{ "type": "Domain", "indicator": "zillelandverify.com", "general": { "sections": [ "general", "geo", "url_list", "passive_dns", "malware", "whois", "http_scans" ], "whois": "http://whois.domaintools.com/zillelandverify.com", "alexa": "http://www.alexa.com/siteinfo/zillelandverify.com", "indicator": "zillelandverify.com", "type": "domain", "type_title": "Domain", "validation": [], "base_indicator": { "id": 3981017959, "indicator": "zillelandverify.com", "type": "domain", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 2, "pulses": [ { "id": "6783308fc0b6e2bd8dfb209c", "name": "TTC-CERT_blocklist_recommended", "description": "", "modified": "2026-02-14T00:03:07.406000", "created": "2025-01-12T03:01:35.075000", "tags": [], "references": [ "https://github.com/ttc-cert/TTC-CERT_blocklist_recommended/blob/master/domain_blocklist_recommended.txt" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "skocherhan", "id": "249290", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_249290/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 606, "URL": 4, "domain": 25122, "hostname": 25306 }, "indicator_count": 51038, "is_author": false, "is_subscribing": null, "subscriber_count": 185, "modified_text": "106 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "66a0cdffcc549af39b00a9d8", "name": "Stealer Malware (Hash / C2)", "description": "Malware that stealing capabilities like Vidar, Raccoon, Mars, and Redline (will update in the future). \nany detection from internal network from this otx pulse indicates data leak. please fullscan your endpoint using antivirus and make sure change your all password.\n\nFamily :\nSteal C Malware;\nRedline Stealer;\nFlame Stealer;\nLumma Stealer;\nCheana Stealer;\nGomorra Stealer;\nMeduza Stealer;\nHawkeye Malware;\nNode Stealer;\nAmatera Stealer\n; Last Update : 16/12/2024 (Update Lumma Stealer, Add Amatera Stealer, Telegram Stealer and other)", "modified": "2025-01-15T04:01:02.090000", "created": "2024-07-24T09:48:47.666000", "tags": [ "Stealer" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1041", "name": "Exfiltration Over C2 Channel", "display_name": "T1041 - Exfiltration Over C2 Channel" }, { "id": "T1003", "name": "OS Credential Dumping", "display_name": "T1003 - OS Credential Dumping" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 6286, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": true, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "IndoOpenThreatXchange", "id": "286483", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_286483/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "IPv4": 73, "FileHash-MD5": 208, "FileHash-SHA1": 198, "FileHash-SHA256": 255, "domain": 46, "hostname": 13, "URL": 9 }, "indicator_count": 802, "is_author": false, "is_subscribing": null, "subscriber_count": 95, "modified_text": "501 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "references": [ "https://github.com/ttc-cert/TTC-CERT_blocklist_recommended/blob/master/domain_blocklist_recommended.txt" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [] }, "other": { "adversary": [], "malware_families": [], "industries": [] } } }, "false_positive": [] }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 2, "pulses": [ { "id": "6783308fc0b6e2bd8dfb209c", "name": "TTC-CERT_blocklist_recommended", "description": "", "modified": "2026-02-14T00:03:07.406000", "created": "2025-01-12T03:01:35.075000", "tags": [], "references": [ "https://github.com/ttc-cert/TTC-CERT_blocklist_recommended/blob/master/domain_blocklist_recommended.txt" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "skocherhan", "id": "249290", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_249290/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 606, "URL": 4, "domain": 25122, "hostname": 25306 }, "indicator_count": 51038, "is_author": false, "is_subscribing": null, "subscriber_count": 185, "modified_text": "106 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "66a0cdffcc549af39b00a9d8", "name": "Stealer Malware (Hash / C2)", "description": "Malware that stealing capabilities like Vidar, Raccoon, Mars, and Redline (will update in the future). \nany detection from internal network from this otx pulse indicates data leak. please fullscan your endpoint using antivirus and make sure change your all password.\n\nFamily :\nSteal C Malware;\nRedline Stealer;\nFlame Stealer;\nLumma Stealer;\nCheana Stealer;\nGomorra Stealer;\nMeduza Stealer;\nHawkeye Malware;\nNode Stealer;\nAmatera Stealer\n; Last Update : 16/12/2024 (Update Lumma Stealer, Add Amatera Stealer, Telegram Stealer and other)", "modified": "2025-01-15T04:01:02.090000", "created": "2024-07-24T09:48:47.666000", "tags": [ "Stealer" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1041", "name": "Exfiltration Over C2 Channel", "display_name": "T1041 - Exfiltration Over C2 Channel" }, { "id": "T1003", "name": "OS Credential Dumping", "display_name": "T1003 - OS Credential Dumping" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 6286, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": true, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "IndoOpenThreatXchange", "id": "286483", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_286483/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "IPv4": 73, "FileHash-MD5": 208, "FileHash-SHA1": 198, "FileHash-SHA256": 255, "domain": 46, "hostname": 13, "URL": 9 }, "indicator_count": 802, "is_author": false, "is_subscribing": null, "subscriber_count": 95, "modified_text": "501 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "zillelandverify.com", "type": "Domain" }, "abuseipdb": null, "urlhaus": { "indicator": "zillelandverify.com", "found": false, "verdict": "clean", "urls": [], "error": null }, "from_cache": true, "_cached_at": 1780222059.41043 }