{ "type": "URL", "indicator": "https://www.freeav.com/A", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://www.freeav.com/A", "type": "url", "type_title": "URL", "validation": [], "base_indicator": { "id": 4143388968, "indicator": "https://www.freeav.com/A", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 2, "pulses": [ { "id": "69f47e886aac3dce3a958d27", "name": "2011: Malware Analysis Report", "description": "", "modified": "2026-05-31T10:27:23.455000", "created": "2026-05-01T10:20:56.666000", "tags": [], "references": [ "2011-03-11 - Trojan.Koredos Comes with an Unwelcomed Surprise.pdf", "2011-01-20 - Beschreibung des Virus Backdoor.Win32. Buterat.afj.pdf", "2011-03-08 - Worm-Win32-Yimfoca.A.pdf", "2011-03-02 - TDL4 and Glupteba- Piggyback PiggyBugs.pdf", "2011-04-26 - SpyEye Targets Opera, Google Chrome Users.pdf", "2011-03-28 - Microsoft Hunting Rustock Controllers.pdf", "2011-01-09 - Jan 6 CVE-2010-3333 DOC with info theft trojan from the American Chamber of Commerce.pdf", "2011-04-19 - TDSS part 1- The x64 Dollar Question.pdf", "2011-04-16 - Troj-Sasfis-O.pdf", "2011-05-19 - Win32-Expiro.pdf", "2011-06-22 - Criminals gain control over Mac with BackDoor.Olyx.pdf", "2011-04-30 - BKA-Trojaner (Ransomware).pdf", "2011-06-29 - Inside a Back Door Attack.pdf", "2011-07-26 - SpyEye Trojan defeating online banking defenses.pdf", "2011-04-28 - Un observateur d\u2019\u00e9v\u00e9nements aveugle\u2026.pdf", "2011-07-08 - Trojan.Mayachok.2- ?????? ??????? ?????????? VBR-???????.pdf", "2011-07-14 - Cycbot- Ready to Ride.pdf", "2011-07-06 - Cybercriminals switch from MBR to NTFS.pdf", "2011-07-28 - Trojan Tricks Victims Into Transferring Funds.pdf", "2011-08-27 - Morto.A.pdf", "2011-01-30 - GpCode Ransomware 2010 Simple Analysis.pdf", "2011-08-03 - HTran and the Advanced Persistent Threat.pdf", "2011-08-28 - Windows Remote Desktop Worm -Morto- Spreading.pdf", "2011-09-09 - BIOS Threat is Showing up Again!.pdf", "2011-09-02 - ZeuS Gets Another Update.pdf", "2011-08-24 - Ice IX, the first crimeware based on the leaked ZeuS sources.pdf", "2011-09-13 - Mebromi- the first BIOS rootkit in the wild.pdf", "2011-08-04 - Analysis of ngrBot.pdf", "2011-09-14 - Ice IX- not cool at all.pdf", "2011-09-14 - Malware burrows deep into computer BIOS to escape AV.pdf", "2011-09-19 - Mebromi BIOS rootkit affecting Award BIOS (aka -BMW- virus).pdf", "2011-08-28 - Windows Remote Desktop Worm -Morto- Spreading22.pdf", "2011-09-21 - Sept 21 Greedy Shylock - financial malware.pdf", "2011-09-09 - Stuxnet Malware Analysis Paper.pdf", "2011-09-27 - Debugging Injected Code with IDA Pro.pdf", "2011-10-07 - Rustock samples and analysis links. Rustock.C, E, I, J and other variants.pdf", "2011-10-14 - A Detailed Analysis of an Advanced Persistent Threat Malware.pdf", "2011-10-06 - ZeuS-in-the-Mobile \u2013 Facts and Theories.pdf", "2011-10-08 - Possible Governmental Backdoor Found (-Case R2D2-).pdf", "2011-10-17 - W32-Yunsip!tr.pws.pdf", "2011-10-06 - Sep 28 CVE-2010-3333 Manuscript with Taidoor (Trojan.Matryoshka by CyberESI).pdf", "2011-10-13 - A Detailed Analysis of an Advanced Persistent Threat Malware.pdf", "2011-10-31 - The Significance of the -Nitro- Attacks.pdf", "2011-10-26 - Tsunami Backdoor Can Be Used for Denial of Service Attacks.pdf", "2011-12-20 - Analyzing CVE-2011-4369 \u2013 Part One.pdf", "2011-12-08 - The Sykipot Attacks.pdf", "2011-12-11 - Intro. To Reversing - W32Pinkslipbot.pdf", "Duqu Trojan Questions and Answers.pdf", "Palebot trojan.pdf", "HTran.pdf", "Ghost RAT- Many faces.pdf", "Operation Shady Rat.pdf", "Alleged APT Intrusion Set 1.php Group.pdf", "Stuxnet , Duqu - The Evolution of Drivers.pdf", "The RSA Hack.pdf", "The Nitro Attacks - Stealing secrets from the Chemical Industry.pdf", "Global_Energy_Cyberattacks_-_Night_Dragon_.pdf", "The LURID Downloader.pdf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "kikinumpav", "id": "385742", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 1031, "domain": 435, "CVE": 13, "FileHash-MD5": 155, "FileHash-SHA1": 8, "FileHash-SHA256": 234, "IPv4": 88, "email": 9, "hostname": 1031 }, "indicator_count": 3004, "is_author": false, "is_subscribing": null, "subscriber_count": 12, "modified_text": "42 minutes ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "68ff6bf46f5d8662048ca7a1", "name": "symcd.com \u2022 Netify.ai", "description": "Seen in multiple attacks including CrowdStrike\nincident that was truly a breach found and reported prior to outage. SYCMD..com\nis consistently removed / deleted from pulses.\n\nI have nothing to say. OTX will pulse this let\u2019s see if anything happens..\n#rootkit? #ai #netify #malware #running_webserver #ottowa #elf #agent #malware #known #network_icmp #nolookup_communication\nantivm_generic_disk #dead host\n#dumped_buffer\n#network_cnc_http\n#network_http\n#allocates_rwx\n#av_detect_china_key #m\n[ELF:Agent-VW\\ [Trj]]\nIDS Detections :\n*GoBrut Service Bruter CnC Activity \n*GoBrut Service Bruter CnC Checkin \n*Generic.Go.Bruteforcer CnC Beacon\neval String.fromCharCode String Which May Be #malicious\nYara Detections:\ncompromised_site_redirector_fromcharcode\nfromCharCode | Yara Detections:\nKnownMaliciousObfuscationPattern\n[External IP Address Lookup via api .ip138 .com]\n[Win.Malware.Softcnapp-6932830-0]\nMultiple malware attack.", "modified": "2025-11-26T12:00:39.551000", "created": "2025-10-27T12:56:20.090000", "tags": [ "present may", "present jun", "name servers", "united", "status", "present aug", "present oct", "present jul", "present mar", "present nov", "date", "digicert", "whois", "forums", "symantec", "comcast", "levelblue", "open threat", "pulse", "urls", "as13335", "info", "server", "domain status", "registrar abuse", "registrar", "dnssec", "domain name", "us registrant", "email", "contact email", "host name", "handle", "rdap database", "iana registrar", "present sep", "canada unknown", "moved", "ip address", "search", "title", "encrypt", "ubuntu", "linux x8664", "gobrut service", "bruter cnc", "entries", "show", "activity", "stca", "unknown", "malware", "copy", "next", "team", "script urls", "a domains", "passive dns", "gmt server", "content type", "body", "meta", "for privacy", "creation date", "name redacted", "expiration date", "servers", "hostname add", "pulse pulses", "13371", "qq v", "process32nextw", "regopenkeyexw", "medium", "langchinese", "get na", "rticon", "security", "high", "win32", "write", "dynamicloader", "checks", "alerts", "bios", "dynamic", "total", "read", "delete", "name strings", "south korea" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [ "United States of America", "Australia", "Canada", "Bulgaria", "Germany", "Netherlands" ], "malware_families": [], "attack_ids": [ { "id": "T1045", "name": "Software Packing", "display_name": "T1045 - Software Packing" }, { "id": "T1057", "name": "Process Discovery", "display_name": "T1057 - Process Discovery" }, { "id": "T1060", "name": "Registry Run Keys / Startup Folder", "display_name": "T1060 - Registry Run Keys / Startup Folder" }, { "id": "T1063", "name": "Security Software Discovery", "display_name": "T1063 - Security Software Discovery" }, { "id": "T1119", "name": "Automated Collection", "display_name": "T1119 - Automated Collection" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Q.Vashti", "id": "337942", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 3301, "email": 9, "hostname": 1202, "FileHash-SHA256": 1967, "domain": 1885, "FileHash-MD5": 153, "FileHash-SHA1": 151, "CVE": 1, "SSLCertFingerprint": 82, "FilePath": 1 }, "indicator_count": 8752, "is_author": false, "is_subscribing": null, "subscriber_count": 144, "modified_text": "185 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "Palebot trojan.pdf", "2011-09-27 - Debugging Injected Code with IDA Pro.pdf", "2011-10-14 - A Detailed Analysis of an Advanced Persistent Threat Malware.pdf", "2011-06-29 - Inside a Back Door Attack.pdf", "2011-04-16 - Troj-Sasfis-O.pdf", "The RSA Hack.pdf", "2011-09-14 - Malware burrows deep into computer BIOS to escape AV.pdf", "2011-10-26 - Tsunami Backdoor Can Be Used for Denial of Service Attacks.pdf", "2011-06-22 - Criminals gain control over Mac with BackDoor.Olyx.pdf", "2011-07-26 - SpyEye Trojan defeating online banking defenses.pdf", "2011-07-28 - Trojan Tricks Victims Into Transferring Funds.pdf", "2011-03-28 - Microsoft Hunting Rustock Controllers.pdf", "2011-08-27 - Morto.A.pdf", "2011-12-08 - The Sykipot Attacks.pdf", "2011-01-09 - Jan 6 CVE-2010-3333 DOC with info theft trojan from the American Chamber of Commerce.pdf", "2011-09-14 - Ice IX- not cool at all.pdf", "Global_Energy_Cyberattacks_-_Night_Dragon_.pdf", "2011-10-08 - Possible Governmental Backdoor Found (-Case R2D2-).pdf", "Operation Shady Rat.pdf", "2011-03-02 - TDL4 and Glupteba- Piggyback PiggyBugs.pdf", "2011-08-04 - Analysis of ngrBot.pdf", "The Nitro Attacks - Stealing secrets from the Chemical Industry.pdf", "2011-01-30 - GpCode Ransomware 2010 Simple Analysis.pdf", "2011-04-30 - BKA-Trojaner (Ransomware).pdf", "2011-08-28 - Windows Remote Desktop Worm -Morto- Spreading.pdf", "2011-09-13 - Mebromi- the first BIOS rootkit in the wild.pdf", "2011-10-31 - The Significance of the -Nitro- Attacks.pdf", "2011-01-20 - Beschreibung des Virus Backdoor.Win32. Buterat.afj.pdf", "2011-07-08 - Trojan.Mayachok.2- ?????? ??????? ?????????? VBR-???????.pdf", "2011-03-11 - Trojan.Koredos Comes with an Unwelcomed Surprise.pdf", "2011-08-03 - HTran and the Advanced Persistent Threat.pdf", "The LURID Downloader.pdf", "2011-05-19 - Win32-Expiro.pdf", "HTran.pdf", "Alleged APT Intrusion Set 1.php Group.pdf", "2011-07-14 - Cycbot- Ready to Ride.pdf", "2011-09-09 - Stuxnet Malware Analysis Paper.pdf", "Ghost RAT- Many faces.pdf", "Duqu Trojan Questions and Answers.pdf", "2011-09-19 - Mebromi BIOS rootkit affecting Award BIOS (aka -BMW- virus).pdf", "2011-10-07 - Rustock samples and analysis links. Rustock.C, E, I, J and other variants.pdf", "2011-09-09 - BIOS Threat is Showing up Again!.pdf", "2011-10-06 - ZeuS-in-the-Mobile \u2013 Facts and Theories.pdf", "2011-03-08 - Worm-Win32-Yimfoca.A.pdf", "2011-04-19 - TDSS part 1- The x64 Dollar Question.pdf", "2011-04-28 - Un observateur d\u2019\u00e9v\u00e9nements aveugle\u2026.pdf", "2011-08-24 - Ice IX, the first crimeware based on the leaked ZeuS sources.pdf", "2011-08-28 - Windows Remote Desktop Worm -Morto- Spreading22.pdf", "2011-10-06 - Sep 28 CVE-2010-3333 Manuscript with Taidoor (Trojan.Matryoshka by CyberESI).pdf", "2011-09-02 - ZeuS Gets Another Update.pdf", "2011-10-17 - W32-Yunsip!tr.pws.pdf", "2011-12-20 - Analyzing CVE-2011-4369 \u2013 Part One.pdf", "2011-09-21 - Sept 21 Greedy Shylock - financial malware.pdf", "2011-07-06 - Cybercriminals switch from MBR to NTFS.pdf", "2011-10-13 - A Detailed Analysis of an Advanced Persistent Threat Malware.pdf", "2011-12-11 - Intro. To Reversing - W32Pinkslipbot.pdf", "Stuxnet , Duqu - The Evolution of Drivers.pdf", "2011-04-26 - SpyEye Targets Opera, Google Chrome Users.pdf" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 12023 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/freeav.com", "whois": "http://whois.domaintools.com/freeav.com", "domain": "freeav.com", "hostname": "www.freeav.com" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 2, "pulses": [ { "id": "69f47e886aac3dce3a958d27", "name": "2011: Malware Analysis Report", "description": "", "modified": "2026-05-31T10:27:23.455000", "created": "2026-05-01T10:20:56.666000", "tags": [], "references": [ "2011-03-11 - Trojan.Koredos Comes with an Unwelcomed Surprise.pdf", "2011-01-20 - Beschreibung des Virus Backdoor.Win32. Buterat.afj.pdf", "2011-03-08 - Worm-Win32-Yimfoca.A.pdf", "2011-03-02 - TDL4 and Glupteba- Piggyback PiggyBugs.pdf", "2011-04-26 - SpyEye Targets Opera, Google Chrome Users.pdf", "2011-03-28 - Microsoft Hunting Rustock Controllers.pdf", "2011-01-09 - Jan 6 CVE-2010-3333 DOC with info theft trojan from the American Chamber of Commerce.pdf", "2011-04-19 - TDSS part 1- The x64 Dollar Question.pdf", "2011-04-16 - Troj-Sasfis-O.pdf", "2011-05-19 - Win32-Expiro.pdf", "2011-06-22 - Criminals gain control over Mac with BackDoor.Olyx.pdf", "2011-04-30 - BKA-Trojaner (Ransomware).pdf", "2011-06-29 - Inside a Back Door Attack.pdf", "2011-07-26 - SpyEye Trojan defeating online banking defenses.pdf", "2011-04-28 - Un observateur d\u2019\u00e9v\u00e9nements aveugle\u2026.pdf", "2011-07-08 - Trojan.Mayachok.2- ?????? ??????? ?????????? VBR-???????.pdf", "2011-07-14 - Cycbot- Ready to Ride.pdf", "2011-07-06 - Cybercriminals switch from MBR to NTFS.pdf", "2011-07-28 - Trojan Tricks Victims Into Transferring Funds.pdf", "2011-08-27 - Morto.A.pdf", "2011-01-30 - GpCode Ransomware 2010 Simple Analysis.pdf", "2011-08-03 - HTran and the Advanced Persistent Threat.pdf", "2011-08-28 - Windows Remote Desktop Worm -Morto- Spreading.pdf", "2011-09-09 - BIOS Threat is Showing up Again!.pdf", "2011-09-02 - ZeuS Gets Another Update.pdf", "2011-08-24 - Ice IX, the first crimeware based on the leaked ZeuS sources.pdf", "2011-09-13 - Mebromi- the first BIOS rootkit in the wild.pdf", "2011-08-04 - Analysis of ngrBot.pdf", "2011-09-14 - Ice IX- not cool at all.pdf", "2011-09-14 - Malware burrows deep into computer BIOS to escape AV.pdf", "2011-09-19 - Mebromi BIOS rootkit affecting Award BIOS (aka -BMW- virus).pdf", "2011-08-28 - Windows Remote Desktop Worm -Morto- Spreading22.pdf", "2011-09-21 - Sept 21 Greedy Shylock - financial malware.pdf", "2011-09-09 - Stuxnet Malware Analysis Paper.pdf", "2011-09-27 - Debugging Injected Code with IDA Pro.pdf", "2011-10-07 - Rustock samples and analysis links. Rustock.C, E, I, J and other variants.pdf", "2011-10-14 - A Detailed Analysis of an Advanced Persistent Threat Malware.pdf", "2011-10-06 - ZeuS-in-the-Mobile \u2013 Facts and Theories.pdf", "2011-10-08 - Possible Governmental Backdoor Found (-Case R2D2-).pdf", "2011-10-17 - W32-Yunsip!tr.pws.pdf", "2011-10-06 - Sep 28 CVE-2010-3333 Manuscript with Taidoor (Trojan.Matryoshka by CyberESI).pdf", "2011-10-13 - A Detailed Analysis of an Advanced Persistent Threat Malware.pdf", "2011-10-31 - The Significance of the -Nitro- Attacks.pdf", "2011-10-26 - Tsunami Backdoor Can Be Used for Denial of Service Attacks.pdf", "2011-12-20 - Analyzing CVE-2011-4369 \u2013 Part One.pdf", "2011-12-08 - The Sykipot Attacks.pdf", "2011-12-11 - Intro. To Reversing - W32Pinkslipbot.pdf", "Duqu Trojan Questions and Answers.pdf", "Palebot trojan.pdf", "HTran.pdf", "Ghost RAT- Many faces.pdf", "Operation Shady Rat.pdf", "Alleged APT Intrusion Set 1.php Group.pdf", "Stuxnet , Duqu - The Evolution of Drivers.pdf", "The RSA Hack.pdf", "The Nitro Attacks - Stealing secrets from the Chemical Industry.pdf", "Global_Energy_Cyberattacks_-_Night_Dragon_.pdf", "The LURID Downloader.pdf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "kikinumpav", "id": "385742", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 1031, "domain": 435, "CVE": 13, "FileHash-MD5": 155, "FileHash-SHA1": 8, "FileHash-SHA256": 234, "IPv4": 88, "email": 9, "hostname": 1031 }, "indicator_count": 3004, "is_author": false, "is_subscribing": null, "subscriber_count": 12, "modified_text": "42 minutes ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "68ff6bf46f5d8662048ca7a1", "name": "symcd.com \u2022 Netify.ai", "description": "Seen in multiple attacks including CrowdStrike\nincident that was truly a breach found and reported prior to outage. SYCMD..com\nis consistently removed / deleted from pulses.\n\nI have nothing to say. OTX will pulse this let\u2019s see if anything happens..\n#rootkit? #ai #netify #malware #running_webserver #ottowa #elf #agent #malware #known #network_icmp #nolookup_communication\nantivm_generic_disk #dead host\n#dumped_buffer\n#network_cnc_http\n#network_http\n#allocates_rwx\n#av_detect_china_key #m\n[ELF:Agent-VW\\ [Trj]]\nIDS Detections :\n*GoBrut Service Bruter CnC Activity \n*GoBrut Service Bruter CnC Checkin \n*Generic.Go.Bruteforcer CnC Beacon\neval String.fromCharCode String Which May Be #malicious\nYara Detections:\ncompromised_site_redirector_fromcharcode\nfromCharCode | Yara Detections:\nKnownMaliciousObfuscationPattern\n[External IP Address Lookup via api .ip138 .com]\n[Win.Malware.Softcnapp-6932830-0]\nMultiple malware attack.", "modified": "2025-11-26T12:00:39.551000", "created": "2025-10-27T12:56:20.090000", "tags": [ "present may", "present jun", "name servers", "united", "status", "present aug", "present oct", "present jul", "present mar", "present nov", "date", "digicert", "whois", "forums", "symantec", "comcast", "levelblue", "open threat", "pulse", "urls", "as13335", "info", "server", "domain status", "registrar abuse", "registrar", "dnssec", "domain name", "us registrant", "email", "contact email", "host name", "handle", "rdap database", "iana registrar", "present sep", "canada unknown", "moved", "ip address", "search", "title", "encrypt", "ubuntu", "linux x8664", "gobrut service", "bruter cnc", "entries", "show", "activity", "stca", "unknown", "malware", "copy", "next", "team", "script urls", "a domains", "passive dns", "gmt server", "content type", "body", "meta", "for privacy", "creation date", "name redacted", "expiration date", "servers", "hostname add", "pulse pulses", "13371", "qq v", "process32nextw", "regopenkeyexw", "medium", "langchinese", "get na", "rticon", "security", "high", "win32", "write", "dynamicloader", "checks", "alerts", "bios", "dynamic", "total", "read", "delete", "name strings", "south korea" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [ "United States of America", "Australia", "Canada", "Bulgaria", "Germany", "Netherlands" ], "malware_families": [], "attack_ids": [ { "id": "T1045", "name": "Software Packing", "display_name": "T1045 - Software Packing" }, { "id": "T1057", "name": "Process Discovery", "display_name": "T1057 - Process Discovery" }, { "id": "T1060", "name": "Registry Run Keys / Startup Folder", "display_name": "T1060 - Registry Run Keys / Startup Folder" }, { "id": "T1063", "name": "Security Software Discovery", "display_name": "T1063 - Security Software Discovery" }, { "id": "T1119", "name": "Automated Collection", "display_name": "T1119 - Automated Collection" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Q.Vashti", "id": "337942", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 3301, "email": 9, "hostname": 1202, "FileHash-SHA256": 1967, "domain": 1885, "FileHash-MD5": 153, "FileHash-SHA1": 151, "CVE": 1, "SSLCertFingerprint": 82, "FilePath": 1 }, "indicator_count": 8752, "is_author": false, "is_subscribing": null, "subscriber_count": 144, "modified_text": "185 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://www.freeav.com/A", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://www.freeav.com/A", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780225820.9280887 }