Gave the VM four cores and 8GB of ram, trying to see if that was the reason Microsoft Defender Threat Intelligence was acting so syrupy slow, and then swung over to using BuiltWith, and that behaved itself. After the fact I figured out why MDTI was acting so crappy and I take back all the good things I said about the new offering - this is MORE crippled that RiskIQ Community Edition:
So it’s teasing with “lalalala I saw ALL KINDS of stuff … but you, groundling, are not allowed to know.” This kinda sucks IMHO, because it’s not even enough access to be able to pull something together to show the boss if you’re trying to buy it.
There are a couple entities I do work for that qualify for gratis researcher accounts. I am going to see if I can get permission to apply using that Proton address so I can do some proper demos here.
In the mean time, bull your way through a BuiltWith signup - their free offering is an very potent attribution tool.
Using BuiltWith And Threat Intel On A Domain