{ "type": "Domain", "indicator": "tmgstatic.com", "general": { "sections": [ "general", "geo", "url_list", "passive_dns", "malware", "whois", "http_scans" ], "whois": "http://whois.domaintools.com/tmgstatic.com", "alexa": "http://www.alexa.com/siteinfo/tmgstatic.com", "indicator": "tmgstatic.com", "type": "domain", "type_title": "Domain", "validation": [], "base_indicator": { "id": 4212566475, "indicator": "tmgstatic.com", "type": "domain", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 6, "pulses": [ { "id": "6994616c344268c9e9708b53", "name": "The tablet conqueror and the links between major Android botnets", "description": "A new Android backdoor called Keenadu has been discovered embedded in the firmware of several tablet brands. It infects the libandroid_runtime.so library during firmware building, injecting itself into every app launched on the device. Keenadu provides attackers unrestricted control over victims' devices, primarily for ad fraud purposes. The investigation revealed connections between Keenadu and other major Android botnets like Triada, BADBOX, and Vo1d. The malware was found in system apps, Google Play apps, and modified versions of popular apps. Over 13,000 users worldwide have been affected, with Russia, Japan, Germany, Brazil and the Netherlands seeing the highest number of infections.", "modified": "2026-02-17T15:58:38.735000", "created": "2026-02-17T12:39:08.238000", "tags": [ "badbox", "firmware", "keenadu", "android", "nova", "vo1d", "botnets", "ad fraud", "supply chain attack", "backdoor", "triada" ], "references": [ "https://securelist.com/keenadu-android-backdoor/118913/" ], "public": 1, "adversary": "Keenadu", "targeted_countries": [], "malware_families": [ { "id": "Keenadu", "display_name": "Keenadu", "target": null }, { "id": "Triada", "display_name": "Triada", "target": null }, { "id": "BADBOX", "display_name": "BADBOX", "target": null }, { "id": "Vo1d", "display_name": "Vo1d", "target": null }, { "id": "SUPERNOVA - S0578", "display_name": "SUPERNOVA - S0578", "target": null } ], "attack_ids": [ { "id": "T1056.001", "name": "Keylogging", "display_name": "T1056.001 - Keylogging" }, { "id": "T1542.003", "name": "Bootkit", "display_name": "T1542.003 - Bootkit" }, { "id": "T1059.004", "name": "Unix Shell", "display_name": "T1059.004 - Unix Shell" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 25, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "AlienVault", "id": "2", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_2/resized/80/avatar_dacfad0ca8.png", "is_subscribed": true, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 84, "FileHash-SHA1": 5, "FileHash-SHA256": 5, "URL": 1, "domain": 10, "hostname": 3 }, "indicator_count": 108, "is_author": false, "is_subscribing": null, "subscriber_count": 386958, "modified_text": "105 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "699c70c5de80512e1628bfaf", "name": "Keenadu Android Backdoor Embedded in Firmware Enables Full Device Compromise", "description": "Facebook, Twitter, Facebook, Instagram, Snapchat and other sites are all open to comment on the latest developments from the world's largest social media platforms, as well as those of their own..", "modified": "2026-03-25T15:04:14.473000", "created": "2026-02-23T15:22:45.963000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Cherryid", "id": "383941", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 41, "FileHash-SHA1": 41, "FileHash-SHA256": 41, "domain": 18 }, "indicator_count": 141, "is_author": false, "is_subscribing": null, "subscriber_count": 20, "modified_text": "69 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6997fce17ae6ac720fec14c5", "name": "Divide and conquer: how the new Keenadu backdoor exposed links between major Android botnets", "description": "Malicious software infected with the Keenadu operating system can be detected by analysing the code's code, as well as the software itself, in order to use it to run its own software.", "modified": "2026-03-22T06:07:27.526000", "created": "2026-02-20T06:19:13.198000", "tags": [ "keenadu", "applications", "nova clicker", "payload cdn" ], "references": [ "https://securelist.com/keenadu-android-backdoor/118913/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Keenadu", "display_name": "Keenadu", "target": null } ], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Tr1sa111", "id": "192483", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 75, "FileHash-SHA1": 58, "FileHash-SHA256": 58, "domain": 19, "hostname": 5 }, "indicator_count": 215, "is_author": false, "is_subscribing": null, "subscriber_count": 277, "modified_text": "72 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6996fad7174769b1329ac21b", "name": "Keenadu the tablet conqueror and the links between major Android botnets | Securelist", "description": "", "modified": "2026-03-21T11:34:25.575000", "created": "2026-02-19T11:58:15.315000", "tags": [ "adware", "badbox", "botnets", "google android", "keenadu", "malware", "malware descriptions", "malware technologies", "mobile malware", "triada", "trojan", "trojan clicker", "vo1d", "c2 server", "keenadu loader", "google play", "android", "md5 hash", "heur", "nova", "phantom", "april", "august", "temu", "clicker", "wallpaper", "facebook", "telegram" ], "references": [ "https://securelist.com/keenadu-android-backdoor/118913/?utm_source=cybersecuritynews" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunter_NL", "id": "171283", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_171283/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 84, "FileHash-SHA1": 61, "FileHash-SHA256": 61, "URL": 1, "domain": 23, "hostname": 10, "email": 1 }, "indicator_count": 241, "is_author": false, "is_subscribing": null, "subscriber_count": 863, "modified_text": "73 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6995ae49ebd94603d440f024", "name": "Keenadu Botnet", "description": "Divide and conquer: how the new Keenadu backdoor exposed links between major Android botnets", "modified": "2026-03-20T12:02:30.782000", "created": "2026-02-18T12:19:19.747000", "tags": [ "reverse dns", "forward dns", "http", "software", "openbsd openssh", "f5 nginx", "matched fields", "us technology", "frankfurt", "main", "hesse", "godaddycomllc", "phoenix", "keenadu" ], "references": [ "https://www.virustotal.com/graph/g64c2194c54614365a0962f458e9fdfa7d36bc70a897941dbbd9d60c4319fcff8", "https://securelist.com/keenadu-android-backdoor/118913/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Keenadu", "display_name": "Keenadu", "target": null }, { "id": "Triada", "display_name": "Triada", "target": null }, { "id": "vo1d", "display_name": "vo1d", "target": null }, { "id": "BADBOX", "display_name": "BADBOX", "target": null } ], "attack_ids": [ { "id": "T1056", "name": "Input Capture", "display_name": "T1056 - Input Capture" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 1, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Vulcanraven", "id": "167674", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 37, "hostname": 68, "URL": 1 }, "indicator_count": 106, "is_author": false, "is_subscribing": null, "subscriber_count": 22, "modified_text": "74 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69954274f6501c133fc69122", "name": "The tablet conqueror and the links between major Android botnets", "description": "", "modified": "2026-02-18T04:39:16.713000", "created": "2026-02-18T04:39:16.713000", "tags": [ "badbox", "firmware", "keenadu", "android", "nova", "vo1d", "botnets", "ad fraud", "supply chain attack", "backdoor", "triada" ], "references": [ "https://securelist.com/keenadu-android-backdoor/118913/" ], "public": 1, "adversary": "Keenadu", "targeted_countries": [], "malware_families": [ { "id": "Keenadu", "display_name": "Keenadu", "target": null }, { "id": "Triada", "display_name": "Triada", "target": null }, { "id": "BADBOX", "display_name": "BADBOX", "target": null }, { "id": "Vo1d", "display_name": "Vo1d", "target": null }, { "id": "SUPERNOVA - S0578", "display_name": "SUPERNOVA - S0578", "target": null } ], "attack_ids": [ { "id": "T1056.001", "name": "Keylogging", "display_name": "T1056.001 - Keylogging" }, { "id": "T1542.003", "name": "Bootkit", "display_name": "T1542.003 - Bootkit" }, { "id": "T1059.004", "name": "Unix Shell", "display_name": "T1059.004 - Unix Shell" } ], "industries": [], "TLP": "white", "cloned_from": "6994616c344268c9e9708b53", "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Tr1sa111", "id": "192483", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 84, "FileHash-SHA1": 5, "FileHash-SHA256": 5, "URL": 1, "domain": 10, "hostname": 3 }, "indicator_count": 108, "is_author": false, "is_subscribing": null, "subscriber_count": 277, "modified_text": "104 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "references": [ "https://securelist.com/keenadu-android-backdoor/118913/?utm_source=cybersecuritynews", "https://www.virustotal.com/graph/g64c2194c54614365a0962f458e9fdfa7d36bc70a897941dbbd9d60c4319fcff8", "https://securelist.com/keenadu-android-backdoor/118913/" ], "related": { "alienvault": { "adversary": [ "Keenadu" ], "malware_families": [ "Supernova - s0578", "Vo1d", "Keenadu", "Triada", "Badbox" ], "industries": [] }, "other": { "adversary": [ "Keenadu" ], "malware_families": [ "Supernova - s0578", "Vo1d", "Keenadu", "Triada", "Badbox" ], "industries": [] } } }, "false_positive": [] }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 6, "pulses": [ { "id": "6994616c344268c9e9708b53", "name": "The tablet conqueror and the links between major Android botnets", "description": "A new Android backdoor called Keenadu has been discovered embedded in the firmware of several tablet brands. It infects the libandroid_runtime.so library during firmware building, injecting itself into every app launched on the device. Keenadu provides attackers unrestricted control over victims' devices, primarily for ad fraud purposes. The investigation revealed connections between Keenadu and other major Android botnets like Triada, BADBOX, and Vo1d. The malware was found in system apps, Google Play apps, and modified versions of popular apps. Over 13,000 users worldwide have been affected, with Russia, Japan, Germany, Brazil and the Netherlands seeing the highest number of infections.", "modified": "2026-02-17T15:58:38.735000", "created": "2026-02-17T12:39:08.238000", "tags": [ "badbox", "firmware", "keenadu", "android", "nova", "vo1d", "botnets", "ad fraud", "supply chain attack", "backdoor", "triada" ], "references": [ "https://securelist.com/keenadu-android-backdoor/118913/" ], "public": 1, "adversary": "Keenadu", "targeted_countries": [], "malware_families": [ { "id": "Keenadu", "display_name": "Keenadu", "target": null }, { "id": "Triada", "display_name": "Triada", "target": null }, { "id": "BADBOX", "display_name": "BADBOX", "target": null }, { "id": "Vo1d", "display_name": "Vo1d", "target": null }, { "id": "SUPERNOVA - S0578", "display_name": "SUPERNOVA - S0578", "target": null } ], "attack_ids": [ { "id": "T1056.001", "name": "Keylogging", "display_name": "T1056.001 - Keylogging" }, { "id": "T1542.003", "name": "Bootkit", "display_name": "T1542.003 - Bootkit" }, { "id": "T1059.004", "name": "Unix Shell", "display_name": "T1059.004 - Unix Shell" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 25, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "AlienVault", "id": "2", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_2/resized/80/avatar_dacfad0ca8.png", "is_subscribed": true, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 84, "FileHash-SHA1": 5, "FileHash-SHA256": 5, "URL": 1, "domain": 10, "hostname": 3 }, "indicator_count": 108, "is_author": false, "is_subscribing": null, "subscriber_count": 386958, "modified_text": "105 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "699c70c5de80512e1628bfaf", "name": "Keenadu Android Backdoor Embedded in Firmware Enables Full Device Compromise", "description": "Facebook, Twitter, Facebook, Instagram, Snapchat and other sites are all open to comment on the latest developments from the world's largest social media platforms, as well as those of their own..", "modified": "2026-03-25T15:04:14.473000", "created": "2026-02-23T15:22:45.963000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Cherryid", "id": "383941", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 41, "FileHash-SHA1": 41, "FileHash-SHA256": 41, "domain": 18 }, "indicator_count": 141, "is_author": false, "is_subscribing": null, "subscriber_count": 20, "modified_text": "69 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6997fce17ae6ac720fec14c5", "name": "Divide and conquer: how the new Keenadu backdoor exposed links between major Android botnets", "description": "Malicious software infected with the Keenadu operating system can be detected by analysing the code's code, as well as the software itself, in order to use it to run its own software.", "modified": "2026-03-22T06:07:27.526000", "created": "2026-02-20T06:19:13.198000", "tags": [ "keenadu", "applications", "nova clicker", "payload cdn" ], "references": [ "https://securelist.com/keenadu-android-backdoor/118913/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Keenadu", "display_name": "Keenadu", "target": null } ], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Tr1sa111", "id": "192483", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 75, "FileHash-SHA1": 58, "FileHash-SHA256": 58, "domain": 19, "hostname": 5 }, "indicator_count": 215, "is_author": false, "is_subscribing": null, "subscriber_count": 277, "modified_text": "72 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6996fad7174769b1329ac21b", "name": "Keenadu the tablet conqueror and the links between major Android botnets | Securelist", "description": "", "modified": "2026-03-21T11:34:25.575000", "created": "2026-02-19T11:58:15.315000", "tags": [ "adware", "badbox", "botnets", "google android", "keenadu", "malware", "malware descriptions", "malware technologies", "mobile malware", "triada", "trojan", "trojan clicker", "vo1d", "c2 server", "keenadu loader", "google play", "android", "md5 hash", "heur", "nova", "phantom", "april", "august", "temu", "clicker", "wallpaper", "facebook", "telegram" ], "references": [ "https://securelist.com/keenadu-android-backdoor/118913/?utm_source=cybersecuritynews" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunter_NL", "id": "171283", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_171283/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 84, "FileHash-SHA1": 61, "FileHash-SHA256": 61, "URL": 1, "domain": 23, "hostname": 10, "email": 1 }, "indicator_count": 241, "is_author": false, "is_subscribing": null, "subscriber_count": 863, "modified_text": "73 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6995ae49ebd94603d440f024", "name": "Keenadu Botnet", "description": "Divide and conquer: how the new Keenadu backdoor exposed links between major Android botnets", "modified": "2026-03-20T12:02:30.782000", "created": "2026-02-18T12:19:19.747000", "tags": [ "reverse dns", "forward dns", "http", "software", "openbsd openssh", "f5 nginx", "matched fields", "us technology", "frankfurt", "main", "hesse", "godaddycomllc", "phoenix", "keenadu" ], "references": [ "https://www.virustotal.com/graph/g64c2194c54614365a0962f458e9fdfa7d36bc70a897941dbbd9d60c4319fcff8", "https://securelist.com/keenadu-android-backdoor/118913/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Keenadu", "display_name": "Keenadu", "target": null }, { "id": "Triada", "display_name": "Triada", "target": null }, { "id": "vo1d", "display_name": "vo1d", "target": null }, { "id": "BADBOX", "display_name": "BADBOX", "target": null } ], "attack_ids": [ { "id": "T1056", "name": "Input Capture", "display_name": "T1056 - Input Capture" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 1, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Vulcanraven", "id": "167674", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 37, "hostname": 68, "URL": 1 }, "indicator_count": 106, "is_author": false, "is_subscribing": null, "subscriber_count": 22, "modified_text": "74 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69954274f6501c133fc69122", "name": "The tablet conqueror and the links between major Android botnets", "description": "", "modified": "2026-02-18T04:39:16.713000", "created": "2026-02-18T04:39:16.713000", "tags": [ "badbox", "firmware", "keenadu", "android", "nova", "vo1d", "botnets", "ad fraud", "supply chain attack", "backdoor", "triada" ], "references": [ "https://securelist.com/keenadu-android-backdoor/118913/" ], "public": 1, "adversary": "Keenadu", "targeted_countries": [], "malware_families": [ { "id": "Keenadu", "display_name": "Keenadu", "target": null }, { "id": "Triada", "display_name": "Triada", "target": null }, { "id": "BADBOX", "display_name": "BADBOX", "target": null }, { "id": "Vo1d", "display_name": "Vo1d", "target": null }, { "id": "SUPERNOVA - S0578", "display_name": "SUPERNOVA - S0578", "target": null } ], "attack_ids": [ { "id": "T1056.001", "name": "Keylogging", "display_name": "T1056.001 - Keylogging" }, { "id": "T1542.003", "name": "Bootkit", "display_name": "T1542.003 - Bootkit" }, { "id": "T1059.004", "name": "Unix Shell", "display_name": "T1059.004 - Unix Shell" } ], "industries": [], "TLP": "white", "cloned_from": "6994616c344268c9e9708b53", "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Tr1sa111", "id": "192483", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 84, "FileHash-SHA1": 5, "FileHash-SHA256": 5, "URL": 1, "domain": 10, "hostname": 3 }, "indicator_count": 108, "is_author": false, "is_subscribing": null, "subscriber_count": 277, "modified_text": "104 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "tmgstatic.com", "type": "Domain" }, "abuseipdb": null, "urlhaus": { "indicator": "tmgstatic.com", "found": false, "verdict": "clean", "urls": [], "error": null }, "from_cache": true, "_cached_at": 1780432704.6583557 }