{ "type": "URL", "indicator": "https://tarasenergyservices.com", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://tarasenergyservices.com", "type": "url", "type_title": "URL", "validation": [], "base_indicator": { "id": 4343793809, "indicator": "https://tarasenergyservices.com", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 2, "pulses": [ { "id": "69fbad82234fc33123b0ce6d", "name": "EbeeMay2026 Pt1", "description": "Multiple APT/threat actors, Malware and Campaigns", "modified": "2026-05-06T21:07:14.769000", "created": "2026-05-06T21:07:14.769000", "tags": [ "filehashsha256", "filehashmd5", "filehashsha1", "filepath", "localappdata", "cve20250994 cve", "temp", "mutex", "local" ], "references": [ "IOCs-May1.csv" ], "public": 1, "adversary": "Trigona, PowerCod RAT, APT34, PhantomRaven, Hacked sites deliver infostealer, CloudZ RAT", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "IMEBEEIMFINE", "id": "343873", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "IPv4": 80, "CIDR": 3, "CVE": 10, "FileHash-MD5": 154, "FileHash-SHA1": 140, "FileHash-SHA256": 219, "URL": 80, "domain": 82, "email": 8, "hostname": 60 }, "indicator_count": 836, "is_author": false, "is_subscribing": null, "subscriber_count": 39, "modified_text": "24 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "69f91c32bdaa706a97c2c575", "name": "Brand Impersonation targeting \"Production Testing, Flowback\": tarasenergyservices.com", "description": "== Brand Impersonation Indicator ==\n\nMalicious URL: https://tarasenergyservices.com\nDomain: tarasenergyservices.com\n\nTHREAT DESCRIPTION:\nThis domain is impersonating a legitimate brand to deceive consumers by impersonating Production Testing, Flowback. Consumers are being misled by unauthorized use of brand identity. Customers may be scammed, brand reputation is damaged, and trust is eroded.\nLegitimate domain: taraenergyservices.com\n\nINFRASTRUCTURE:\n- IP Address: 2.57.91.91\n- Hosting: Hostinger International Limited\n\nPage Title: \"Parked Domain name on Hostinger DNS system\"\nScreenshot Evidence: https://r2storage.brandvigilant.com/screenshots/2026-05-04/https___tarasenergyservices_com_desktop_1777933359985_39e64461.png\nDetection Method: MANUAL_REPORT\nFirst Seen: today\nConfidence: 0%\n\nSource: Brand Vigilant automated threat detection (brandvigilant.com)", "modified": "2026-05-04T22:22:42.188000", "created": "2026-05-04T22:22:42.188000", "tags": [ "phishing", "brand-vigilant", "brand_impersonation" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "brandvigilant", "id": "380155", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 1, "URL": 1 }, "indicator_count": 2, "is_author": false, "is_subscribing": null, "subscriber_count": 17, "modified_text": "26 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "IOCs-May1.csv" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [ "Trigona, PowerCod RAT, APT34, PhantomRaven, Hacked sites deliver infostealer, CloudZ RAT" ], "malware_families": [], "industries": [], "unique_indicators": 836 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/tarasenergyservices.com", "whois": "http://whois.domaintools.com/tarasenergyservices.com", "domain": "tarasenergyservices.com", "hostname": "Unavailable" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 2, "pulses": [ { "id": "69fbad82234fc33123b0ce6d", "name": "EbeeMay2026 Pt1", "description": "Multiple APT/threat actors, Malware and Campaigns", "modified": "2026-05-06T21:07:14.769000", "created": "2026-05-06T21:07:14.769000", "tags": [ "filehashsha256", "filehashmd5", "filehashsha1", "filepath", "localappdata", "cve20250994 cve", "temp", "mutex", "local" ], "references": [ "IOCs-May1.csv" ], "public": 1, "adversary": "Trigona, PowerCod RAT, APT34, PhantomRaven, Hacked sites deliver infostealer, CloudZ RAT", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "IMEBEEIMFINE", "id": "343873", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "IPv4": 80, "CIDR": 3, "CVE": 10, "FileHash-MD5": 154, "FileHash-SHA1": 140, "FileHash-SHA256": 219, "URL": 80, "domain": 82, "email": 8, "hostname": 60 }, "indicator_count": 836, "is_author": false, "is_subscribing": null, "subscriber_count": 39, "modified_text": "24 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "69f91c32bdaa706a97c2c575", "name": "Brand Impersonation targeting \"Production Testing, Flowback\": tarasenergyservices.com", "description": "== Brand Impersonation Indicator ==\n\nMalicious URL: https://tarasenergyservices.com\nDomain: tarasenergyservices.com\n\nTHREAT DESCRIPTION:\nThis domain is impersonating a legitimate brand to deceive consumers by impersonating Production Testing, Flowback. Consumers are being misled by unauthorized use of brand identity. Customers may be scammed, brand reputation is damaged, and trust is eroded.\nLegitimate domain: taraenergyservices.com\n\nINFRASTRUCTURE:\n- IP Address: 2.57.91.91\n- Hosting: Hostinger International Limited\n\nPage Title: \"Parked Domain name on Hostinger DNS system\"\nScreenshot Evidence: https://r2storage.brandvigilant.com/screenshots/2026-05-04/https___tarasenergyservices_com_desktop_1777933359985_39e64461.png\nDetection Method: MANUAL_REPORT\nFirst Seen: today\nConfidence: 0%\n\nSource: Brand Vigilant automated threat detection (brandvigilant.com)", "modified": "2026-05-04T22:22:42.188000", "created": "2026-05-04T22:22:42.188000", "tags": [ "phishing", "brand-vigilant", "brand_impersonation" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "brandvigilant", "id": "380155", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 1, "URL": 1 }, "indicator_count": 2, "is_author": false, "is_subscribing": null, "subscriber_count": 17, "modified_text": "26 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://tarasenergyservices.com", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://tarasenergyservices.com", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780180301.1853364 }