Agentscan
Recent
0x2b4e…9037$7140.0980xae54…e571$242.7570xd143…f376$189.6800x6956…1b2b$148.3470x86ee…a73d$121.6000x9d94…a436$121.3000x7ee0…b59a$107.8920x6a16…3b5e$105.0000x3aa2…2932$98.9010x4688…2857$96.0000xd517…b6ac$89.9100x922e…e4dd$89.9100x5840…aa15$88.0000xf2f2…8528$84.0000x5382…4a93$80.9190x0720…106a$75.0000x7e93…de68$62.9370x1595…99e6$62.9370x957f…20a0$60.0000x5fa3…afbd$54.0000x67e1…227c$53.9460xcf34…d34c$53.9460x4347…d834$53.9460xd4ab…64fe$49.0000x12c9…091e$48.0000xec7a…05e8$48.0000x8098…d783$47.5000x63eb…37bd$44.9550xb86c…d1dd$44.9550xf6ca…b61c$44.9550x68f7…2673$44.9550xc36b…0f9d$44.9550xdf7a…7663$40.0030x6079…60d3$36.0000x7c1c…afb0$35.9640x828a…1a46$35.9640xe06d…9f32$35.9640x6088…a4a8$35.9640x5e63…d15d$35.9640xcad3…9589$35.0150xa5a9…221f$35.0150x8dae…0ee1$35.0000xc43b…0904$33.0000xd4d2…a4e3$30.4000xe862…eda4$30.0000xc7c5…306f$30.0000xdab7…a528$28.5000x3cd6…3cee$28.0120xc852…46d7$26.9730xe6b8…a95e$26.973

Ot Intel Api

ot-intel-api.onrender.com

OT Intel API delivers real-time threat intelligence and vulnerability monitoring for industrial operational technology systems.

data_oracle
from$0.01

Trust signal

Emerging3838/ 100

3 of 4 pillars

coverage 75%

Pillars

Traction
70%
Liveness
Identity
0%
Longevity
20%

Signals

On-chain settlement (CDP)
Active in last 30 days
Endpoint reachable
GitHub org present
X (Twitter) handle
.well-known/agent.json
skill.md published
ERC-8004 registered

Evidence tiers, not an endorsement · trust model v0.1.0 (provisional) · CDP-lane settlement only (D3) · Trust API coming soon

On-chain traction

Min price (402)$0.01
Total vol$9.26
30d vol$8.27
Total tx138
30d tx101
FirstMay 21, 2026
LastJul 9, 2026

ERC-8004 agent registry

Not registered

Not found in the ERC-8004 agent registry. This is the default state — absence is not a negative signal.

Identity & classification

Xunverified
GitHubunverified
ENSunverified
Category confidenceunscored

Settlement volume

USDC settled on-chain · monthly

as of Jul 12, 2026

loading chart…

Endpoints(21)

https://ot-intel-api.onrender.com/ot/ioc

IOC enrichment with ICS campaign context. Pass ?value=1.2.3.4&type=ip or type=domain. Queries AlienVault OTX, AbuseIPDB, and DeepSeek CTI for OT campaign association. Returns verdict on whether the IOC is linked to ICS-targeting campaigns.

$0.010 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/advisory

Live CISA ICS-CERT advisories filtered by vendor or sector. Pass ?vendor=siemens or ?sector=energy. Returns advisory IDs, CVSS scores, CVE lists, OT severity, and sector tags. Up to 25 results.

$0.020 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/cve

OT-contextualised CVE triage for ICS/SCADA. Pass ?id=CVE-XXXX-XXXX. Returns OT-adjusted severity, cyber-physical impact, patch feasibility, CISA KEV status, and prioritised action. DeepSeek-enriched with live NVD and CISA-KEV data.

$0.020 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/malware

ICS malware encyclopedia. Pass ?name=PIPEDREAM. Returns capabilities, targeted OT protocols, attributed actor, affected vendors, detection signatures, and MITRE ATT&CK ICS techniques. Covers PIPEDREAM, TRITON, INDUSTROYER2, CRASHOVERRIDE, FROSTYLOOP, BLACKENERGY.

$0.020 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/actor

ICS threat actor profile. Pass ?name=SANDWORM. Returns MITRE ATT&CK ICS techniques, known malware, attribution, physical impact, targeted sectors, and OT detection recommendations. Alias lookup supported: Volt Typhoon→VOLTZITE, APT44→SANDWORM. Covers all Dragos Activity Groups.

$0.030 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/actor/sector

ICS threat actors by sector. Pass ?sector=energy. Returns all groups targeting that sector from live MITRE ATT&CK ICS STIX data. Covers energy, water, manufacturing, oil-and-gas, chemical, transportation, nuclear.

$0.030 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/asn

ICS threat actor ASN infrastructure profiling. Pass ?asn=AS215540. Returns ICS actor associations (SANDWORM, VOLTZITE, XENOTIME), phishing kit links (Tycoon2FA, EvilProxy, NakedPages), bulletproof hosting indicators, abuse categories (c2, staging, phishing), and an OT-specific blocking recommendation with WAF rule hint. ASN analysis reveals infrastructure clustering that survives IP/domain rotation — critical for OT defenders tracking persistent actor infrastructure.

$0.030 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/delta

ICS sector change feed — only what is NEW in the last N days. Pass ?sector=water&days=7. Returns new CVEs, new CISA advisories, and new actor activity since the last call. Designed for cron-based monitoring agents. Eliminates redundant reprocessing.

$0.030 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/compliance

NERC CIP and IEC 62443 compliance gap mapping for a CVE or threat actor. Pass ?cve_id=CVE-2023-38802 or ?actor=SANDWORM&framework=nerc_cip. Returns triggered controls by framework (CIP-007-6 R2, SR 5.1, etc.), status (NON_COMPLIANT_IF_UNMITIGATED / REVIEW_REQUIRED), required action, and compensating controls. Designed for automated compliance reporting agents running on cron: call when a new advisory drops, generate gap report, route to compliance team.

$0.040 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/campaign

Active ICS campaign tracker. Pass ?sector=electric&status=active. Returns campaigns currently targeting a sector with actor attribution, start date, targeted geography, TTPs in use, and CVEs being exploited. No free equivalent for live campaign status.

$0.050 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/detection

ICS detection artifact retrieval. Pass ?target=PIPEDREAM or ?target=SANDWORM&format=sigma. Returns YARA/Sigma rules for the target malware or actor, sourced from public corpus (Florian Roth signature-base, CISA advisories) with validated:true, or DeepSeek-synthesised with validated:false. Designed for automated threat hunting pipelines that commit rules to SIEMs and EDRs — validated:true rules are safe to deploy; validated:false require lab testing first.

$0.050 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/device

ICS/OT device exposure lookup. Pass ?vendor=siemens&model=s7-1200. Returns default credential risk, exposed OT protocols (Modbus/502, S7comm/102, DNP3/20000), exploitation notes, and hardening steps. Covers Siemens, Schneider, Rockwell, Honeywell, GE, Unitronics, Beckhoff.

$0.050 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/exposure

OT asset risk verdict. Pass ?vendor=siemens&model=s7-1500&sector=energy&network=internet-facing. Returns risk_score (0-100), risk_level, escalate (boolean), recommended_action, active CVEs, and threat actors. Optional firmware param enables firmware-specific CVE matching. Cached 1 hour.

$0.050 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/patch

OT/ICS patch feasibility for a CVE. Pass ?id=CVE-XXXX-XXXX. Returns patch availability, OT-safe workarounds, patch complexity per ICS layer, estimated downtime, safe-to-patch-live flag, deployment strategy, and risk-vs-disruption score 1-10.

$0.050 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/brief

Sector threat brief for ICS/OT. Pass ?sector=energy&period=30. Returns active actors, new CVE counts, active campaigns, top advisories, and risk_trend (increasing/stable/decreasing). One call replaces 5+ chained calls. Ideal for weekly reporting and compliance dashboards.

$0.100 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/xpost

X/Twitter thread (5-7 posts) for an ICS actor or CVE. Pass ?actor=XENOTIME or ?cve=CVE-XXXX-XXXX. Fans out to actor or cve. Returns thread array: hook post, intel posts with ATT&CK IDs and affected OT systems, mitigation post, hashtag post. Each post under 280 characters.

$0.100 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/linkedin

LinkedIn post for CTI/ICS security audience. Pass ?actor=VOLTZITE or ?cve=CVE-XXXX-XXXX. Fans out to actor or cve + advisory. Returns hook line, 3-5 intelligence bullets, call to action, hashtags. Ready to publish. Ideal for security practitioners and threat intelligence teams sharing findings.

$0.150 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/report

Synthesised Markdown threat actor report for ICS/OT. Pass ?actor=CHERNOVITE&sector=energy. Fans out to actor, campaign, malware, advisory, detection primitives internally (no extra charge) and synthesises via DeepSeek. Returns executive summary, TTPs, campaigns, malware, recommended actions. TLP: WHITE.

$0.250 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/dossier

Deep actor intelligence dossier. Pass ?actor=SANDWORM. Fans out to actor, campaign, malware, ioc, asn, detection primitives and synthesises via DeepSeek. Returns full profile, infrastructure, IOC table, detection rules, kill chain mapping. Most comprehensive single-call artifact available.

$0.350 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/sitrep

Sector situation report. Pass ?sector=energy&period=30. Fans out to actor/sector, advisory, campaign, delta, compliance primitives. Returns 30-day threat landscape, top actors, new advisories, what changed, compliance posture, recommended priorities. Designed for weekly security briefing automation.

$0.350 USDCpay_to unverifiedunprobed
https://ot-intel-api.onrender.com/ot/article

Publication-ready CTI article ~700 words. Pass ?actor=CHERNOVITE or ?cve=CVE-XXXX-XXXX. Fans out to actor/cve + campaign + malware + advisory. DeepSeek writes journalist-style: headline, lede, body with ATT&CK context, defanged IOCs, analyst assessment, TLP. Ready for threat intel blog or advisory publication.

$0.450 USDCpay_to unverifiedunprobed