{ "type": "URL", "indicator": "https://lb01.parklogic.com", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://lb01.parklogic.com", "type": "url", "type_title": "URL", "validation": [], "base_indicator": { "id": 3290981966, "indicator": "https://lb01.parklogic.com", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 4, "pulses": [ { "id": "65708e4e9c1be22930c7a9c9", "name": "Hiding in common sight, misplaced attribution as just being AD Fraud", "description": "", "modified": "2023-12-06T15:07:58.810000", "created": "2023-12-06T15:07:58.810000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 525, "domain": 91, "URL": 531, "hostname": 281, "FileHash-MD5": 1 }, "indicator_count": 1429, "is_author": false, "is_subscribing": null, "subscriber_count": 110, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6282747cb32e6183686525ca", "name": "Hiding in common sight, misplaced attribution as just being AD Fraud", "description": "Get ready for the Russians to take over cause while most of cyber has been sleeping thru this chronic abuse just putting it down to common low impact ad fraud your about to find out whats really going on!", "modified": "2022-06-15T00:01:21.489000", "created": "2022-05-16T15:57:48.548000", "tags": [ "found", "iptv", "ad", "click", "fraud", "hiding in common sight", "initial access brokerage", "creds", "dirtying tv traffic", "nefarious domain parking", "enterprise leverage via the average consumer", "analytics abuse", "CNAME cookie abuse", "Cookie abuse", "GDPR might as well not exist" ], "references": [ "Ad/click Fraud disguises much more", "initial access brokers", "http://aka.ms/LearnAboutSenderIdentification Akamai rank: #256\t URL http://aka.ms/LearnAboutSenderIdentification. Akamai rank: #256\t URL http://aka.ms/learnathon Akamai rank: #256\t URL https://aka.ms/atasaguide-recenum Akamai rank: #256\t URL https://aka.ms/cp_r=", "cant complete due to continious freezing" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "dorkingbeauty1", "id": "80137", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 281, "URL": 531, "FileHash-SHA256": 525, "domain": 91, "FileHash-MD5": 1 }, "indicator_count": 1429, "is_author": false, "is_subscribing": null, "subscriber_count": 396, "modified_text": "1448 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "62419fedc849255cf3903185", "name": "http://caution.pro.mobile82.com/gb.j", "description": "A collection of breached small business routers and networks hosting a bunch of bad actor clean and not clean sites and storage facilities. Concerning that one of these small biz's is a UK criminal solictors with many creds for access to the UK cps and some courts", "modified": "2022-04-27T00:03:12.448000", "created": "2022-03-28T11:45:49.899000", "tags": [ "sandbox", "malware", "analysis", "online", "submit", "vxstream", "sample", "download", "trojan", "apt", "ansi", "threat level", "pcap", "pcap processing", "date", "sha256", "windows nt", "data", "decrypted ssl", "size", "accept", "hybrid", "close", "click", "hosts", "mozilla", "format", "malicious", "general", "local", "service", "window", "mozi", "trident", "strings", "suspicious" ], "references": [ "https://hybrid-analysis.com/sample/5d5e18e86b4ac952e8e585b0f1c2bf3ad0785e152455c07cc8993a68908daad0/6228d8a4b08be7216462d17b" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "dorkingbeauty1", "id": "80137", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 474, "URL": 2602, "domain": 224, "FileHash-SHA256": 331, "FileHash-MD5": 43, "FileHash-SHA1": 40, "email": 2 }, "indicator_count": 3716, "is_author": false, "is_subscribing": null, "subscriber_count": 396, "modified_text": "1497 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "62419ff515f8652c276a5fa5", "name": "http://caution.pro.mobile82.com/gb.j", "description": "A collection of breached small business routers and networks hosting a bunch of bad actor clean and not clean sites and storage facilities. Concerning that one of these small biz's is a UK criminal solictors with many creds for access to the UK cps and some courts", "modified": "2022-04-27T00:03:12.448000", "created": "2022-03-28T11:45:56.975000", "tags": [ "sandbox", "malware", "analysis", "online", "submit", "vxstream", "sample", "download", "trojan", "apt", "ansi", "threat level", "pcap", "pcap processing", "date", "sha256", "windows nt", "data", "decrypted ssl", "size", "accept", "hybrid", "close", "click", "hosts", "mozilla", "format", "malicious", "general", "local", "service", "window", "mozi", "trident", "strings", "suspicious" ], "references": [ "https://hybrid-analysis.com/sample/5d5e18e86b4ac952e8e585b0f1c2bf3ad0785e152455c07cc8993a68908daad0/6228d8a4b08be7216462d17b" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "dorkingbeauty1", "id": "80137", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 474, "URL": 2602, "domain": 224, "FileHash-SHA256": 331, "FileHash-MD5": 43, "FileHash-SHA1": 40, "email": 2 }, "indicator_count": 3716, "is_author": false, "is_subscribing": null, "subscriber_count": 396, "modified_text": "1497 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "http://aka.ms/LearnAboutSenderIdentification Akamai rank: #256\t URL http://aka.ms/LearnAboutSenderIdentification. Akamai rank: #256\t URL http://aka.ms/learnathon Akamai rank: #256\t URL https://aka.ms/atasaguide-recenum Akamai rank: #256\t URL https://aka.ms/cp_r=", "initial access brokers", "cant complete due to continious freezing", "https://hybrid-analysis.com/sample/5d5e18e86b4ac952e8e585b0f1c2bf3ad0785e152455c07cc8993a68908daad0/6228d8a4b08be7216462d17b", "Ad/click Fraud disguises much more" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 5193 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/parklogic.com", "whois": "http://whois.domaintools.com/parklogic.com", "domain": "parklogic.com", "hostname": "lb01.parklogic.com" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 4, "pulses": [ { "id": "65708e4e9c1be22930c7a9c9", "name": "Hiding in common sight, misplaced attribution as just being AD Fraud", "description": "", "modified": "2023-12-06T15:07:58.810000", "created": "2023-12-06T15:07:58.810000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 525, "domain": 91, "URL": 531, "hostname": 281, "FileHash-MD5": 1 }, "indicator_count": 1429, "is_author": false, "is_subscribing": null, "subscriber_count": 110, "modified_text": "908 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6282747cb32e6183686525ca", "name": "Hiding in common sight, misplaced attribution as just being AD Fraud", "description": "Get ready for the Russians to take over cause while most of cyber has been sleeping thru this chronic abuse just putting it down to common low impact ad fraud your about to find out whats really going on!", "modified": "2022-06-15T00:01:21.489000", "created": "2022-05-16T15:57:48.548000", "tags": [ "found", "iptv", "ad", "click", "fraud", "hiding in common sight", "initial access brokerage", "creds", "dirtying tv traffic", "nefarious domain parking", "enterprise leverage via the average consumer", "analytics abuse", "CNAME cookie abuse", "Cookie abuse", "GDPR might as well not exist" ], "references": [ "Ad/click Fraud disguises much more", "initial access brokers", "http://aka.ms/LearnAboutSenderIdentification Akamai rank: #256\t URL http://aka.ms/LearnAboutSenderIdentification. Akamai rank: #256\t URL http://aka.ms/learnathon Akamai rank: #256\t URL https://aka.ms/atasaguide-recenum Akamai rank: #256\t URL https://aka.ms/cp_r=", "cant complete due to continious freezing" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "dorkingbeauty1", "id": "80137", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 281, "URL": 531, "FileHash-SHA256": 525, "domain": 91, "FileHash-MD5": 1 }, "indicator_count": 1429, "is_author": false, "is_subscribing": null, "subscriber_count": 396, "modified_text": "1448 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "62419fedc849255cf3903185", "name": "http://caution.pro.mobile82.com/gb.j", "description": "A collection of breached small business routers and networks hosting a bunch of bad actor clean and not clean sites and storage facilities. Concerning that one of these small biz's is a UK criminal solictors with many creds for access to the UK cps and some courts", "modified": "2022-04-27T00:03:12.448000", "created": "2022-03-28T11:45:49.899000", "tags": [ "sandbox", "malware", "analysis", "online", "submit", "vxstream", "sample", "download", "trojan", "apt", "ansi", "threat level", "pcap", "pcap processing", "date", "sha256", "windows nt", "data", "decrypted ssl", "size", "accept", "hybrid", "close", "click", "hosts", "mozilla", "format", "malicious", "general", "local", "service", "window", "mozi", "trident", "strings", "suspicious" ], "references": [ "https://hybrid-analysis.com/sample/5d5e18e86b4ac952e8e585b0f1c2bf3ad0785e152455c07cc8993a68908daad0/6228d8a4b08be7216462d17b" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "dorkingbeauty1", "id": "80137", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 474, "URL": 2602, "domain": 224, "FileHash-SHA256": 331, "FileHash-MD5": 43, "FileHash-SHA1": 40, "email": 2 }, "indicator_count": 3716, "is_author": false, "is_subscribing": null, "subscriber_count": 396, "modified_text": "1497 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "62419ff515f8652c276a5fa5", "name": "http://caution.pro.mobile82.com/gb.j", "description": "A collection of breached small business routers and networks hosting a bunch of bad actor clean and not clean sites and storage facilities. Concerning that one of these small biz's is a UK criminal solictors with many creds for access to the UK cps and some courts", "modified": "2022-04-27T00:03:12.448000", "created": "2022-03-28T11:45:56.975000", "tags": [ "sandbox", "malware", "analysis", "online", "submit", "vxstream", "sample", "download", "trojan", "apt", "ansi", "threat level", "pcap", "pcap processing", "date", "sha256", "windows nt", "data", "decrypted ssl", "size", "accept", "hybrid", "close", "click", "hosts", "mozilla", "format", "malicious", "general", "local", "service", "window", "mozi", "trident", "strings", "suspicious" ], "references": [ "https://hybrid-analysis.com/sample/5d5e18e86b4ac952e8e585b0f1c2bf3ad0785e152455c07cc8993a68908daad0/6228d8a4b08be7216462d17b" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "dorkingbeauty1", "id": "80137", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 474, "URL": 2602, "domain": 224, "FileHash-SHA256": 331, "FileHash-MD5": 43, "FileHash-SHA1": 40, "email": 2 }, "indicator_count": 3716, "is_author": false, "is_subscribing": null, "subscriber_count": 396, "modified_text": "1497 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://lb01.parklogic.com", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://lb01.parklogic.com", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780385877.6527898 }