{ "type": "Domain", "indicator": "securemail-ssl.com", "general": { "sections": [ "general", "geo", "url_list", "passive_dns", "malware", "whois", "http_scans" ], "whois": "http://whois.domaintools.com/securemail-ssl.com", "alexa": "http://www.alexa.com/siteinfo/securemail-ssl.com", "indicator": "securemail-ssl.com", "type": "domain", "type_title": "Domain", "validation": [], "base_indicator": { "id": 2117118461, "indicator": "securemail-ssl.com", "type": "domain", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 1, "pulses": [ { "id": "5d135b851e416718559d8ffa", "name": "Gift Cardsharks", "description": "Investigative journalist Brian Krebs first reported the attack on his website\n\u201cKrebs on Security,\u201d which explained how Wipro\u2019s IT systems were\ncompromised and used to attack the company's customers. After contacting\nWipro, Krebs followed up on his article by publishing updates on the\nbreach. While Wipro was generally close-lipped on the incident, some of the\nvictims breached through Wipro spoke with him and provided Indicators of\nCompromise (IOCs) they uncovered. Krebs proceeded to publish this small set\nof IOCs on his website", "modified": "2019-06-26T11:48:20.862000", "created": "2019-06-26T11:48:20.862000", "tags": [], "references": [ "https://www.riskiq.com/gift-cardsharks-iocs/", "https://cdn.riskiq.com/wp-content/uploads/2019/06/Gift-Cardsharks-Intelligence-Report-2019-RiskIQ.pdf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 45, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "AlienVault", "id": "2", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_2/resized/80/avatar_dacfad0ca8.png", "is_subscribed": true, "is_following": false }, "indicator_type_counts": { "URL": 90, "domain": 27, "hostname": 256, "FileHash-MD5": 7, "FileHash-SHA1": 9 }, "indicator_count": 389, "is_author": false, "is_subscribing": null, "subscriber_count": 386552, "modified_text": "2530 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "references": [ "https://cdn.riskiq.com/wp-content/uploads/2019/06/Gift-Cardsharks-Intelligence-Report-2019-RiskIQ.pdf", "https://www.riskiq.com/gift-cardsharks-iocs/" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [] }, "other": { "adversary": [], "malware_families": [], "industries": [] } } }, "false_positive": [] }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 1, "pulses": [ { "id": "5d135b851e416718559d8ffa", "name": "Gift Cardsharks", "description": "Investigative journalist Brian Krebs first reported the attack on his website\n\u201cKrebs on Security,\u201d which explained how Wipro\u2019s IT systems were\ncompromised and used to attack the company's customers. After contacting\nWipro, Krebs followed up on his article by publishing updates on the\nbreach. While Wipro was generally close-lipped on the incident, some of the\nvictims breached through Wipro spoke with him and provided Indicators of\nCompromise (IOCs) they uncovered. Krebs proceeded to publish this small set\nof IOCs on his website", "modified": "2019-06-26T11:48:20.862000", "created": "2019-06-26T11:48:20.862000", "tags": [], "references": [ "https://www.riskiq.com/gift-cardsharks-iocs/", "https://cdn.riskiq.com/wp-content/uploads/2019/06/Gift-Cardsharks-Intelligence-Report-2019-RiskIQ.pdf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 45, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "AlienVault", "id": "2", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_2/resized/80/avatar_dacfad0ca8.png", "is_subscribed": true, "is_following": false }, "indicator_type_counts": { "URL": 90, "domain": 27, "hostname": 256, "FileHash-MD5": 7, "FileHash-SHA1": 9 }, "indicator_count": 389, "is_author": false, "is_subscribing": null, "subscriber_count": 386552, "modified_text": "2530 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "securemail-ssl.com", "type": "Domain" }, "abuseipdb": null, "urlhaus": { "indicator": "securemail-ssl.com", "found": false, "verdict": "clean", "urls": [], "error": null }, "from_cache": true, "_cached_at": 1780226071.0723352 }