{ "type": "URL", "indicator": "https://www.tiktok.com/", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://www.tiktok.com/", "type": "url", "type_title": "URL", "validation": [ { "source": "alexa", "message": "Alexa rank: #65", "name": "Listed on Alexa" }, { "source": "akamai", "message": "Akamai rank: #614", "name": "Akamai Popular Domain" }, { "source": "majestic", "message": "Whitelisted domain tiktok.com", "name": "Whitelisted domain" } ], "base_indicator": { "id": 3884998480, "indicator": "https://www.tiktok.com/", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 3, "pulses": [ { "id": "69cd2d25ce5465066880b306", "name": "VirusTotal report\n for index.html", "description": "540cebc26f3837a40ab7286955cd0d98\n6f54c2880e9a9458548feff2a15dff359340ca47\n0d00f9e3bd2d68ab29ca325634e64182006281fa8412b55c2f32655e9848577b\nf8cad1e437f98bd3e9425cb2f58d0d94\n1536:/Zr2xDgpbPAlKq6i1Lbe0DZ+4XdpuuRlJsRG6a2Q/0DdQAghkwRExbvcQcF7BTLJ:gDgplc3Mk5\nT1FB9322B3438C1C3A46428395266C778D537FCE77C9A1A0D3B2BB8A1C6FC29915B1DC69\nHTML \ninternet\nhtml\nHTML document, Unicode text, UTF-8 text, with very long lines (4054u)\nfile seems to be plain text/ASCII (0%)\n86.83 KB (88910 bytes) verizon hanoverhttps://media.evolv.ai/asset-manager/releases/latest/webloader.min.js\ntext/javascript\nb02d16aa80", "modified": "2026-04-01T14:39:19.585000", "created": "2026-04-01T14:35:17.426000", "tags": [ "performs dns", "urls", "united", "https", "mitre attack", "network info", "processes extra", "meta", "found", "html page", "phishing", "next", "script", "hanover", "washington st", "cdata", "index", "follow", "open", "massachusetts", "r00000257559", "wireless", "title", "direct", "friday" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/0d00f9e3bd2d68ab29ca325634e64182006281fa8412b55c2f32655e9848577b_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775054228&Signature=r5virEXGjsBOF3mEo%2BicxO1PS%2Bs3UkQ%2Bdi%2BxbmOXbllhiqeb5X1KAgTqfWbbP4CahjSIU%2FsXAx1G1hCRKA39zGyvuP%2BlU%2FjyEg%2F7c%2FdZVBnnnkgdzY5j19osgH9P469%2BGRtxwL160VAROsFluRzdggCVRYvcIMfs07qEuU94FMAglR3OwggkH82SM0Pihxeq64d2mEKzqeBDEYFu2q7Et%2BQWen2YIdhUHA2YLhP9rc3ke3%2", "https://vtbehaviour.commondatastorage.googleapis.com/0d00f9e3bd2d68ab29ca325634e64182006281fa8412b55c2f32655e9848577b_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775054290&Signature=pNWm4zuJ3NbEVCyqNonX24f7L356W31m1h5Rr3fd00KFtbBsoY%2BkSSIxHXVjSbN5eYyi%2Fu%2BpIejFBnqr4K733N%2F3fh94YH0udfFvzHtfNK3SvAU8cUHJPIcF%2B5FDgup7gK3l%2FLGnr6CB2cnb7000ERnofAiVW0p4JNgARs7UctQHOKy%2BopXQmXdsG7VCDYYbYikN3uRzqRwv0kCuiEatO3IO4vH%2BRQoLuKFdo6rZS1rjlf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1571", "name": "Non-Standard Port", "display_name": "T1571 - Non-Standard Port" }, { "id": "T1573", "name": "Encrypted Channel", "display_name": "T1573 - Encrypted Channel" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 169, "hostname": 95, "FileHash-MD5": 1, "FileHash-SHA1": 1, "FileHash-SHA256": 5, "IPv4": 44, "domain": 3 }, "indicator_count": 318, "is_author": false, "is_subscribing": null, "subscriber_count": 48, "modified_text": "19 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "69cd2d25ae4bbf9b7767b402", "name": "VirusTotal report\n for index.html", "description": "540cebc26f3837a40ab7286955cd0d98\n6f54c2880e9a9458548feff2a15dff359340ca47\n0d00f9e3bd2d68ab29ca325634e64182006281fa8412b55c2f32655e9848577b\nf8cad1e437f98bd3e9425cb2f58d0d94\n1536:/Zr2xDgpbPAlKq6i1Lbe0DZ+4XdpuuRlJsRG6a2Q/0DdQAghkwRExbvcQcF7BTLJ:gDgplc3Mk5\nT1FB9322B3438C1C3A46428395266C778D537FCE77C9A1A0D3B2BB8A1C6FC29915B1DC69\nHTML \ninternet\nhtml\nHTML document, Unicode text, UTF-8 text, with very long lines (4054u)\nfile seems to be plain text/ASCII (0%)\n86.83 KB (88910 bytes) verizon hanoverhttps://media.evolv.ai/asset-manager/releases/latest/webloader.min.js\ntext/javascript\nb02d16aa80", "modified": "2026-04-01T14:35:17.852000", "created": "2026-04-01T14:35:17.852000", "tags": [ "performs dns", "urls", "united", "https", "mitre attack", "network info", "processes extra", "meta", "found", "html page", "phishing", "next", "script", "hanover", "washington st", "cdata", "index", "follow", "open", "massachusetts", "r00000257559", "wireless", "title", "direct", "friday" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/0d00f9e3bd2d68ab29ca325634e64182006281fa8412b55c2f32655e9848577b_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775054228&Signature=r5virEXGjsBOF3mEo%2BicxO1PS%2Bs3UkQ%2Bdi%2BxbmOXbllhiqeb5X1KAgTqfWbbP4CahjSIU%2FsXAx1G1hCRKA39zGyvuP%2BlU%2FjyEg%2F7c%2FdZVBnnnkgdzY5j19osgH9P469%2BGRtxwL160VAROsFluRzdggCVRYvcIMfs07qEuU94FMAglR3OwggkH82SM0Pihxeq64d2mEKzqeBDEYFu2q7Et%2BQWen2YIdhUHA2YLhP9rc3ke3%2", "https://vtbehaviour.commondatastorage.googleapis.com/0d00f9e3bd2d68ab29ca325634e64182006281fa8412b55c2f32655e9848577b_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775054290&Signature=pNWm4zuJ3NbEVCyqNonX24f7L356W31m1h5Rr3fd00KFtbBsoY%2BkSSIxHXVjSbN5eYyi%2Fu%2BpIejFBnqr4K733N%2F3fh94YH0udfFvzHtfNK3SvAU8cUHJPIcF%2B5FDgup7gK3l%2FLGnr6CB2cnb7000ERnofAiVW0p4JNgARs7UctQHOKy%2BopXQmXdsG7VCDYYbYikN3uRzqRwv0kCuiEatO3IO4vH%2BRQoLuKFdo6rZS1rjlf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1571", "name": "Non-Standard Port", "display_name": "T1571 - Non-Standard Port" }, { "id": "T1573", "name": "Encrypted Channel", "display_name": "T1573 - Encrypted Channel" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 161, "hostname": 89, "FileHash-MD5": 1, "FileHash-SHA1": 1, "FileHash-SHA256": 1, "IPv4": 44, "domain": 3 }, "indicator_count": 300, "is_author": false, "is_subscribing": null, "subscriber_count": 48, "modified_text": "19 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "66246ff49ed29ea9bb2bf122", "name": "S\u0105d Rejonowy w Jeleniej Gorze POLAND", "description": "Przechowywania lub dost\u0119pu do plik\u00f3w cookies w Twojej przegl\u0105darce\nhttps://www.virustotal.com/gui/domain/jelenia-gora.sr.gov.pl/relations", "modified": "2025-05-14T21:18:36.989000", "created": "2024-04-21T01:46:28.554000", "tags": [ "jeleniej grze", "aktualnoci", "informacje", "jednostka", "rejonowy", "konkurs", "najczciej", "sd rejonowy", "przejd", "czytaj", "click", "sdzia jarosaw", "wydziau", "sdzia grzegorz", "katarzyna", "rudnicka dane", "kontaktowe sd", "jelenia gra", "mickiewicza", "zawarto", "html", "nazwa meta", "robotw", "telefon", "brak", "skala", "ua zgodna", "head body", "zasb", "cname", "kod odpowiedzi", "kodowanie treci", "wygasa", "gmt serwer", "pragma", "kontrola pamici", "podrcznej", "data", "gmt kontrola", "dostpuzezwl na", "czytaj wicej", "sd okrgowy", "jednostki", "okrgowy", "ogoszenia", "sha256", "vhash", "ssdeep", "https odcisk", "palca jarma", "https dane", "v3 numer", "odcisk palca", "tworzy katalog", "tworzy pliki", "typ pliku", "json", "ascii", "windows", "sqlite", "foxpro fpt", "links typ", "mapa", "152 x", "sqlite w", "sha1", "sha512", "file size", "b file", "testing", "komornik sdowy", "sdzie rejonowym", "tomasz rodacki", "obwieszczenie", "komornicze", "tumacza migam", "tumacz czynny", "zamknite", "wiadczenia", "schedule", "error", "javascript", "bakers hall", "ixaction", "script", "ixchatlauncher", "compatibility", "com dla", "t1055 pewno", "unikanie obrony", "t1036 maskarada", "t1082 pewno", "informacje o", "nazwa pliku", "dokument pdf", "rozmiar pliku", "zapowied", "type", "iii dbt", "utf8", "dziennik" ], "references": [ "S?d Rejonowy w Jeleniej G\u00f3rze.htm", "II Wydzia? Karny - S?d Rejonowy w Jeleniej G\u00f3rze 1.htm", "http://www.jelenia-gora.so.gov.pl/", "https://www.jelenia-gora.so.gov.pl/", "http://www.jelenia-gora.sr.gov.pl/ogloszenia-komornicze", "https://tlumacz.migam.org/sad_rejonowy_jelenia_gora", "https://www.jelenia-gora.sr.gov.pl/spacer", "https://waf.intelix.pl/957476/Chat/Script/Compatibility" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "", "display_name": "", "target": null }, { "id": "serwer", "display_name": "serwer", "target": null } ], "attack_ids": [ { "id": "T1036", "name": "Masquerading", "display_name": "T1036 - Masquerading" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" }, { "id": "T1553", "name": "Subvert Trust Controls", "display_name": "T1553 - Subvert Trust Controls" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 24, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "email": 71, "domain": 7651, "hostname": 7680, "IPv4": 331, "FileHash-SHA256": 16168, "URL": 10399, "FileHash-MD5": 3639, "FileHash-SHA1": 3468, "CIDR": 4, "CVE": 89, "YARA": 521, "SSLCertFingerprint": 25, "JA3": 1, "IPv6": 5813 }, "indicator_count": 55860, "is_author": false, "is_subscribing": null, "subscriber_count": 141, "modified_text": "341 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/0d00f9e3bd2d68ab29ca325634e64182006281fa8412b55c2f32655e9848577b_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775054228&Signature=r5virEXGjsBOF3mEo%2BicxO1PS%2Bs3UkQ%2Bdi%2BxbmOXbllhiqeb5X1KAgTqfWbbP4CahjSIU%2FsXAx1G1hCRKA39zGyvuP%2BlU%2FjyEg%2F7c%2FdZVBnnnkgdzY5j19osgH9P469%2BGRtxwL160VAROsFluRzdggCVRYvcIMfs07qEuU94FMAglR3OwggkH82SM0Pihxeq64d2mEKzqeBDEYFu2q7Et%2BQWen2YIdhUHA2YLhP9rc3ke3%2", "S?d Rejonowy w Jeleniej G\u00f3rze.htm", "https://waf.intelix.pl/957476/Chat/Script/Compatibility", "https://tlumacz.migam.org/sad_rejonowy_jelenia_gora", "II Wydzia? Karny - S?d Rejonowy w Jeleniej G\u00f3rze 1.htm", "https://www.jelenia-gora.sr.gov.pl/spacer", "https://vtbehaviour.commondatastorage.googleapis.com/0d00f9e3bd2d68ab29ca325634e64182006281fa8412b55c2f32655e9848577b_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775054290&Signature=pNWm4zuJ3NbEVCyqNonX24f7L356W31m1h5Rr3fd00KFtbBsoY%2BkSSIxHXVjSbN5eYyi%2Fu%2BpIejFBnqr4K733N%2F3fh94YH0udfFvzHtfNK3SvAU8cUHJPIcF%2B5FDgup7gK3l%2FLGnr6CB2cnb7000ERnofAiVW0p4JNgARs7UctQHOKy%2BopXQmXdsG7VCDYYbYikN3uRzqRwv0kCuiEatO3IO4vH%2BRQoLuKFdo6rZS1rjlf", "http://www.jelenia-gora.sr.gov.pl/ogloszenia-komornicze", "http://www.jelenia-gora.so.gov.pl/", "https://www.jelenia-gora.so.gov.pl/" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [], "malware_families": [ "", "Serwer" ], "industries": [], "unique_indicators": 48257 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/tiktok.com", "whois": "http://whois.domaintools.com/tiktok.com", "domain": "tiktok.com", "hostname": "www.tiktok.com" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 3, "pulses": [ { "id": "69cd2d25ce5465066880b306", "name": "VirusTotal report\n for index.html", "description": "540cebc26f3837a40ab7286955cd0d98\n6f54c2880e9a9458548feff2a15dff359340ca47\n0d00f9e3bd2d68ab29ca325634e64182006281fa8412b55c2f32655e9848577b\nf8cad1e437f98bd3e9425cb2f58d0d94\n1536:/Zr2xDgpbPAlKq6i1Lbe0DZ+4XdpuuRlJsRG6a2Q/0DdQAghkwRExbvcQcF7BTLJ:gDgplc3Mk5\nT1FB9322B3438C1C3A46428395266C778D537FCE77C9A1A0D3B2BB8A1C6FC29915B1DC69\nHTML \ninternet\nhtml\nHTML document, Unicode text, UTF-8 text, with very long lines (4054u)\nfile seems to be plain text/ASCII (0%)\n86.83 KB (88910 bytes) verizon hanoverhttps://media.evolv.ai/asset-manager/releases/latest/webloader.min.js\ntext/javascript\nb02d16aa80", "modified": "2026-04-01T14:39:19.585000", "created": "2026-04-01T14:35:17.426000", "tags": [ "performs dns", "urls", "united", "https", "mitre attack", "network info", "processes extra", "meta", "found", "html page", "phishing", "next", "script", "hanover", "washington st", "cdata", "index", "follow", "open", "massachusetts", "r00000257559", "wireless", "title", "direct", "friday" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/0d00f9e3bd2d68ab29ca325634e64182006281fa8412b55c2f32655e9848577b_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775054228&Signature=r5virEXGjsBOF3mEo%2BicxO1PS%2Bs3UkQ%2Bdi%2BxbmOXbllhiqeb5X1KAgTqfWbbP4CahjSIU%2FsXAx1G1hCRKA39zGyvuP%2BlU%2FjyEg%2F7c%2FdZVBnnnkgdzY5j19osgH9P469%2BGRtxwL160VAROsFluRzdggCVRYvcIMfs07qEuU94FMAglR3OwggkH82SM0Pihxeq64d2mEKzqeBDEYFu2q7Et%2BQWen2YIdhUHA2YLhP9rc3ke3%2", "https://vtbehaviour.commondatastorage.googleapis.com/0d00f9e3bd2d68ab29ca325634e64182006281fa8412b55c2f32655e9848577b_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775054290&Signature=pNWm4zuJ3NbEVCyqNonX24f7L356W31m1h5Rr3fd00KFtbBsoY%2BkSSIxHXVjSbN5eYyi%2Fu%2BpIejFBnqr4K733N%2F3fh94YH0udfFvzHtfNK3SvAU8cUHJPIcF%2B5FDgup7gK3l%2FLGnr6CB2cnb7000ERnofAiVW0p4JNgARs7UctQHOKy%2BopXQmXdsG7VCDYYbYikN3uRzqRwv0kCuiEatO3IO4vH%2BRQoLuKFdo6rZS1rjlf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1571", "name": "Non-Standard Port", "display_name": "T1571 - Non-Standard Port" }, { "id": "T1573", "name": "Encrypted Channel", "display_name": "T1573 - Encrypted Channel" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 169, "hostname": 95, "FileHash-MD5": 1, "FileHash-SHA1": 1, "FileHash-SHA256": 5, "IPv4": 44, "domain": 3 }, "indicator_count": 318, "is_author": false, "is_subscribing": null, "subscriber_count": 48, "modified_text": "19 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "69cd2d25ae4bbf9b7767b402", "name": "VirusTotal report\n for index.html", "description": "540cebc26f3837a40ab7286955cd0d98\n6f54c2880e9a9458548feff2a15dff359340ca47\n0d00f9e3bd2d68ab29ca325634e64182006281fa8412b55c2f32655e9848577b\nf8cad1e437f98bd3e9425cb2f58d0d94\n1536:/Zr2xDgpbPAlKq6i1Lbe0DZ+4XdpuuRlJsRG6a2Q/0DdQAghkwRExbvcQcF7BTLJ:gDgplc3Mk5\nT1FB9322B3438C1C3A46428395266C778D537FCE77C9A1A0D3B2BB8A1C6FC29915B1DC69\nHTML \ninternet\nhtml\nHTML document, Unicode text, UTF-8 text, with very long lines (4054u)\nfile seems to be plain text/ASCII (0%)\n86.83 KB (88910 bytes) verizon hanoverhttps://media.evolv.ai/asset-manager/releases/latest/webloader.min.js\ntext/javascript\nb02d16aa80", "modified": "2026-04-01T14:35:17.852000", "created": "2026-04-01T14:35:17.852000", "tags": [ "performs dns", "urls", "united", "https", "mitre attack", "network info", "processes extra", "meta", "found", "html page", "phishing", "next", "script", "hanover", "washington st", "cdata", "index", "follow", "open", "massachusetts", "r00000257559", "wireless", "title", "direct", "friday" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/0d00f9e3bd2d68ab29ca325634e64182006281fa8412b55c2f32655e9848577b_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775054228&Signature=r5virEXGjsBOF3mEo%2BicxO1PS%2Bs3UkQ%2Bdi%2BxbmOXbllhiqeb5X1KAgTqfWbbP4CahjSIU%2FsXAx1G1hCRKA39zGyvuP%2BlU%2FjyEg%2F7c%2FdZVBnnnkgdzY5j19osgH9P469%2BGRtxwL160VAROsFluRzdggCVRYvcIMfs07qEuU94FMAglR3OwggkH82SM0Pihxeq64d2mEKzqeBDEYFu2q7Et%2BQWen2YIdhUHA2YLhP9rc3ke3%2", "https://vtbehaviour.commondatastorage.googleapis.com/0d00f9e3bd2d68ab29ca325634e64182006281fa8412b55c2f32655e9848577b_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775054290&Signature=pNWm4zuJ3NbEVCyqNonX24f7L356W31m1h5Rr3fd00KFtbBsoY%2BkSSIxHXVjSbN5eYyi%2Fu%2BpIejFBnqr4K733N%2F3fh94YH0udfFvzHtfNK3SvAU8cUHJPIcF%2B5FDgup7gK3l%2FLGnr6CB2cnb7000ERnofAiVW0p4JNgARs7UctQHOKy%2BopXQmXdsG7VCDYYbYikN3uRzqRwv0kCuiEatO3IO4vH%2BRQoLuKFdo6rZS1rjlf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1571", "name": "Non-Standard Port", "display_name": "T1571 - Non-Standard Port" }, { "id": "T1573", "name": "Encrypted Channel", "display_name": "T1573 - Encrypted Channel" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 161, "hostname": 89, "FileHash-MD5": 1, "FileHash-SHA1": 1, "FileHash-SHA256": 1, "IPv4": 44, "domain": 3 }, "indicator_count": 300, "is_author": false, "is_subscribing": null, "subscriber_count": 48, "modified_text": "19 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "66246ff49ed29ea9bb2bf122", "name": "S\u0105d Rejonowy w Jeleniej Gorze POLAND", "description": "Przechowywania lub dost\u0119pu do plik\u00f3w cookies w Twojej przegl\u0105darce\nhttps://www.virustotal.com/gui/domain/jelenia-gora.sr.gov.pl/relations", "modified": "2025-05-14T21:18:36.989000", "created": "2024-04-21T01:46:28.554000", "tags": [ "jeleniej grze", "aktualnoci", "informacje", "jednostka", "rejonowy", "konkurs", "najczciej", "sd rejonowy", "przejd", "czytaj", "click", "sdzia jarosaw", "wydziau", "sdzia grzegorz", "katarzyna", "rudnicka dane", "kontaktowe sd", "jelenia gra", "mickiewicza", "zawarto", "html", "nazwa meta", "robotw", "telefon", "brak", "skala", "ua zgodna", "head body", "zasb", "cname", "kod odpowiedzi", "kodowanie treci", "wygasa", "gmt serwer", "pragma", "kontrola pamici", "podrcznej", "data", "gmt kontrola", "dostpuzezwl na", "czytaj wicej", "sd okrgowy", "jednostki", "okrgowy", "ogoszenia", "sha256", "vhash", "ssdeep", "https odcisk", "palca jarma", "https dane", "v3 numer", "odcisk palca", "tworzy katalog", "tworzy pliki", "typ pliku", "json", "ascii", "windows", "sqlite", "foxpro fpt", "links typ", "mapa", "152 x", "sqlite w", "sha1", "sha512", "file size", "b file", "testing", "komornik sdowy", "sdzie rejonowym", "tomasz rodacki", "obwieszczenie", "komornicze", "tumacza migam", "tumacz czynny", "zamknite", "wiadczenia", "schedule", "error", "javascript", "bakers hall", "ixaction", "script", "ixchatlauncher", "compatibility", "com dla", "t1055 pewno", "unikanie obrony", "t1036 maskarada", "t1082 pewno", "informacje o", "nazwa pliku", "dokument pdf", "rozmiar pliku", "zapowied", "type", "iii dbt", "utf8", "dziennik" ], "references": [ "S?d Rejonowy w Jeleniej G\u00f3rze.htm", "II Wydzia? Karny - S?d Rejonowy w Jeleniej G\u00f3rze 1.htm", "http://www.jelenia-gora.so.gov.pl/", "https://www.jelenia-gora.so.gov.pl/", "http://www.jelenia-gora.sr.gov.pl/ogloszenia-komornicze", "https://tlumacz.migam.org/sad_rejonowy_jelenia_gora", "https://www.jelenia-gora.sr.gov.pl/spacer", "https://waf.intelix.pl/957476/Chat/Script/Compatibility" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "", "display_name": "", "target": null }, { "id": "serwer", "display_name": "serwer", "target": null } ], "attack_ids": [ { "id": "T1036", "name": "Masquerading", "display_name": "T1036 - Masquerading" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" }, { "id": "T1553", "name": "Subvert Trust Controls", "display_name": "T1553 - Subvert Trust Controls" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 24, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "email": 71, "domain": 7651, "hostname": 7680, "IPv4": 331, "FileHash-SHA256": 16168, "URL": 10399, "FileHash-MD5": 3639, "FileHash-SHA1": 3468, "CIDR": 4, "CVE": 89, "YARA": 521, "SSLCertFingerprint": 25, "JA3": 1, "IPv6": 5813 }, "indicator_count": 55860, "is_author": false, "is_subscribing": null, "subscriber_count": 141, "modified_text": "341 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://www.tiktok.com/", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://www.tiktok.com/", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1776724344.4338682 }