Real-Time Threat Intelligence

Click to explore each section This is a real demo! Click to explore each section.
Pilot Configuration
Goal I want to get real-time, comprehensive threat inte... Access real-time threat intelligence and IOC insights — automated data collection from deep and dark web sources.
12 website or app sources The Jsonify AI will open these automatically to explore and find your information
censys.io shodan.io virustotal.com threatcrowd.org +8 more
10 data columns
12 dashboard widgets
3 integrations
1 notification
Recommended
Pilot Phase (Scoped Evaluation)
Up to 12 weeks
€3,000 / month

Typical scope: multi-country, weekly updates, multiple categories

  • Real data from real sources
  • Live dashboards or export feeds
  • Validate scope, refresh cadence, quality
  • Fixed price, no ongoing commitment

Most teams start here to validate fit before expanding.

Post-pilot: Production pricing depends on scope. Use estimator to see typical monthly range →
Now, schedule a short call below to confirm scope and start the pilot, or build something new.

or email us at paul@jsonify.co

Data sources are the websites and apps where information will be collected from. These can be changed or expanded at any time. This is turned into data rows.

censys.io
shodan.io
virustotal.com
threatcrowd.org
reversinglabs.com
malwarebytes.com
darkowl.com
recordedfuture.com
misp-project.org
cyberthreatintel.com
securitytrails.com
intel471.com
Add Source
Sample data preview. This is synthetic test data generated to illustrate the structure. Real data from your sources will be populated during the pilot. This data powers the dashboard widgets.
id Source IOC Type Threat Confidence First Seen Last Seen Context Severity
1 virustotal.com 7d0f3a1b9c2f4d5e6a7b8c9d0e1f2a3b File Hash (SHA256) StealthRAT v2.3 payload High 2026-02-02T09:14:22Z 2026-02-03T18:45:10Z
Submitted sample with C2 domain 'login-secure[.]zone' and obfuscated strings; matching YARA rule sets
... show all		 Critical
2 shodan.io 185.62.12.45:6379 IP:Port Open Redis instance exposing credentials Medium 2026-02-01T04:05:00Z 2026-02-04T07:12:33Z Indexed banner shows unauthenticated Redis with large keyspace; potential data exfiltration risk High
3 censys.io 2001:0db8:85a3:0000:0000:8a2e:0370:7334 IPv6 Address Misconfigured Elasticsearch cluster fingerprint High 2026-02-03T11:22:10Z 2026-02-04T02:01:48Z Censys banner reveals Elasticsearch 6.x publicly accessible with no auth Critical
4 recordedfuture.com APT28 discussion: new loader 'BlackFjord' Threat Actor / Tool BlackFjord loader linked to credential theft campaigns High 2026-01-30T14:00:00Z 2026-02-03T20:30:00Z Intel report correlates malware telemetry with actor infrastructure and GitHub leak references High
5 darkowl.com forum post: 'sell: corp creds, 10k records' Dark Web Post Stolen corporate credentials advertised Medium 2026-02-02T22:18:05Z 2026-02-04T01:12:44Z Post includes domain list and sample validation screenshots referencing third-party vendor domains High
6 reversinglabs.com b4f2e3a9c6d7e8f0a1b2c3d4e5f60718 File Hash (SHA256) Obfuscated .NET dropper High 2026-02-01T16:40:00Z 2026-02-03T09:55:12Z
Static analysis shows multiple unpacking stages and suspicious API calls to Windows Credential Manager
... show all		 High
7 misp-project.org malware:invoice-themed macro campaign Campaign Description Macro-based ransomware distribution via supplier invoices Medium 2026-01-31T08:30:00Z 2026-02-03T19:05:00Z MISP event collates sightings, notable C2 'pay-portal[.]top' and email subject patterns Critical
8 threatcrowd.org malicious[.]vendor-sync[.]com Domain Phishing domain impersonating vendor portal High 2026-02-02T05:46:12Z 2026-02-04T06:50:23Z Multiple IP resolves and WHOIS privacy; linked to previously observed phishing kit High
9 intel471.com user: 'vendor-leak' thread mentioning 'AcmePay' breach Dark Web Discussion Sale of AcmePay vendor dataset Medium 2026-02-03T13:05:00Z 2026-02-04T10:20:00Z Closed forum chatter with screenshots and partial CSV samples sold to bidders High
10 securitytrails.com api.thirdpartyvendor.com Subdomain Exposed API endpoint with verbose error responses High 2026-02-02T12:00:00Z 2026-02-04T04:15:16Z DNS history and current TXT records show outdated keys and stale certificates Medium
11 malwarebytes.com cybercriminal blog: 'how to use XLoader' Blog/Article Tutorial enabling commodity malware usage Medium 2026-02-01T07:10:00Z 2026-02-04T03:40:22Z Detailed walkthrough detected; leads to compiled binaries hosted on file-sharing sites Medium
12 virustotal.com 3a9d1c5f8b7e4a2d6c0b1f3e5a8d9c7b File Hash (SHA256) Encrypted ransomware sample (Sodin-Remnant family) High 2026-02-02T21:33:19Z 2026-02-04T08:22:01Z Matches IOCs from MISP and shows unique ransom note marker 'REMMED2026' Critical
13 threatcrowd.org 45.76.89.12 IPv4 Address Botnet C2 server High 2026-02-01T02:00:00Z 2026-02-03T23:59:59Z Associated with multiple malicious domains and fast-flux pattern High
14 reversinglabs.com dropped_config.json (contains 'api_key':'ak_live_XXXXX') Artifact Hardcoded API keys in malware configuration High 2026-02-02T10:15:00Z 2026-02-04T02:47:30Z Configuration extracted from unpacked binary; references cloud storage and vendor API endpoints Critical
15 recordedfuture.com exploit: CVE-2025-4678 PoC circulating Vulnerability / Exploit Unauthenticated RCE in popular third-party payment gateway High 2026-02-02T06:00:00Z 2026-02-04T09:30:00Z PoC code appears in GitHub gist and dark web threads; exploit targets /api/v2/pay endpoint Critical
16 darkowl.com seller listing: 'VPN access to vendor corp' Dark Web Marketplace Listing VPN session cookies and remote access for sale Medium 2026-02-03T15:40:00Z 2026-02-04T11:05:59Z Listing includes screenshots of internal dashboards and vendor branding High
17 intel471.com email sample: 'invoice@thirdvendor.com' with malicious ZIP Malicious Email Sample Invoice-themed phishing with loader attachment High 2026-02-01T09:00:00Z 2026-02-04T05:55:12Z Headers show SPF pass but DKIM fail; attachment executes macro dropper Critical
18 securitytrails.com mx.thirdpartyvendor.com MX Record / Mail Server Mail server with outdated TLS and open relay misconfig Medium 2026-02-02T18:30:00Z 2026-02-04T01:22:33Z Certificate expired last week and server responds to unauthenticated relays in tests High
19 threatcrowd.org wordpress-plugin: 'vendor-wp-pay' outdated Software Component Known vulnerable WordPress plugin enabling SQLi High 2026-01-31T11:20:00Z 2026-02-03T16:44:01Z Exploit chains observed leveraging plugin to upload web shells Critical
20 virustotal.com 5f6e7d8c9b0a1b2c3d4e5f6a7b8c9d0e File Hash (SHA256) Firmware backdoor sample for IoT devices Medium 2026-02-02T13:50:00Z 2026-02-04T06:10:05Z Matches suspicious strings communicating to vendor-update[.]io domain High
21 reversinglabs.com PE: imports CreateRemoteThread, VirtualAllocEx Binary Analysis Indicator Process injection capability in downloader High 2026-02-01T20:05:00Z 2026-02-04T00:00:00Z Dynamic behavior shows DLL sideloading and persistence via scheduled tasks High
22 malwarebytes.com blog: 'supply-chain compromise trends 2026' Threat Report Increased outsourcing risk and vendor credential leaks Medium 2026-02-01T10:00:00Z 2026-02-04T02:30:00Z Article references multiple recent incidents and mitigations for vendor access controls Medium
23 darkowl.com marketplace: 'access: vendor-erp' priced 2 BTC Dark Web Listing RDP/SSH access to ERP environments for sale Medium 2026-02-03T21:10:00Z 2026-02-04T08:00:00Z Listing claims persistent admin-level sessions and includes last-login screenshots Critical
24 recordedfuture.com malicious-injection: JS snippet 'trackVendor()' used in Mage Commerce sites Malicious Script MageCommerce skimmer targeting checkout forms High 2026-02-02T09:00:00Z 2026-02-04T07:45:00Z Recorded Future detected propagation across multiple third-party extensions Critical
25 misp-project.org IOC set: domains, hashes, and mutex names for 'BlueTango' campaign MISP Event Bundle Coordinated espionage campaign targeting vendors in logistics sector High 2026-01-30T06:00:00Z 2026-02-03T21:00:00Z Event aggregates sightings from community analysts and correlates to C2 infra High
26 threatcrowd.org cdn.badfileshare[.]net/path/payroll.zip Malicious URL Malicious archive hosting credential harvesters High 2026-02-02T14:12:00Z 2026-02-04T03:18:45Z URL serves password-stealing binary disguised as payroll update Critical
27 intel471.com paste: 'vendor-db leak' posted with sample rows Paste/Dump Partial vendor customer database leak Medium 2026-02-03T02:22:00Z 2026-02-04T09:02:14Z Paste contains hashed passwords and PII snippets; sellers reference negotiation threads High
28 securitytrails.com tls: expired cert for api.vendor-payments.com Certificate / TLS Indicator Expired TLS leading to potential MITM and phishing risk High 2026-02-01T00:00:00Z 2026-02-04T06:06:06Z Certificate expired within last 3 days; chain shows weak signature algorithm Medium
29 darkowl.com forum thread: 'zero-day PoC for vendor gateway' Dark Web Discussion Private exploit discussion and pricing for zero-day access Low 2026-02-03T19:45:00Z 2026-02-04T02:50:00Z Thread requests testers; no verified PoC shared publicly yet High
Looking for more? Great news − this is just a small sample. Jsonify production workflows process anywhere from tens of thousands to millions of real data rows per run!
From To
Filters
Loading filters...
Structured data feeds are included — we're happy to help with API integration and automation.
JSON 
Loading...
CSV 
Loading...
Looking for more? Great news − this is just a small sample. Typically, our commercial customers process tens of thousands to millions of data points per task!

Radar continuously monitors your selected web sources and alerts you the moment something changes. +7

New IOC Detected
Recent change
New IOC Detected 3h ago
Malicious IP Address identified in threat data
virustotal.com
New Dark Web Mention
Recent change
New Dark Web Mention Yesterday
Vendor Name XYZ mentioned in discussions
darkowl.com
Critical Vulnerability Found
Recent change
Critical Vulnerability Found 5m ago
CVE-2026-XXXX requires immediate attention
securitytrails.com
Exploit Details Updated
Recent change
Exploit Details Updated 3h ago
Exploit for CVE-2026-YYYY new details available
reversinglabs.com
New Threat Intelligence
Recent change
New Threat Intelligence 5m ago
Emerging Threats latest insights released
recordedfuture.com
Add Alert All these alerts are fully customizable once a pilot begins.

Data connections determine where the collected data will be delivered. You can add, remove, or change connections at any time.

Snowflake
Snowflake Data Warehouse
Email Reports
Email Reports Notifications
REST API Developer
BigQuery
BigQuery Data Warehouse
Amazon Redshift
Amazon Redshift Data Warehouse
Databricks
Databricks Data Warehouse
Azure Synapse
Azure Synapse Data Warehouse
Amazon S3
Amazon S3 Cloud Storage
Box
Box Cloud Storage
Dropbox
Dropbox Cloud Storage
SFTP Cloud Storage
Google Sheets
Google Sheets Spreadsheet
Excel
Excel Spreadsheet
Airtable
Airtable Spreadsheet
Power BI
Power BI BI
Tableau
Tableau BI
Amazon QuickSight
Amazon QuickSight BI
Salesforce
Salesforce CRM
HubSpot
HubSpot CRM
Slack
Slack Notifications
Microsoft Teams
Microsoft Teams Notifications
Jira
Jira Notifications
Webhooks Developer
Zapier
Zapier Developer
Apache Kafka
Apache Kafka Developer
Google Pub/Sub
Google Pub/Sub Developer
AWS EventBridge
AWS EventBridge Developer
Custom Developer
Add Integration