{ "type": "Domain", "indicator": "orphicsecurityteam.com", "general": { "sections": [ "general", "geo", "url_list", "passive_dns", "malware", "whois", "http_scans" ], "whois": "http://whois.domaintools.com/orphicsecurityteam.com", "alexa": "http://www.alexa.com/siteinfo/orphicsecurityteam.com", "indicator": "orphicsecurityteam.com", "type": "domain", "type_title": "Domain", "validation": [], "base_indicator": { "id": 3601904747, "indicator": "orphicsecurityteam.com", "type": "domain", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 7, "pulses": [ { "id": "6570959fb2297900eabc7fc9", "name": "dns.google - 8.8.8.8 - oh how google is not in control of their DNS", "description": "", "modified": "2023-12-06T15:39:11.260000", "created": "2023-12-06T15:39:11.260000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 756, "FileHash-MD5": 14, "FileHash-SHA1": 14, "domain": 224, "URL": 598, "hostname": 222 }, "indicator_count": 1828, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "910 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65709525ebd226605132f7bd", "name": "oh my doom server - www.thumpertalk.com", "description": "", "modified": "2023-12-06T15:37:09.014000", "created": "2023-12-06T15:37:09.014000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 2, "FileHash-SHA256": 669, "domain": 583, "hostname": 946, "URL": 2598, "FileHash-MD5": 12, "FileHash-SHA1": 12 }, "indicator_count": 4822, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "910 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "63a857bf585af25350972d0c", "name": "dns.google - 8.8.8.8 - oh how google is not in control of their DNS", "description": "", "modified": "2023-01-24T12:00:24.101000", "created": "2022-12-25T14:01:35.401000", "tags": [ "vb.cu", "dns.google", "no.ip", "gvt1.com", "whitelisted ip's = big problems when DNS is controlled by threat" ], "references": [ "Chrstmas morning when you cant even look at your kids" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "nUFS_svfohigh", "display_name": "nUFS_svfohigh", "target": null }, { "id": "nUFS_7z", "display_name": "nUFS_7z", "target": null }, { "id": "KnownMaliciousObfuscation", "display_name": "KnownMaliciousObfuscation", "target": null }, { "id": "ConventionEngine_Term_Users", "display_name": "ConventionEngine_Term_Users", "target": null }, { "id": "Virus:Win32/Neverdie", "display_name": "Virus:Win32/Neverdie", "target": "/malware/Virus:Win32/Neverdie" }, { "id": "Virus:Win32/Nabucur", "display_name": "Virus:Win32/Nabucur", "target": "/malware/Virus:Win32/Nabucur" }, { "id": "APT Ransomware v.2", "display_name": "APT Ransomware v.2", "target": null } ], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 31, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "callmeDoris", "id": "205385", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 224, "URL": 598, "hostname": 222, "FileHash-SHA256": 756, "FileHash-MD5": 14, "FileHash-SHA1": 14 }, "indicator_count": 1828, "is_author": false, "is_subscribing": null, "subscriber_count": 93, "modified_text": "1226 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "63a01d5249897d1ce5fcc4c1", "name": "Threat Intel Report - W52-2022.pdf", "description": "This is a cyber-advisory document, presenting the compiled cyber threat intelligence sourced from various channels and tools.\nThese are weekly base recommendations to all IT Administrators and CISOs to take corrective actions to upgrade their security infrastructure against newly identified threats and attacks in this week.\nSecurity is a continuous process, and it has to be reviewed and audited on a continuous manner through manual or automated tools.\nThese details may be used as an additional layer to verify the current security posture of an organization against latest cyber trends.", "modified": "2023-01-18T08:00:04.374000", "created": "2022-12-19T08:14:10.713000", "tags": [ "united" ], "references": [ "https://myip.ms/browse/blacklist/Blacklist_IP_Blacklist_IP_Addresses_Live_Database_ Real-time", "https://www.dnsbl.info/", "https://www.spamhaus.org/xbl/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 19, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "aa00643640@techmahindra.com", "id": "156540", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 46, "domain": 106, "hostname": 53, "CVE": 2, "FileHash-MD5": 7, "FileHash-SHA1": 7, "FileHash-SHA256": 12 }, "indicator_count": 233, "is_author": false, "is_subscribing": null, "subscriber_count": 107, "modified_text": "1232 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "63a01d55919d8c212243d1b3", "name": "Threat Intel Report - W52-2022.pdf", "description": "This is a cyber-advisory document, presenting the compiled cyber threat intelligence sourced from various channels and tools.\nThese are weekly base recommendations to all IT Administrators and CISOs to take corrective actions to upgrade their security infrastructure against newly identified threats and attacks in this week.\nSecurity is a continuous process, and it has to be reviewed and audited on a continuous manner through manual or automated tools.\nThese details may be used as an additional layer to verify the current security posture of an organization against latest cyber trends.", "modified": "2023-01-18T08:00:04.374000", "created": "2022-12-19T08:14:13.536000", "tags": [ "united" ], "references": [ "https://myip.ms/browse/blacklist/Blacklist_IP_Blacklist_IP_Addresses_Live_Database_ Real-time", "https://www.dnsbl.info/", "https://www.spamhaus.org/xbl/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 19, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "aa00643640@techmahindra.com", "id": "156540", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 46, "domain": 106, "hostname": 53, "CVE": 2, "FileHash-MD5": 7, "FileHash-SHA1": 7, "FileHash-SHA256": 12 }, "indicator_count": 233, "is_author": false, "is_subscribing": null, "subscriber_count": 107, "modified_text": "1232 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "639b6c20f219ec9a2c093f48", "name": "oh my doom server - www.thumpertalk.com", "description": "otx crashed on i think the 34. aws ip's i suspect some data is missing\nThis is only one forum post url collection", "modified": "2023-01-14T17:04:27.799000", "created": "2022-12-15T18:49:04.393000", "tags": [ "bounce bmx", "facebook", "bounce", "strong", "create new", "loading", "account", "account bounce", "liked home", "photos videos", "twitter", "bts gy200", "panther", "value", "written", "good points", "extra", "bad points", "no centre", "general", "ebay", "akuma assassin", "pure rush", "x pit", "dirt bike", "stomps juicebox", "pit bikes", "quads", "fastace", "mikuni", "karma", "post subject", "back", "lexmoto", "please", "chat forums", "dab0b", "dab0b l", "plate warrior", "paddy", "ninja", "cool", "phpbb", "l plate", "warrior", "rogerborg", "rogerborg nimba", "biking", "lf250b", "burgman", "register board", "welcome", "c90 club", "skip", "quick", "faq login", "username", "remember", "hide", "register", "august", "share", "link", "kdxgarage", "kawasaki", "sign", "dub250", "ride my", "ride share", "find", "Win32:Unruy-AA\\ [Trj]", "Win.Trojan.Unruy-277", "64.190.63.111", "\"http://www.mypurerush.com/images/product/large/EG06%20exhaust%2" ], "references": [ "0002cb9cd8707906e51cdfae7c3c47234cd2617a0b8145e63c29e74e8b6dc824", "bouncebmx.html - Bounce BMX is a Facebook page where you can find out more about the sport and the people who run the page and share the content on the social network, and also about how it", "901852-loose-pipe-and-exhaust-leak.html", "http://basemaps.cartocdn.com/dark_all/%7Bz%7D/%7Bx%7D/%7By%7D.png - URL http://basemaps.cartocdn.com/light_all/%7Bz%7D/%7Bx%7D/%7By%7D.png cartocdn.com: domain", "viewtopic.php 2.html", "viewtopic.php 3.html", "4518053040.html", "You must be logged in to rate posts on the Lexmoto forum - here is the full list of posts, which can now be viewed at \u00c2\u00a320,000 or more, if you want to join the", "review185998.html", "www.mypurerush.com.html", "Mypurerush.com is a website that promotes and promotes the use of a specific product, product or service on a different website, but does not endorse any of its products or services.", "jermaine-carlyle-stratton-15278012.html", "\"http://www.mypurerush.com/images/product/large/EG06%20exhaust%20gasket%20pit%20bike%20spare%20part.jpg", "www.thumpertalk.com" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Win32:Unruy-AA\\ [Trj]", "display_name": "Win32:Unruy-AA\\ [Trj]", "target": null }, { "id": "Win.Trojan.Unruy-277", "display_name": "Win.Trojan.Unruy-277", "target": null } ], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 15, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "callmeDoris", "id": "205385", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 946, "URL": 2598, "domain": 583, "FileHash-SHA256": 669, "CVE": 2, "FileHash-MD5": 12, "FileHash-SHA1": 12 }, "indicator_count": 4822, "is_author": false, "is_subscribing": null, "subscriber_count": 91, "modified_text": "1236 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "639b205dee198331ab0410f9", "name": "Six Charged in Mass Takedown of DDoS-for-Hire Sites -Krebs on Security", "description": "", "modified": "2022-12-15T13:25:49.771000", "created": "2022-12-15T13:25:49.771000", "tags": [ "ddos", "cfaa", "ddosforhire", "los angeles", "dobbs", "ipstresser", "booter", "miller", "computer fraud", "abuse act", "service", "john", "february" ], "references": [ "https://krebsonsecurity.com/2022/12/six-charged-in-mass-takedown-of-ddos-for-hire-sites/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 14, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunter_NL", "id": "171283", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_171283/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 1, "domain": 45 }, "indicator_count": 46, "is_author": false, "is_subscribing": null, "subscriber_count": 862, "modified_text": "1266 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "references": [ "https://www.spamhaus.org/xbl/", "viewtopic.php 3.html", "review185998.html", "https://www.dnsbl.info/", "www.mypurerush.com.html", "0002cb9cd8707906e51cdfae7c3c47234cd2617a0b8145e63c29e74e8b6dc824", "You must be logged in to rate posts on the Lexmoto forum - here is the full list of posts, which can now be viewed at \u00c2\u00a320,000 or more, if you want to join the", "bouncebmx.html - Bounce BMX is a Facebook page where you can find out more about the sport and the people who run the page and share the content on the social network, and also about how it", "Mypurerush.com is a website that promotes and promotes the use of a specific product, product or service on a different website, but does not endorse any of its products or services.", "https://krebsonsecurity.com/2022/12/six-charged-in-mass-takedown-of-ddos-for-hire-sites/", "www.thumpertalk.com", "https://myip.ms/browse/blacklist/Blacklist_IP_Blacklist_IP_Addresses_Live_Database_ Real-time", "\"http://www.mypurerush.com/images/product/large/EG06%20exhaust%20gasket%20pit%20bike%20spare%20part.jpg", "4518053040.html", "http://basemaps.cartocdn.com/dark_all/%7Bz%7D/%7Bx%7D/%7By%7D.png - URL http://basemaps.cartocdn.com/light_all/%7Bz%7D/%7Bx%7D/%7By%7D.png cartocdn.com: domain", "Chrstmas morning when you cant even look at your kids", "901852-loose-pipe-and-exhaust-leak.html", "viewtopic.php 2.html", "jermaine-carlyle-stratton-15278012.html" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [] }, "other": { "adversary": [], "malware_families": [ "Win32:unruy-aa\\ [trj]", "Win.trojan.unruy-277", "Nufs_svfohigh", "Conventionengine_term_users", "Knownmaliciousobfuscation", "Virus:win32/neverdie", "Virus:win32/nabucur", "Nufs_7z", "Apt ransomware v.2" ], "industries": [] } } }, "false_positive": [] }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 7, "pulses": [ { "id": "6570959fb2297900eabc7fc9", "name": "dns.google - 8.8.8.8 - oh how google is not in control of their DNS", "description": "", "modified": "2023-12-06T15:39:11.260000", "created": "2023-12-06T15:39:11.260000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 756, "FileHash-MD5": 14, "FileHash-SHA1": 14, "domain": 224, "URL": 598, "hostname": 222 }, "indicator_count": 1828, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "910 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65709525ebd226605132f7bd", "name": "oh my doom server - www.thumpertalk.com", "description": "", "modified": "2023-12-06T15:37:09.014000", "created": "2023-12-06T15:37:09.014000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 2, "FileHash-SHA256": 669, "domain": 583, "hostname": 946, "URL": 2598, "FileHash-MD5": 12, "FileHash-SHA1": 12 }, "indicator_count": 4822, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "910 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "63a857bf585af25350972d0c", "name": "dns.google - 8.8.8.8 - oh how google is not in control of their DNS", "description": "", "modified": "2023-01-24T12:00:24.101000", "created": "2022-12-25T14:01:35.401000", "tags": [ "vb.cu", "dns.google", "no.ip", "gvt1.com", "whitelisted ip's = big problems when DNS is controlled by threat" ], "references": [ "Chrstmas morning when you cant even look at your kids" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "nUFS_svfohigh", "display_name": "nUFS_svfohigh", "target": null }, { "id": "nUFS_7z", "display_name": "nUFS_7z", "target": null }, { "id": "KnownMaliciousObfuscation", "display_name": "KnownMaliciousObfuscation", "target": null }, { "id": "ConventionEngine_Term_Users", "display_name": "ConventionEngine_Term_Users", "target": null }, { "id": "Virus:Win32/Neverdie", "display_name": "Virus:Win32/Neverdie", "target": "/malware/Virus:Win32/Neverdie" }, { "id": "Virus:Win32/Nabucur", "display_name": "Virus:Win32/Nabucur", "target": "/malware/Virus:Win32/Nabucur" }, { "id": "APT Ransomware v.2", "display_name": "APT Ransomware v.2", "target": null } ], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 31, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "callmeDoris", "id": "205385", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 224, "URL": 598, "hostname": 222, "FileHash-SHA256": 756, "FileHash-MD5": 14, "FileHash-SHA1": 14 }, "indicator_count": 1828, "is_author": false, "is_subscribing": null, "subscriber_count": 93, "modified_text": "1226 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "63a01d5249897d1ce5fcc4c1", "name": "Threat Intel Report - W52-2022.pdf", "description": "This is a cyber-advisory document, presenting the compiled cyber threat intelligence sourced from various channels and tools.\nThese are weekly base recommendations to all IT Administrators and CISOs to take corrective actions to upgrade their security infrastructure against newly identified threats and attacks in this week.\nSecurity is a continuous process, and it has to be reviewed and audited on a continuous manner through manual or automated tools.\nThese details may be used as an additional layer to verify the current security posture of an organization against latest cyber trends.", "modified": "2023-01-18T08:00:04.374000", "created": "2022-12-19T08:14:10.713000", "tags": [ "united" ], "references": [ "https://myip.ms/browse/blacklist/Blacklist_IP_Blacklist_IP_Addresses_Live_Database_ Real-time", "https://www.dnsbl.info/", "https://www.spamhaus.org/xbl/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 19, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "aa00643640@techmahindra.com", "id": "156540", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 46, "domain": 106, "hostname": 53, "CVE": 2, "FileHash-MD5": 7, "FileHash-SHA1": 7, "FileHash-SHA256": 12 }, "indicator_count": 233, "is_author": false, "is_subscribing": null, "subscriber_count": 107, "modified_text": "1232 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "63a01d55919d8c212243d1b3", "name": "Threat Intel Report - W52-2022.pdf", "description": "This is a cyber-advisory document, presenting the compiled cyber threat intelligence sourced from various channels and tools.\nThese are weekly base recommendations to all IT Administrators and CISOs to take corrective actions to upgrade their security infrastructure against newly identified threats and attacks in this week.\nSecurity is a continuous process, and it has to be reviewed and audited on a continuous manner through manual or automated tools.\nThese details may be used as an additional layer to verify the current security posture of an organization against latest cyber trends.", "modified": "2023-01-18T08:00:04.374000", "created": "2022-12-19T08:14:13.536000", "tags": [ "united" ], "references": [ "https://myip.ms/browse/blacklist/Blacklist_IP_Blacklist_IP_Addresses_Live_Database_ Real-time", "https://www.dnsbl.info/", "https://www.spamhaus.org/xbl/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 19, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "aa00643640@techmahindra.com", "id": "156540", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 46, "domain": 106, "hostname": 53, "CVE": 2, "FileHash-MD5": 7, "FileHash-SHA1": 7, "FileHash-SHA256": 12 }, "indicator_count": 233, "is_author": false, "is_subscribing": null, "subscriber_count": 107, "modified_text": "1232 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "639b6c20f219ec9a2c093f48", "name": "oh my doom server - www.thumpertalk.com", "description": "otx crashed on i think the 34. aws ip's i suspect some data is missing\nThis is only one forum post url collection", "modified": "2023-01-14T17:04:27.799000", "created": "2022-12-15T18:49:04.393000", "tags": [ "bounce bmx", "facebook", "bounce", "strong", "create new", "loading", "account", "account bounce", "liked home", "photos videos", "twitter", "bts gy200", "panther", "value", "written", "good points", "extra", "bad points", "no centre", "general", "ebay", "akuma assassin", "pure rush", "x pit", "dirt bike", "stomps juicebox", "pit bikes", "quads", "fastace", "mikuni", "karma", "post subject", "back", "lexmoto", "please", "chat forums", "dab0b", "dab0b l", "plate warrior", "paddy", "ninja", "cool", "phpbb", "l plate", "warrior", "rogerborg", "rogerborg nimba", "biking", "lf250b", "burgman", "register board", "welcome", "c90 club", "skip", "quick", "faq login", "username", "remember", "hide", "register", "august", "share", "link", "kdxgarage", "kawasaki", "sign", "dub250", "ride my", "ride share", "find", "Win32:Unruy-AA\\ [Trj]", "Win.Trojan.Unruy-277", "64.190.63.111", "\"http://www.mypurerush.com/images/product/large/EG06%20exhaust%2" ], "references": [ "0002cb9cd8707906e51cdfae7c3c47234cd2617a0b8145e63c29e74e8b6dc824", "bouncebmx.html - Bounce BMX is a Facebook page where you can find out more about the sport and the people who run the page and share the content on the social network, and also about how it", "901852-loose-pipe-and-exhaust-leak.html", "http://basemaps.cartocdn.com/dark_all/%7Bz%7D/%7Bx%7D/%7By%7D.png - URL http://basemaps.cartocdn.com/light_all/%7Bz%7D/%7Bx%7D/%7By%7D.png cartocdn.com: domain", "viewtopic.php 2.html", "viewtopic.php 3.html", "4518053040.html", "You must be logged in to rate posts on the Lexmoto forum - here is the full list of posts, which can now be viewed at \u00c2\u00a320,000 or more, if you want to join the", "review185998.html", "www.mypurerush.com.html", "Mypurerush.com is a website that promotes and promotes the use of a specific product, product or service on a different website, but does not endorse any of its products or services.", "jermaine-carlyle-stratton-15278012.html", "\"http://www.mypurerush.com/images/product/large/EG06%20exhaust%20gasket%20pit%20bike%20spare%20part.jpg", "www.thumpertalk.com" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Win32:Unruy-AA\\ [Trj]", "display_name": "Win32:Unruy-AA\\ [Trj]", "target": null }, { "id": "Win.Trojan.Unruy-277", "display_name": "Win.Trojan.Unruy-277", "target": null } ], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 15, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "callmeDoris", "id": "205385", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 946, "URL": 2598, "domain": 583, "FileHash-SHA256": 669, "CVE": 2, "FileHash-MD5": 12, "FileHash-SHA1": 12 }, "indicator_count": 4822, "is_author": false, "is_subscribing": null, "subscriber_count": 91, "modified_text": "1236 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "639b205dee198331ab0410f9", "name": "Six Charged in Mass Takedown of DDoS-for-Hire Sites -Krebs on Security", "description": "", "modified": "2022-12-15T13:25:49.771000", "created": "2022-12-15T13:25:49.771000", "tags": [ "ddos", "cfaa", "ddosforhire", "los angeles", "dobbs", "ipstresser", "booter", "miller", "computer fraud", "abuse act", "service", "john", "february" ], "references": [ "https://krebsonsecurity.com/2022/12/six-charged-in-mass-takedown-of-ddos-for-hire-sites/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 14, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunter_NL", "id": "171283", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_171283/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 1, "domain": 45 }, "indicator_count": 46, "is_author": false, "is_subscribing": null, "subscriber_count": 862, "modified_text": "1266 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "orphicsecurityteam.com", "type": "Domain" }, "abuseipdb": null, "urlhaus": { "indicator": "orphicsecurityteam.com", "found": false, "verdict": "clean", "urls": [], "error": null }, "from_cache": true, "_cached_at": 1780526076.8980732 }