }, { "id": "TrojanDownloader:JS/MalSpam", "display_name": "TrojanDownloader:JS/MalSpam", "target": "/malware/TrojanDownloader:JS/MalSpam" } ], "attack_ids": [ { "id": "T1179", "name": "Hooking", "display_name": "T1179 - Hooking" }, { "id": "T1035", "name": "Service Execution", "display_name": "T1035 - Service Execution" }, { "id": "T1132", "name": "Data Encoding", "display_name": "T1132 - Data Encoding" }, { "id": "T1043", "name": "Commonly Used Port", "display_name": "T1043 - Commonly Used Port" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1071.002", "name": "File Transfer Protocols", "display_name": "T1071.002 - File Transfer Protocols" }, { "id": "TA0011", "name": "Command and Control", "display_name": "TA0011 - Command and Control" }, { "id": "TA0009", "name": "Collection", "display_name": "TA0009 - Collection" }, { "id": "T1449", "name": "Exploit SS7 to Redirect Phone Calls/SMS", "display_name": "T1449 - Exploit SS7 to Redirect Phone Calls/SMS" } ], "industries": [], "TLP": "white", "cloned_from": "65035fea189a32c0498667d9", "export_count": 14, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 2931, "domain": 1095, "hostname": 1798, "URL": 5593, "FileHash-MD5": 23, "FileHash-SHA1": 17, "CVE": 1 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 222, "modified_text": "961 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "65035fee309320821ec82f95", "name": "Cyber Espionage w/B(.) Link / Infringement (Tracking)", "description": "Alert: nr-data.net private Apple) iOS Data Collection & Distribution. Automatically flags as an investigation. Tag 'police agency's auto generated. It's possible with Edward Snowden disclosures, it seems unlikely and completely unethical. Extremely graphic adult content with, beacons, tracking Malicious content poses a cyber threat to the general public , iOS privileges, mouse control, phishing, scanning, open registry, service execution, hooking, passkeys and more. \nAppears in a Japanese themed video game and paired targets. Male subject common name have a profession, many with same name. Female target is singular, occupation & professions. Verdict: cyber espionage threat targeting overtly tarnished female. Potential Spreading issues: False distribution by false distributers of targets, hacked, malware singed, intangible downloads. \nAdult content doesn't portray targets. Tagging. \n(New-Issued by Cloudflare \nshi(.)cloudflaressl(.)com)", "modified": "2023-10-14T17:02:29.483000", "created": "2023-09-14T19:33:02.262000", "tags": [ "resolutions", "referrer", "elevated exposure", "malformed links", "fraud", "abuse", "united", "cyber threat", "phishing", "blockchain", "covid19", "coalition", "engineering", "facebook", "police agency", "japan", "download", "blacklist", "site", "cisco umbrella", "assassin's pride chapter 12 scans", "chapter", "pride chapter", "assassin", "read", "viewed today", "promise", "apotheosis", "rampage", "magister", "goma", "conan", "magician", "click", "Suricata Alert", "Malvertising", "ssl certificate", "contacted", "execution", "whois record", "pfqlnhi4ex http", "pe resource", "investigation", "team", "metro", "malicious", "social engineering", "cyber crime Alina", "tracker(.)net", "spyware", "monitoring", "tracking", "MITRE ATT&CKS", "malware", "http://www.evantrah.com/b0ar/ (phishing)", "https(:)//b(.)link / infringement (tracking)", "37.235.49.205 (scan host)", "scan hosts", "passkey", "APPLE ALERT: nr-data.net - Private Apple and iOS Data Collection", "nr-data.net", "iOS Unlocker", "iOS Data Collection", "Private Data", "distribution", "hacking" ], "references": [ "https://hifiporn.pw/xxx/1/white-dpt-jeffrey-reimer-loves-pretty-indian-patient-forces-sex-3gp-video-tsara-brashears/she-loves-how-i-pound-her-pussy", "http://mangahasu.se/assassins-pride/chapter-12-a-promise-c629157.html?__cf_chl_jschl_tk__=7b4aeee234e6fcb906189a0ee99bff391aedad3f-1591653736-0-ATuxnw3UaJxen2hXCyv", "Data Analysis", "Pattern Behavior Research" ], "public": 1, "adversary": "", "targeted_countries": [ "United States of America", "Japan", "Canada", "Germany" ], "malware_families": [ { "id": "Alina POS", "display_name": "Alina POS", "target": null }, { "id": "Virus:DOS/Goma", "display_name": "Virus:DOS/Goma", "target": "/malware/Virus:DOS/Goma" }, { "id": "DEcovid19", "display_name": "DEcovid19", "target": null }, { "id": "Assassin", "display_name": "Assassin", "target": null }, { "id": "Virus:Win32/Magistr", "display_name": "Virus:Win32/Magistr", "target": "/malware/Virus:Win32/Magistr" }, { "id": "Darktrack RAT", "display_name": "Darktrack RAT", "target": null }, { "id": "B.link/infringement (tracking)", "display_name": "B.link/infringement (tracking)", "target": null }, { "id": "Malware", "display_name": "Malware", "target": null }, { "id": "Trojan.Agent", "display_name": "Trojan.Agent", "target": null }, { "id": "TrojanDownloader:JS/MalSpam", "display_name": "TrojanDownloader:JS/MalSpam", "target": "/malware/TrojanDownloader:JS/MalSpam" } ], "attack_ids": [ { "id": "T1179", "name": "Hooking", "display_name": "T1179 - Hooking" }, { "id": "T1035", "name": "Service Execution", "display_name": "T1035 - Service Execution" }, { "id": "T1132", "name": "Data Encoding", "display_name": "T1132 - Data Encoding" }, { "id": "T1043", "name": "Commonly Used Port", "display_name": "T1043 - Commonly Used Port" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1071.002", "name": "File Transfer Protocols", "display_name": "T1071.002 - File Transfer Protocols" }, { "id": "TA0011", "name": "Command and Control", "display_name": "TA0011 - Command and Control" }, { "id": "TA0009", "name": "Collection", "display_name": "TA0009 - Collection" }, { "id": "T1449", "name": "Exploit SS7 to Redirect Phone Calls/SMS", "display_name": "T1449 - Exploit SS7 to Redirect Phone Calls/SMS" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 13, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 2931, "domain": 1095, "hostname": 1798, "URL": 5593, "FileHash-MD5": 23, "FileHash-SHA1": 17, "CVE": 1 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 222, "modified_text": "961 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "65035fec3cd7bba66ebcef0b", "name": "Cyber Espionage w/B(.) Link / Infringement (Tracking)", "description": "Alert: nr-data.net private Apple) iOS Data Collection & Distribution. Automatically flags as an investigation. Tag 'police agency's auto generated. It's possible with Edward Snowden disclosures, it seems unlikely and completely unethical. Extremely graphic adult content with, beacons, tracking Malicious content poses a cyber threat to the general public , iOS privileges, mouse control, phishing, scanning, open registry, service execution, hooking, passkeys and more. \nAppears in a Japanese themed video game and paired targets. Male subject common name have a profession, many with same name. Female target is singular, occupation & professions. Verdict: cyber espionage threat targeting overtly tarnished female. Potential Spreading issues: False distribution by false distributers of targets, hacked, malware singed, intangible downloads. \nAdult content doesn't portray targets. Tagging. \n(New-Issued by Cloudflare \nshi(.)cloudflaressl(.)com)", "modified": "2023-10-14T17:02:29.483000", "created": "2023-09-14T19:33:00.802000", "tags": [ "resolutions", "referrer", "elevated exposure", "malformed links", "fraud", "abuse", "united", "cyber threat", "phishing", "blockchain", "covid19", "coalition", "engineering", "facebook", "police agency", "japan", "download", "blacklist", "site", "cisco umbrella", "assassin's pride chapter 12 scans", "chapter", "pride chapter", "assassin", "read", "viewed today", "promise", "apotheosis", "rampage", "magister", "goma", "conan", "magician", "click", "Suricata Alert", "Malvertising", "ssl certificate", "contacted", "execution", "whois record", "pfqlnhi4ex http", "pe resource", "investigation", "team", "metro", "malicious", "social engineering", "cyber crime Alina", "tracker(.)net", "spyware", "monitoring", "tracking", "MITRE ATT&CKS", "malware", "http://www.evantrah.com/b0ar/ (phishing)", "https(:)//b(.)link / infringement (tracking)", "37.235.49.205 (scan host)", "scan hosts", "passkey", "APPLE ALERT: nr-data.net - Private Apple and iOS Data Collection", "nr-data.net", "iOS Unlocker", "iOS Data Collection", "Private Data", "distribution", "hacking" ], "references": [ "https://hifiporn.pw/xxx/1/white-dpt-jeffrey-reimer-loves-pretty-indian-patient-forces-sex-3gp-video-tsara-brashears/she-loves-how-i-pound-her-pussy", "http://mangahasu.se/assassins-pride/chapter-12-a-promise-c629157.html?__cf_chl_jschl_tk__=7b4aeee234e6fcb906189a0ee99bff391aedad3f-1591653736-0-ATuxnw3UaJxen2hXCyv", "Data Analysis", "Pattern Behavior Research" ], "public": 1, "adversary": "", "targeted_countries": [ "United States of America", "Japan", "Canada", "Germany" ], "malware_families": [ { "id": "Alina POS", "display_name": "Alina POS", "target": null }, { "id": "Virus:DOS/Goma", "display_name": "Virus:DOS/Goma", "target": "/malware/Virus:DOS/Goma" }, { "id": "DEcovid19", "display_name": "DEcovid19", "target": null }, { "id": "Assassin", "display_name": "Assassin", "target": null }, { "id": "Virus:Win32/Magistr", "display_name": "Virus:Win32/Magistr", "target": "/malware/Virus:Win32/Magistr" }, { "id": "Darktrack RAT", "display_name": "Darktrack RAT", "target": null }, { "id": "B.link/infringement (tracking)", "display_name": "B.link/infringement (tracking)", "target": null }, { "id": "Malware", "display_name": "Malware", "target": null }, { "id": "Trojan.Agent", "display_name": "Trojan.Agent", "target": null }, { "id": "TrojanDownloader:JS/MalSpam", "display_name": "TrojanDownloader:JS/MalSpam", "target": "/malware/TrojanDownloader:JS/MalSpam" } ], "attack_ids": [ { "id": "T1179", "name": "Hooking", "display_name": "T1179 - Hooking" }, { "id": "T1035", "name": "Service Execution", "display_name": "T1035 - Service Execution" }, { "id": "T1132", "name": "Data Encoding", "display_name": "T1132 - Data Encoding" }, { "id": "T1043", "name": "Commonly Used Port", "display_name": "T1043 - Commonly Used Port" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1071.002", "name": "File Transfer Protocols", "display_name": "T1071.002 - File Transfer Protocols" }, { "id": "TA0011", "name": "Command and Control", "display_name": "TA0011 - Command and Control" }, { "id": "TA0009", "name": "Collection", "display_name": "TA0009 - Collection" }, { "id": "T1449", "name": "Exploit SS7 to Redirect Phone Calls/SMS", "display_name": "T1449 - Exploit SS7 to Redirect Phone Calls/SMS" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 13, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 2931, "domain": 1095, "hostname": 1798, "URL": 5593, "FileHash-MD5": 23, "FileHash-SHA1": 17, "CVE": 1 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 224, "modified_text": "961 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "65035fea189a32c0498667d9", "name": "Cyber Espionage w/B(.) Link / Infringement (Tracking)", "description": "Alert: nr-data.net private Apple) iOS Data Collection & Distribution. Automatically flags as an investigation. Tag 'police agency's auto generated. It's possible with Edward Snowden disclosures, it seems unlikely and completely unethical. Extremely graphic adult content with, beacons, tracking Malicious content poses a cyber threat to the general public , iOS privileges, mouse control, phishing, scanning, open registry, service execution, hooking, passkeys and more. \nAppears in a Japanese themed video game and paired targets. Male subject common name have a profession, many with same name. Female target is singular, occupation & professions. Verdict: cyber espionage threat targeting overtly tarnished female. Potential Spreading issues: False distribution by false distributers of targets, hacked, malware singed, intangible downloads. \nAdult content doesn't portray targets. Tagging. \n(New-Issued by Cloudflare \nshi(.)cloudflaressl(.)com)", "modified": "2023-10-14T17:02:29.483000", "created": "2023-09-14T19:32:58.552000", "tags": [ "resolutions", "referrer", "elevated exposure", "malformed links", "fraud", "abuse", "united", "cyber threat", "phishing", "blockchain", "covid19", "coalition", "engineering", "facebook", "police agency", "japan", "download", "blacklist", "site", "cisco umbrella", "assassin's pride chapter 12 scans", "chapter", "pride chapter", "assassin", "read", "viewed today", "promise", "apotheosis", "rampage", "magister", "goma", "conan", "magician", "click", "Suricata Alert", "Malvertising", "ssl certificate", "contacted", "execution", "whois record", "pfqlnhi4ex http", "pe resource", "investigation", "team", "metro", "malicious", "social engineering", "cyber crime Alina", "tracker(.)net", "spyware", "monitoring", "tracking", "MITRE ATT&CKS", "malware", "http://www.evantrah.com/b0ar/ (phishing)", "https(:)//b(.)link / infringement (tracking)", "37.235.49.205 (scan host)", "scan hosts", "passkey", "APPLE ALERT: nr-data.net - Private Apple and iOS Data Collection", "nr-data.net", "iOS Unlocker", "iOS Data Collection", "Private Data", "distribution", "hacking" ], "references": [ "https://hifiporn.pw/xxx/1/white-dpt-jeffrey-reimer-loves-pretty-indian-patient-forces-sex-3gp-video-tsara-brashears/she-loves-how-i-pound-her-pussy", "http://mangahasu.se/assassins-pride/chapter-12-a-promise-c629157.html?__cf_chl_jschl_tk__=7b4aeee234e6fcb906189a0ee99bff391aedad3f-1591653736-0-ATuxnw3UaJxen2hXCyv", "Data Analysis", "Pattern Behavior Research" ], "public": 1, "adversary": "", "targeted_countries": [ "United States of America", "Japan", "Canada", "Germany" ], "malware_families": [ { "id": "Alina POS", "display_name": "Alina POS", "target": null }, { "id": "Virus:DOS/Goma", "display_name": "Virus:DOS/Goma", "target": "/malware/Virus:DOS/Goma" }, { "id": "DEcovid19", "display_name": "DEcovid19", "target": null }, { "id": "Assassin", "display_name": "Assassin", "target": null }, { "id": "Virus:Win32/Magistr", "display_name": "Virus:Win32/Magistr", "target": "/malware/Virus:Win32/Magistr" }, { "id": "Darktrack RAT", "display_name": "Darktrack RAT", "target": null }, { "id": "B.link/infringement (tracking)", "display_name": "B.link/infringement (tracking)", "target": null }, { "id": "Malware", "display_name": "Malware", "target": null }, { "id": "Trojan.Agent", "display_name": "Trojan.Agent", "target": null }, { "id": "TrojanDownloader:JS/MalSpam", "display_name": "TrojanDownloader:JS/MalSpam", "target": "/malware/TrojanDownloader:JS/MalSpam" } ], "attack_ids": [ { "id": "T1179", "name": "Hooking", "display_name": "T1179 - Hooking" }, { "id": "T1035", "name": "Service Execution", "display_name": "T1035 - Service Execution" }, { "id": "T1132", "name": "Data Encoding", "display_name": "T1132 - Data Encoding" }, { "id": "T1043", "name": "Commonly Used Port", "display_name": "T1043 - Commonly Used Port" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1071.002", "name": "File Transfer Protocols", "display_name": "T1071.002 - File Transfer Protocols" }, { "id": "TA0011", "name": "Command and Control", "display_name": "TA0011 - Command and Control" }, { "id": "TA0009", "name": "Collection", "display_name": "TA0009 - Collection" }, { "id": "T1449", "name": "Exploit SS7 to Redirect Phone Calls/SMS", "display_name": "T1449 - Exploit SS7 to Redirect Phone Calls/SMS" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 13, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 2931, "domain": 1095, "hostname": 1798, "URL": 5593, "FileHash-MD5": 23, "FileHash-SHA1": 17, "CVE": 1 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 222, "modified_text": "961 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "64cdf2ea337c4c46dc1ff713", "name": "tsara brashears porn Google search", "description": "Malicious smear campaign.\nPrivate citizen tagged in malicious websites.\nNORAD Tracker\nTracking Radar Keyloggers SEO rollout\nInfoStealer Password stealer passcode bypass malware spreaders", "modified": "2023-10-02T00:00:29.692000", "created": "2023-08-05T06:57:46.150000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 6, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 390, "domain": 44, "hostname": 44, "FileHash-MD5": 68, "FileHash-SHA256": 150, "FileHash-SHA1": 50 }, "indicator_count": 746, "is_author": false, "is_subscribing": null, "subscriber_count": 221, "modified_text": "974 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "64dc045f5344129c48c41826", "name": "r3.o.lencr.org", "description": "Malware. R3.o.lencr.org is a browser-redirecting app aka browser hijacking, that attaches itself to main browser in devices. Ability to take control over some settings. Tracker. Scammers use Lencr.org/ LetsEncrypt in websites that have malicious content and activities. \nMalicious Activity:\nALF:Trojan:Win32/Cassini_f9070846!ibt\nALFPER:CERT:SoftwareBundler:Win32/InstallMonetizer\nTrojan:Win32/Dorv.A!rfn\nTrojan:Win32/Prepscram\nTrojan:Win32/Zbot.SIBG!MTB\nTrojanDownloader:Win32/Banload\nTrojanDownloader:Win32/Upatre.D\nTrojanDownloader:Win32/Upatre.J\nWin.Downloader.Mailru-9797354-1\nWin.Dropper.Agent-185636\nRiskware\nMalicious Adware spamming \n\n(Auto Generated Description: A complete list of malicious files has been published on the website of Cloudflare.com, the company that provides access to the service for users who use its services to access their email addresses.)", "modified": "2023-09-15T04:05:29.096000", "created": "2023-08-15T23:03:59.403000", "tags": [ "as20940", "united", "trojan", "search", "passive dns", "urls", "entries", "dashboard", "browse scan", "endpoints all", "date", "a domains", "aaaa", "record value", "scan endpoints", "all search", "otx octoseek", "domain related", "showing" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1003", "name": "OS Credential Dumping", "display_name": "T1003 - OS Credential Dumping" }, { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 7, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "OctoSeek", "id": "243548", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_243548/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 664, "email": 13, "hostname": 1352, "FileHash-SHA256": 1750, "URL": 5422, "FileHash-MD5": 207, "FileHash-SHA1": 61 }, "indicator_count": 9469, "is_author": false, "is_subscribing": null, "subscriber_count": 222, "modified_text": "991 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "and leave in a lemon- hued Huff da Country or a Snit with four on the MALWARE fOORILIES", "OTX must have an issue. A delete app seen before has deleted a majority of malicious IoCs. Im", "https://hifiporn.pw/xxx/1/white-dpt-jeffrey-reimer-loves-pretty-indian-patient-forces-sex-3gp-video-tsara-brashears/she-loves-how-i-pound-her-pussy", "OTX description for SNIT- I love to compose letters of resignation; now and then I send one in", "OTX description for Dopple AI - There\u2019s someone for everyone out there in the BDSM scene, you can enjoy the", "free NSFW experience offered by Dopple AI.MALWARE", "http://mangahasu.se/assassins-pride/chapter-12-a-promise-c629157.html?__cf_chl_jschl_tk__=7b4aeee234e6fcb906189a0ee99bff391aedad3f-1591653736-0-ATuxnw3UaJxen2hXCyv", "Pattern Behavior Research", "Data Analysis", "Y.A.S:1Byte/TinyRod SeeDescription @ Y.A.S. OFFICIAL MUSIC VIDEO", "I don\u2019t appreciate OTX populated Malware suggestion \u2018SNIT\u2019 \u2018 Dopple AI\u2019 NOT malware", "Makes zero sense. Malicious. I don\u2019t get it. I have a Malware gift for you too!" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [], "malware_families": [ "Y.a.s:1byte/tinyrod", "B.link/infringement (tracking)", "Virus:win32/magistr", "Virus:dos/goma", "Snit", "Trojandownloader:js/malspam", "Darktrack rat", "Dopple ai", "Alina pos", "Trojan.agent", "Assassin", "Decovid19", "Malware" ], "industries": [], "unique_indicators": 21976 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/kompoz2.com", "whois": "http://whois.domaintools.com/kompoz2.com", "domain": "kompoz2.com", "hostname": "Unavailable" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 22, "pulses": [ { "id": "69bea5d2987c3d14aeb2b0c9", "name": "Delete service Deleted over 1200 Brian Sabeys Porn Revenge Campaign \u2022 LevelBlue? Dopple AI | Poem Hunter: Poems ", "description": "", "modified": "2026-03-21T14:06:10.007000", "created": "2026-03-21T14:06:10.007000", "tags": [ "active related", "search filter", "time tsara", "x show", "cidr", "email", "learn more", "information", "t1027", "t1036", "t1057", "discovery", "t1059", "t1071", "title added", "poem", "the day", "wild eyesand", "unknown power", "shakespeare", "repeats", "ere man", "dowell oreilly", "read poem", "snit", "website", "loading", "rl https", "y0 nov", "vj96", "uyebaaeabaaaaac", "jid442122029", "active", "url http", "url https", "types", "indicators show", "type indicator", "added active", "tbmvid", "sourcelnms", "zx1724209326040", "read c", "module load", "showing", "delphi", "delete", "rgba", "unicode", "malware", "write", "win32", "execution", "next", "extraction", "data upload", "extre", "include data", "sc type", "url tot", "role title", "tsara brashears", "live sex", "porn video", "levelblue", "porn", "pornhub", "porn videos", "watch tsara", "most relevant", "q estimation", "green", "tsara", "online chat", "spicychat ai", "visa", "sex chat", "miss stella", "january", "philadelphia", "dopple ai", "b1 dec", "videos", "red porn", "free porn", "sunny leone", "hardcore porn", "jeffrey reimer", "puts", "love", "super", "download", "top tsara", "google search", "la iniciacin", "xxx hd", "bdsm scene", "nsfw experience", "ck ids", "open threat", "filepath https", "foundry", "palantir", "brian sabey", "yas", "tiny penis", "slander", "indicator role", "pulses url", "search" ], "references": [ "OTX must have an issue. A delete app seen before has deleted a majority of malicious IoCs. Im", "I don\u2019t appreciate OTX populated Malware suggestion \u2018SNIT\u2019 \u2018 Dopple AI\u2019 NOT malware", "OTX description for SNIT- I love to compose letters of resignation; now and then I send one in", "and leave in a lemon- hued Huff da Country or a Snit with four on the MALWARE fOORILIES", "OTX description for Dopple AI - There\u2019s someone for everyone out there in the BDSM scene, you can enjoy the", "free NSFW experience offered by Dopple AI.MALWARE", "Makes zero sense. Malicious. I don\u2019t get it. I have a Malware gift for you too!", "Y.A.S:1Byte/TinyRod SeeDescription @ Y.A.S. OFFICIAL MUSIC VIDEO" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Snit", "display_name": "Snit", "target": null }, { "id": "Dopple AI", "display_name": "Dopple AI", "target": null }, { "id": "Y.A.S:1Byte/TinyRod", "display_name": "Y.A.S:1Byte/TinyRod", "target": "/malware/Y.A.S:1Byte/TinyRod" } ], "attack_ids": [ { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" }, { "id": "T1036", "name": "Masquerading", "display_name": "T1036 - Masquerading" }, { "id": "T1045", "name": "Software Packing", "display_name": "T1045 - Software Packing" }, { "id": "T1057", "name": "Process Discovery", "display_name": "T1057 - Process Discovery" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1060", "name": "Registry Run Keys / Startup Folder", "display_name": "T1060 - Registry Run Keys / Startup Folder" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1083", "name": "File and Directory Discovery", "display_name": "T1083 - File and Directory Discovery" }, { "id": "T1105", "name": "Ingress Tool Transfer", "display_name": "T1105 - Ingress Tool Transfer" }, { "id": "T1106", "name": "Native API", "display_name": "T1106 - Native API" }, { "id": "T1129", "name": "Shared Modules", "display_name": "T1129 - Shared Modules" }, { "id": "T1140", "name": "Deobfuscate/Decode Files or Information", "display_name": "T1140 - Deobfuscate/Decode Files or Information" }, { "id": "T1449", "name": "Exploit SS7 to Redirect Phone Calls/SMS", "display_name": "T1449 - Exploit SS7 to Redirect Phone Calls/SMS" }, { "id": "T1546", "name": "Event Triggered Execution", "display_name": "T1546 - Event Triggered Execution" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1070", "name": "Indicator Removal on Host", "display_name": "T1070 - Indicator Removal on Host" }, { "id": "T1143", "name": "Hidden Window", "display_name": "T1143 - Hidden Window" }, { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" }, { "id": "T1125", "name": "Video Capture", "display_name": "T1125 - Video Capture" }, { "id": "T1495", "name": "Firmware Corruption", "display_name": "T1495 - Firmware Corruption" } ], "industries": [], "TLP": "green", "cloned_from": "691ead29f61101bfa3700998", "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Q.Vashti", "id": "337942", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 2497, "hostname": 742, "FileHash-SHA256": 523, "domain": 223, "FileHash-MD5": 85, "FileHash-SHA1": 56, "email": 4 }, "indicator_count": 4130, "is_author": false, "is_subscribing": null, "subscriber_count": 143, "modified_text": "72 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "691ead29f61101bfa3700998", "name": "Dopple AI | Poem Hunter: Poems - Poets - Poetry", "description": "Online terms that sexulize SA victim : Tsara brashears slander red porn videos ,\nHardcore porn, is pornography that features detailed depictions of sexual organs or sexual acts such as vaginal, anal or oral intercourse, fingering, brashears , Red Porn Videos , Tsara brashears slandered red porn\nyoujizz sex\n, Tsara brashears submission on august 27 via manual free , College fuck fest Super japanese hd compilation , \none kinky student fucks tsara brashears porn xxx porn , the best internet porn site\n, tsara brashears slandered, porn video uploaded to hardcore ,\nxxxxxxxxxx sex videos\nsearch , xxxxxxxxxx hd porn. tsara brashears\u09ac\u09b2\u09a6\u09b6\u09b0 \u09a8\u09a4\u09a8 \u09ad\u09acfrench retro gangbang in the hotel room, You will Tsara brashears porn ,\nChunky babe loves to be on top Hot Milf , xxx Movies, updates hourly.\n tsara brashears slandered,\nfrench retro gangbang in the hotel room , free porn videos. You will Tsara brashears porn jeffrey reimer puts his love on top tsara brashears brother", "modified": "2025-12-20T03:00:41.407000", "created": "2025-11-20T05:54:49.968000", "tags": [ "active related", "search filter", "time tsara", "x show", "cidr", "email", "learn more", "information", "t1027", "t1036", "t1057", "discovery", "t1059", "t1071", "title added", "poem", "the day", "wild eyesand", "unknown power", "shakespeare", "repeats", "ere man", "dowell oreilly", "read poem", "snit", "website", "loading", "rl https", "y0 nov", "vj96", "uyebaaeabaaaaac", "jid442122029", "active", "url http", "url https", "types", "indicators show", "type indicator", "added active", "tbmvid", "sourcelnms", "zx1724209326040", "read c", "module load", "showing", "delphi", "delete", "rgba", "unicode", "malware", "write", "win32", "execution", "next", "extraction", "data upload", "extre", "include data", "sc type", "url tot", "role title", "tsara brashears", "live sex", "porn video", "levelblue", "porn", "pornhub", "porn videos", "watch tsara", "most relevant", "q estimation", "green", "tsara", "online chat", "spicychat ai", "visa", "sex chat", "miss stella", "january", "philadelphia", "dopple ai", "b1 dec", "videos", "red porn", "free porn", "sunny leone", "hardcore porn", "jeffrey reimer", "puts", "love", "super", "download", "top tsara", "google search", "la iniciacin", "xxx hd", "bdsm scene", "nsfw experience", "ck ids", "open threat", "filepath https", "foundry", "palantir", "brian sabey", "yas", "tiny penis", "slander", "indicator role", "pulses url", "search" ], "references": [ "OTX must have an issue. A delete app seen before has deleted a majority of malicious IoCs. Im", "I don\u2019t appreciate OTX populated Malware suggestion \u2018SNIT\u2019 \u2018 Dopple AI\u2019 NOT malware", "OTX description for SNIT- I love to compose letters of resignation; now and then I send one in", "and leave in a lemon- hued Huff da Country or a Snit with four on the MALWARE fOORILIES", "OTX description for Dopple AI - There\u2019s someone for everyone out there in the BDSM scene, you can enjoy the", "free NSFW experience offered by Dopple AI.MALWARE", "Makes zero sense. Malicious. I don\u2019t get it. I have a Malware gift for you too!", "Y.A.S:1Byte/TinyRod SeeDescription @ Y.A.S. OFFICIAL MUSIC VIDEO" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Snit", "display_name": "Snit", "target": null }, { "id": "Dopple AI", "display_name": "Dopple AI", "target": null }, { "id": "Y.A.S:1Byte/TinyRod", "display_name": "Y.A.S:1Byte/TinyRod", "target": "/malware/Y.A.S:1Byte/TinyRod" } ], "attack_ids": [ { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" }, { "id": "T1036", "name": "Masquerading", "display_name": "T1036 - Masquerading" }, { "id": "T1045", "name": "Software Packing", "display_name": "T1045 - Software Packing" }, { "id": "T1057", "name": "Process Discovery", "display_name": "T1057 - Process Discovery" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1060", "name": "Registry Run Keys / Startup Folder", "display_name": "T1060 - Registry Run Keys / Startup Folder" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1083", "name": "File and Directory Discovery", "display_name": "T1083 - File and Directory Discovery" }, { "id": "T1105", "name": "Ingress Tool Transfer", "display_name": "T1105 - Ingress Tool Transfer" }, { "id": "T1106", "name": "Native API", "display_name": "T1106 - Native API" }, { "id": "T1129", "name": "Shared Modules", "display_name": "T1129 - Shared Modules" }, { "id": "T1140", "name": "Deobfuscate/Decode Files or Information", "display_name": "T1140 - Deobfuscate/Decode Files or Information" }, { "id": "T1449", "name": "Exploit SS7 to Redirect Phone Calls/SMS", "display_name": "T1449 - Exploit SS7 to Redirect Phone Calls/SMS" }, { "id": "T1546", "name": "Event Triggered Execution", "display_name": "T1546 - Event Triggered Execution" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1070", "name": "Indicator Removal on Host", "display_name": "T1070 - Indicator Removal on Host" }, { "id": "T1143", "name": "Hidden Window", "display_name": "T1143 - Hidden Window" }, { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" }, { "id": "T1125", "name": "Video Capture", "display_name": "T1125 - Video Capture" }, { "id": "T1495", "name": "Firmware Corruption", "display_name": "T1495 - Firmware Corruption" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Q.Vashti", "id": "337942", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 2497, "hostname": 742, "FileHash-SHA256": 523, "domain": 223, "FileHash-MD5": 85, "FileHash-SHA1": 56, "email": 4 }, "indicator_count": 4130, "is_author": false, "is_subscribing": null, "subscriber_count": 143, "modified_text": "164 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "66b8fe985a7460e0ee01be8a", "name": "r3.o.lencr.org", "description": "", "modified": "2024-08-11T18:14:13.378000", "created": "2024-08-11T18:10:32.276000", "tags": [ "as20940", "united", "trojan", "search", "passive dns", "urls", "entries", "dashboard", "browse scan", "endpoints all", "date", "a domains", "aaaa", "record value", "scan endpoints", "all search", "otx octoseek", "domain related", "showing" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1003", "name": "OS Credential Dumping", "display_name": "T1003 - OS Credential Dumping" }, { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" } ], "industries": [], "TLP": "green", "cloned_from": "64dc045f5344129c48c41826", "export_count": 9, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "scoreblue", "id": "254100", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_254100/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 664, "email": 13, "hostname": 1352, "FileHash-SHA256": 2550, "URL": 5422, "FileHash-MD5": 761, "FileHash-SHA1": 615 }, "indicator_count": 11377, "is_author": false, "is_subscribing": null, "subscriber_count": 227, "modified_text": "659 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a4bc7487548e66d6f004", "name": "Virus:DOS/Goma", "description": "", "modified": "2023-12-06T16:43:40.375000", "created": "2023-12-06T16:43:40.375000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 111, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a4b4259cafcf79907b2f", "name": "APPLE ALERT: nr-data.net - Private Apple and iOS Data Collection and Distribution", "description": "", "modified": "2023-12-06T16:43:32.408000", "created": "2023-12-06T16:43:32.408000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 111, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a4ac54885a7e866cedca", "name": "Elevated Exposure", "description": "", "modified": "2023-12-06T16:43:24.027000", "created": "2023-12-06T16:43:24.027000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 110, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a4a3ac21d7733c8e1040", "name": "Malvertising", "description": "", "modified": "2023-12-06T16:43:15.632000", "created": "2023-12-06T16:43:15.632000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 111, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a49b0b6595444a3fdd9a", "name": "passkey.tracker.net", "description": "", "modified": "2023-12-06T16:43:07.031000", "created": "2023-12-06T16:43:07.031000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 9, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 110, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a49207f81d6791c30194", "name": "Cyber Espionage w/B(.) Link / Infringement (Tracking)", "description": "", "modified": "2023-12-06T16:42:58.146000", "created": "2023-12-06T16:42:58.146000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 111, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6570a4876f8d1d174f717e7b", "name": "Cyber Espionage w/B(.) Link / Infringement (Tracking)", "description": "", "modified": "2023-12-06T16:42:47.591000", "created": "2023-12-06T16:42:47.591000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 2931, "hostname": 1798, "FileHash-MD5": 23, "FileHash-SHA1": 17, "URL": 5593, "domain": 1095 }, "indicator_count": 11458, "is_author": false, "is_subscribing": null, "subscriber_count": 110, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://kompoz2.com/find/rotherham-pakistani/", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://kompoz2.com/find/rotherham-pakistani/", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780400931.8952892 }