.. | ||
README.md |
Portugal Unknown - Cyber Threat Intelligence
These indicators were reported, collected, and generated during the VulDB CTI analysis of the actor known as Portugal Unknown. The activity monitoring correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique predictive model uses big data to forecast activities and their characteristics.
Live data and more analysis capabilities are available at https://vuldb.com/?actor.portugal_unknown
Countries
These countries are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Portugal Unknown:
There are 19 more country items available. Please use our online service to access the data.
IOC - Indicator of Compromise
These indicators of compromise (IOC) indicate associated network resources which are known to be part of research and attack activities of Portugal Unknown.
ID | IP address | Hostname | Campaign | Confidence |
---|---|---|---|---|
1 | 2.16.65.0 | a2-16-65-0.deploy.static.akamaitechnologies.com | - | High |
2 | 2.16.65.4 | a2-16-65-4.deploy.static.akamaitechnologies.com | - | High |
3 | 2.16.65.12 | a2-16-65-12.deploy.static.akamaitechnologies.com | - | High |
4 | 2.16.65.20 | a2-16-65-20.deploy.static.akamaitechnologies.com | - | High |
5 | 2.16.65.196 | a2-16-65-196.deploy.static.akamaitechnologies.com | - | High |
6 | 2.16.65.204 | a2-16-65-204.deploy.static.akamaitechnologies.com | - | High |
7 | 2.16.65.212 | a2-16-65-212.deploy.static.akamaitechnologies.com | - | High |
8 | 2.21.168.0 | a2-21-168-0.deploy.static.akamaitechnologies.com | - | High |
9 | 2.57.176.0 | - | - | High |
10 | 2.80.0.0 | - | - | High |
11 | 5.23.26.8 | - | - | High |
12 | 5.34.196.0 | - | - | High |
13 | 5.39.2.224 | - | - | High |
14 | 5.39.26.216 | ip216.ip-5-39-26.eu | - | High |
15 | 5.39.27.224 | ip224.ip-5-39-27.eu | - | High |
16 | 5.39.30.12 | - | - | High |
17 | 5.39.34.176 | - | - | High |
18 | 5.39.46.77 | - | - | High |
19 | 5.39.46.78 | - | - | High |
20 | 5.39.98.240 | - | - | High |
21 | 5.39.110.216 | - | - | High |
22 | 5.39.112.96 | - | - | High |
23 | 5.39.116.160 | ip160.ip-5-39-116.eu | - | High |
24 | 5.39.121.128 | 05277980-idc.po.inframkt.com.br | - | High |
25 | 5.39.124.112 | - | - | High |
26 | 5.43.0.0 | 0.0.43.5.rev.vodafone.pt | - | High |
27 | 5.62.63.176 | r-176-63-62-5.consumer-pool.prcdn.net | - | High |
28 | 5.62.63.216 | r-216-63-62-5.consumer-pool.prcdn.net | - | High |
29 | 5.132.147.0 | - | - | High |
30 | 5.135.12.96 | ip96.ip-5-135-12.eu | - | High |
31 | 5.135.14.0 | ip0.ip-5-135-14.eu | - | High |
32 | 5.135.59.0 | ip0.ip-5-135-59.eu | - | High |
33 | 5.135.60.200 | - | - | High |
34 | 5.135.68.64 | - | - | High |
35 | 5.135.77.64 | ip64.ip-5-135-77.eu | - | High |
36 | 5.135.80.112 | - | - | High |
37 | 5.135.84.192 | tdn-5-135-84-192.gtranslate.net | - | High |
38 | 5.135.108.64 | ip64.ip-5-135-108.eu | - | High |
39 | 5.135.114.96 | ip96.ip-5-135-114.eu | - | High |
40 | 5.135.202.212 | ip212.ip-5-135-202.eu | - | High |
41 | 5.135.228.96 | - | - | High |
42 | 5.135.237.116 | - | - | High |
43 | 5.135.248.236 | - | - | High |
44 | 5.135.250.128 | - | - | High |
45 | 5.135.254.128 | ip128.ip-5-135-254.eu | - | High |
46 | 5.154.174.0 | - | - | High |
47 | 5.157.20.0 | - | - | High |
48 | 5.158.0.0 | 0.0.158.5.rev.vodafone.pt | - | High |
49 | 5.180.244.0 | - | - | High |
50 | 5.182.39.0 | . | - | High |
51 | 5.182.48.0 | unassigned.onlinehub.pt | - | High |
52 | 5.183.36.0 | - | - | High |
53 | 5.183.96.0 | 0.96.183.5.in-addr.arpa | - | High |
54 | 5.196.33.0 | si45.sincosta.com | - | High |
55 | 5.196.38.176 | goncas.goweb.pt | - | High |
56 | 5.196.51.128 | - | - | High |
57 | 5.196.63.28 | umanovidadesoparasi.com | - | High |
58 | 5.196.96.104 | ip104.ip-5-196-96.eu | - | High |
59 | 5.196.97.0 | ip0.ip-5-196-97.eu | - | High |
60 | 5.196.125.28 | ip28.ip-5-196-125.eu | - | High |
61 | 5.196.143.80 | - | - | High |
62 | 5.196.144.144 | ip144.ip-5-196-144.eu | - | High |
63 | 5.196.160.120 | ip120.ip-5-196-160.eu | - | High |
64 | 5.196.172.16 | ip16.ip-5-196-172.eu | - | High |
65 | 5.196.183.188 | ip188.ip-5-196-183.eu | - | High |
66 | 5.196.187.0 | ip0.ip-5-196-187.eu | - | High |
67 | 5.196.187.160 | - | - | High |
68 | 5.196.203.16 | ip16.ip-5-196-203.eu | - | High |
69 | 5.196.212.196 | ip196.ip-5-196-212.eu | - | High |
70 | 5.196.246.160 | - | - | High |
71 | 5.206.224.0 | - | - | High |
72 | 5.206.228.0 | - | - | High |
73 | 5.249.0.0 | 0.0.249.5.rev.vodafone.pt | - | High |
74 | 5.253.128.0 | - | - | High |
75 | 5.253.180.0 | - | - | High |
76 | 8.42.245.0 | - | - | High |
77 | 13.104.140.27 | - | - | High |
78 | 13.104.140.66 | - | - | High |
79 | 13.104.186.224 | - | - | High |
80 | 13.225.9.0 | server-13-225-9-0.lis50.r.cloudfront.net | - | High |
81 | 13.225.10.0 | server-13-225-10-0.lis50.r.cloudfront.net | - | High |
82 | 13.225.12.0 | server-13-225-12-0.lis50.r.cloudfront.net | - | High |
83 | 13.225.240.0 | server-13-225-240-0.lis50.r.cloudfront.net | - | High |
84 | 13.225.248.0 | server-13-225-248-0.lis50.r.cloudfront.net | - | High |
85 | 13.248.118.96 | - | - | High |
86 | 13.248.118.128 | - | - | High |
87 | 17.72.64.0 | - | - | High |
88 | 17.72.75.0 | - | - | High |
89 | 17.77.44.0 | - | - | High |
90 | 17.78.173.0 | - | - | High |
91 | 17.78.176.0 | - | - | High |
92 | 17.79.37.128 | - | - | High |
93 | 17.79.246.14 | - | - | High |
94 | 17.79.246.16 | - | - | High |
95 | 17.79.252.84 | - | - | High |
96 | 17.118.198.240 | - | - | High |
97 | 17.118.216.0 | - | - | High |
98 | 17.119.212.0 | - | - | High |
99 | 17.119.220.0 | - | - | High |
100 | 17.127.228.0 | - | - | High |
101 | 23.1.4.0 | a23-1-4-0.deploy.static.akamaitechnologies.com | - | High |
102 | 23.2.20.0 | a23-2-20-0.deploy.static.akamaitechnologies.com | - | High |
103 | 23.36.48.0 | a23-36-48-0.deploy.static.akamaitechnologies.com | - | High |
104 | 23.47.188.0 | a23-47-188-0.deploy.static.akamaitechnologies.com | - | High |
105 | 23.49.244.0 | a23-49-244-0.deploy.static.akamaitechnologies.com | - | High |
106 | 31.6.26.0 | - | - | High |
107 | 31.6.26.128 | - | - | High |
108 | 31.22.128.0 | - | - | High |
109 | 31.25.8.0 | relay000.mta5.mpssec.net | - | High |
110 | 31.40.220.0 | - | - | High |
111 | 31.129.22.0 | subnet.gir.network | - | High |
112 | 31.133.0.84 | vps15269.htvps.pl | - | High |
113 | 31.223.188.0 | - | - | High |
114 | 32.22.201.105 | - | - | High |
115 | 32.42.29.128 | - | - | High |
116 | 34.99.176.0 | 0.176.99.34.bc.googleusercontent.com | - | Medium |
117 | 34.99.248.0 | 0.248.99.34.bc.googleusercontent.com | - | Medium |
118 | 34.103.192.0 | 0.192.103.34.bc.googleusercontent.com | - | Medium |
119 | 34.103.241.0 | 0.241.103.34.bc.googleusercontent.com | - | Medium |
120 | 37.28.192.0 | 0.192.28.37.rev.vodafone.pt | - | High |
121 | 37.35.105.200 | euro8.webassistcentral.net | - | High |
122 | 37.44.200.0 | - | - | High |
123 | 37.59.86.32 | ip32.ip-37-59-86.eu | - | High |
124 | 37.59.89.252 | - | - | High |
125 | 37.59.129.88 | 34whdstdgd02s.craftyournewcareer.com | - | High |
126 | 37.59.130.80 | ip80.ip-37-59-130.eu | - | High |
127 | 37.59.135.96 | cdkeypt.pt | - | High |
128 | 37.59.142.136 | 37-59-142-136.windhoosnl.nl | - | High |
129 | 37.59.151.56 | ip56.ip-37-59-151.eu | - | High |
130 | 37.59.175.252 | - | - | High |
131 | 37.59.203.100 | - | - | High |
132 | 37.59.215.208 | - | - | High |
133 | 37.59.236.12 | so-novidades-para-si.com | - | High |
134 | 37.59.236.32 | ip32.ip-37-59-236.eu | - | High |
135 | 37.59.241.224 | ip224.ip-37-59-241.eu | - | High |
136 | 37.59.250.168 | - | - | High |
137 | 37.187.186.160 | ip160.ip-37-187-186.eu | - | High |
138 | 37.189.0.0 | - | - | High |
139 | 37.228.132.218 | - | - | High |
140 | 41.216.176.0 | - | - | High |
141 | 41.216.176.26 | - | - | High |
142 | 41.216.176.28 | - | - | High |
143 | 41.216.176.52 | - | - | High |
144 | 41.216.176.56 | iwantcreativity.com | - | High |
145 | 41.216.176.64 | E.9ffE.9Ct.celtaacademycali.com | - | High |
146 | 41.216.176.128 | - | - | High |
147 | 41.242.112.5 | - | - | High |
148 | 41.242.114.59 | - | - | High |
149 | 44.31.36.0 | - | - | High |
150 | 45.10.236.0 | - | - | High |
151 | 45.12.70.185 | soundly.alltieinc.com | - | High |
152 | 45.12.71.185 | - | - | High |
153 | 45.12.176.0 | - | - | High |
154 | 45.12.179.0 | - | - | High |
155 | 45.13.228.0 | - | - | High |
156 | 45.74.10.0 | - | - | High |
157 | 45.74.31.0 | - | - | High |
158 | 45.82.196.0 | - | - | High |
159 | 45.83.128.0 | - | - | High |
160 | 45.89.116.0 | - | - | High |
161 | 45.90.60.0 | - | - | High |
162 | 45.92.68.0 | - | - | High |
163 | 45.92.84.0 | - | - | High |
164 | 45.92.229.0 | - | - | High |
165 | 45.93.24.0 | - | - | High |
166 | 45.94.232.0 | - | - | High |
167 | 45.95.132.0 | - | - | High |
168 | 45.135.172.0 | - | - | High |
169 | 45.136.8.0 | - | - | High |
170 | 45.138.92.0 | - | - | High |
171 | 45.138.224.0 | - | - | High |
172 | 45.143.68.0 | - | - | High |
173 | 45.143.104.0 | - | - | High |
174 | 45.143.172.0 | - | - | High |
175 | 45.144.88.0 | - | - | High |
176 | 45.149.28.0 | - | - | High |
177 | 45.150.252.0 | - | - | High |
178 | 45.151.29.0 | - | - | High |
179 | 45.153.100.0 | - | - | High |
180 | 45.153.102.0 | - | - | High |
181 | 45.153.156.0 | - | - | High |
182 | 45.154.64.0 | - | - | High |
183 | 45.154.66.0 | - | - | High |
184 | 45.154.192.0 | - | - | High |
185 | 45.157.16.0 | - | - | High |
186 | 45.159.251.0 | . | - | High |
187 | 46.50.0.0 | - | - | High |
188 | 46.105.85.248 | ssl.gateway232.key18-marketing.com | - | High |
189 | 46.105.89.224 | ip224.ip-46-105-89.eu | - | High |
190 | 46.105.91.64 | - | - | High |
191 | 46.105.94.120 | ip120.ip-46-105-94.eu | - | High |
192 | 46.105.131.96 | - | - | High |
193 | 46.105.138.176 | 176euseo.god5.net | - | High |
194 | 46.105.143.152 | kod21.kodsia.com | - | High |
195 | 46.105.154.0 | ip0.ip-46-105-154.eu | - | High |
196 | 46.105.159.0 | pd.foldprocesstendency.website | - | High |
197 | 46.105.172.152 | - | - | High |
198 | 46.105.185.68 | - | - | High |
199 | 46.105.190.224 | - | - | High |
200 | 46.105.191.136 | db-4.shaload.com | - | High |
201 | 46.105.224.176 | ip176.ip-46-105-224.eu | - | High |
202 | 46.105.229.48 | ip48.ip-46-105-229.eu | - | High |
203 | 46.105.241.176 | - | - | High |
204 | 46.189.128.0 | 0.128.189.46.rev.vodafone.pt | - | High |
205 | 46.189.192.0 | 0.192.189.46.rev.vodafone.pt | - | High |
206 | 46.189.208.0 | 0.208.189.46.rev.vodafone.pt | - | High |
207 | 46.189.210.0 | 0.210.189.46.rev.vodafone.pt | - | High |
208 | 46.189.212.0 | 0.212.189.46.rev.vodafone.pt | - | High |
209 | 46.189.216.0 | 0.216.189.46.rev.vodafone.pt | - | High |
210 | 46.189.224.0 | 0.224.189.46.rev.vodafone.pt | - | High |
211 | 46.233.70.0 | - | - | High |
212 | 50.7.42.0 | - | - | High |
213 | 50.7.52.0 | - | - | High |
214 | 50.118.198.20 | - | - | High |
215 | 51.38.122.36 | - | - | High |
216 | 51.38.123.176 | ip176.ip-51-38-123.eu | - | High |
217 | 51.38.175.232 | ip232.ip-51-38-175.eu | - | High |
218 | 51.38.198.0 | - | - | High |
219 | 51.38.204.224 | ip224.ip-51-38-204.eu | - | High |
220 | 51.38.248.32 | ip32.ip-51-38-248.eu | - | High |
221 | 51.68.161.0 | - | - | High |
222 | 51.68.182.16 | - | - | High |
223 | 51.68.185.96 | - | - | High |
224 | 51.75.98.128 | ip128.ip-51-75-98.eu | - | High |
225 | 51.75.234.24 | ip24.ip-51-75-234.eu | - | High |
226 | 51.77.24.216 | - | - | High |
227 | 51.77.29.64 | - | - | High |
228 | 51.77.70.96 | - | - | High |
229 | 51.77.79.112 | ip112.ip-51-77-79.eu | - | High |
230 | 51.77.82.240 | fo0-rtune.buildpersonalityskills.com | - | High |
231 | 51.77.89.176 | gourl.io | - | High |
232 | 51.77.93.160 | ip160.ip-51-77-93.eu | - | High |
233 | 51.77.95.0 | ip0.ip-51-77-95.eu | - | High |
234 | 51.77.226.12 | ip12.ip-51-77-226.eu | - | High |
235 | 51.77.235.192 | 51.77.235.192.foip.abcvg.ovh | - | High |
236 | 51.89.9.128 | cryt.smartdatalifts.top | - | High |
237 | 51.89.13.176 | ip176.ip-51-89-13.eu | - | High |
238 | 51.89.24.160 | ip160.ip-51-89-24.eu | - | High |
239 | 51.89.32.80 | msa.ao | - | High |
240 | 51.89.54.208 | - | - | High |
241 | 51.89.115.48 | ip48.ip-51-89-115.eu | - | High |
242 | 51.89.122.160 | ip160.ip-51-89-122.eu | - | High |
243 | 51.91.89.160 | - | - | High |
244 | 51.163.30.0 | - | - | High |
245 | 51.163.92.96 | ae1.cor03.ls1.eu.equinix.net | - | High |
246 | 51.163.92.112 | et-0-0-0-1.cor04.ls1.eu.equinix.net | - | High |
247 | 51.163.92.120 | ae32.cor04.ls1.eu.equinix.net | - | High |
248 | 51.178.4.224 | ip224.ip-51-178-4.eu | - | High |
249 | 51.178.229.32 | advice.4.deltalettering.shop | - | High |
250 | 51.254.58.96 | - | - | High |
251 | 51.254.64.96 | - | - | High |
252 | 51.254.100.124 | 124.ip-51-254-100.eu | - | High |
253 | 51.254.127.126 | - | - | High |
254 | 51.254.162.120 | ip120.ip-51-254-162.eu | - | High |
255 | 51.254.164.32 | - | - | High |
256 | 51.254.188.0 | cloud4.qlxgg.com | - | High |
257 | 51.254.245.184 | - | - | High |
258 | 51.254.254.132 | ip132.ip-51-254-254.eu | - | High |
259 | 51.255.13.96 | ip96.ip-51-255-13.eu | - | High |
260 | 51.255.18.64 | - | - | High |
261 | 51.255.23.96 | perl-smtp2.p5rz.in | - | High |
262 | 51.255.25.64 | - | - | High |
263 | 51.255.30.48 | 51.255.30.48.voice.pt | - | High |
264 | 51.255.55.96 | - | - | High |
265 | 51.255.61.0 | bordic.net | - | High |
266 | 51.255.98.224 | ip224.ip-51-255-98.eu | - | High |
267 | 51.255.99.96 | ip96.ip-51-255-99.eu | - | High |
268 | 51.255.132.240 | - | - | High |
269 | 51.255.140.0 | ip0.ip-51-255-140.eu | - | High |
270 | 51.255.140.160 | ip160.ip-51-255-140.eu | - | High |
271 | 51.255.146.192 | 51.255.146.192.voice.pt | - | High |
272 | 51.255.151.56 | - | - | High |
273 | 51.255.208.72 | vpnout102-117-1-pt.ciberprotector.com | - | High |
274 | 51.255.208.216 | pencil3.secured-alert.info | - | High |
275 | 51.255.210.144 | ip144.ip-51-255-210.eu | - | High |
276 | 51.255.211.32 | ssl.gateway240.key19-marketing.com | - | High |
277 | 52.46.87.158 | - | - | High |
278 | 52.46.87.160 | - | - | High |
279 | 52.46.87.192 | - | - | High |
280 | 52.144.218.0 | - | - | High |
281 | 54.36.1.0 | ip0.ip-54-36-1.eu | - | High |
282 | 54.36.1.64 | pm6cz.parallelgold.co | - | High |
283 | 54.36.20.192 | ip192.ip-54-36-20.eu | - | High |
284 | 54.36.31.96 | ip96.ip-54-36-31.eu | - | High |
285 | 54.36.84.224 | - | - | High |
286 | 54.36.85.96 | ip96.ip-54-36-85.eu | - | High |
287 | 54.36.128.96 | ip96.ip-54-36-128.eu | - | High |
288 | 54.36.158.192 | - | - | High |
289 | 54.36.193.96 | ip96.ip-54-36-193.eu | - | High |
290 | 54.36.200.224 | ip224.ip-54-36-200.eu | - | High |
291 | 54.36.203.32 | - | - | High |
292 | 54.37.105.176 | ip176.ip-54-37-105.eu | - | High |
293 | 54.37.111.128 | relay111-128.happyforce.digital | - | High |
294 | 54.37.118.96 | ns5.webbsss.cloud | - | High |
295 | 54.37.119.96 | classic.samastmahajan.xyz | - | High |
296 | 54.37.177.160 | ip160.ip-54-37-177.eu | - | High |
297 | 54.37.178.192 | ip192.ip-54-37-178.eu | - | High |
298 | 57.79.128.0 | - | - | High |
299 | 57.79.132.0 | - | - | High |
300 | 57.79.132.6 | - | - | High |
301 | 57.79.132.8 | - | - | High |
302 | 57.79.132.16 | - | - | High |
303 | 57.79.132.32 | - | - | High |
304 | 57.79.132.64 | - | - | High |
305 | 57.79.132.128 | - | - | High |
306 | 57.79.133.0 | - | - | High |
307 | 57.79.134.0 | - | - | High |
308 | 57.79.136.0 | - | - | High |
309 | 57.79.144.0 | - | - | High |
310 | 58.97.128.0 | - | - | High |
311 | 62.22.70.92 | - | - | High |
312 | 62.28.0.0 | - | - | High |
313 | 62.40.98.106 | ae8.mx1.lon2.uk.geant.net | - | High |
314 | 62.40.124.98 | fccn-gw.mx2.lis.pt.geant.net | - | High |
315 | 62.48.128.0 | - | - | High |
316 | 62.169.64.0 | 62.169.64.0.rev.optimus.pt | - | High |
317 | 62.185.133.96 | - | - | High |
318 | 62.186.192.0 | - | - | High |
319 | 62.186.192.64 | - | - | High |
320 | 62.186.192.88 | - | - | High |
321 | 62.186.192.96 | - | - | High |
322 | 62.186.192.128 | - | - | High |
323 | 62.210.71.61 | 62-210-71-61.rev.poneytelecom.eu | - | High |
324 | 62.229.64.0 | - | - | High |
325 | 62.233.41.0 | - | - | High |
326 | 62.249.0.0 | - | - | High |
327 | 62.249.4.0 | - | - | High |
328 | 62.249.6.0 | - | - | High |
329 | 62.249.6.8 | - | - | High |
330 | 62.249.6.10 | 10.uvtc.net | - | High |
331 | 62.249.6.12 | 12.uvtc.net | - | High |
332 | 62.249.6.16 | - | - | High |
333 | 62.249.6.32 | - | - | High |
334 | 62.249.6.64 | - | - | High |
335 | 62.249.6.128 | - | - | High |
336 | 62.249.7.0 | - | - | High |
337 | 62.249.8.0 | - | - | High |
338 | 62.249.11.0 | - | - | High |
339 | 62.249.12.0 | - | - | High |
340 | 62.249.12.32 | - | - | High |
341 | 62.249.12.36 | - | - | High |
342 | 62.249.12.38 | - | - | High |
343 | 62.249.12.40 | - | - | High |
344 | 62.249.12.48 | - | - | High |
345 | 62.249.12.56 | - | - | High |
346 | 62.249.12.58 | - | - | High |
347 | 62.249.12.60 | - | - | High |
348 | 62.249.12.64 | - | - | High |
349 | 62.249.12.128 | - | - | High |
350 | 62.249.12.144 | - | - | High |
351 | 62.249.12.152 | - | - | High |
352 | 62.249.12.160 | - | - | High |
353 | 62.249.12.192 | - | - | High |
354 | 62.249.13.0 | - | - | High |
355 | 62.249.14.0 | - | - | High |
356 | 62.249.16.0 | - | - | High |
357 | 64.110.154.0 | - | - | High |
358 | 64.252.170.0 | server-64-252-170-0.lis50.r.cloudfront.net | - | High |
359 | 66.118.40.0 | - | - | High |
360 | 66.185.127.0 | - | - | High |
361 | 70.32.139.0 | - | - | High |
362 | 71.152.89.0 | - | - | High |
363 | 74.80.76.0 | - | - | High |
364 | 74.85.222.0 | - | - | High |
365 | 74.125.4.96 | lis01s01-in-f0.1e100.net | - | High |
366 | 74.125.4.128 | lis01s02-in-f0.1e100.net | - | High |
367 | 74.125.60.136 | - | - | High |
368 | 74.125.61.128 | - | - | High |
369 | 77.54.0.0 | 0.0.54.77.rev.vodafone.pt | - | High |
370 | 77.91.200.0 | - | - | High |
371 | 77.243.181.232 | - | - | High |
372 | 77.246.152.0 | - | - | High |
373 | 78.29.128.0 | - | - | High |
374 | 78.108.208.0 | - | - | High |
375 | 78.130.0.0 | - | - | High |
376 | 78.137.192.0 | 0.192.137.78.rev.vodafone.pt | - | High |
377 | 78.138.1.0 | - | - | High |
378 | 78.138.2.0 | - | - | High |
379 | 78.138.25.0 | - | - | High |
380 | 78.159.106.64 | - | - | High |
381 | 79.99.155.188 | ge-102-0-0.dis01.ls1.eu.equinix.net | - | High |
382 | 79.137.21.96 | ptnet.net | - | High |
383 | 79.137.53.32 | ip32.ip-79-137-53.eu | - | High |
384 | 79.168.0.0 | a79-168-0-0.cpe.netcabo.pt | - | High |
385 | 80.172.0.0 | - | - | High |
386 | 80.172.128.0 | - | - | High |
387 | 80.172.192.0 | - | - | High |
388 | 80.172.224.0 | - | - | High |
389 | 80.172.240.0 | - | - | High |
390 | 80.172.248.0 | - | - | High |
391 | 80.172.251.0 | - | - | High |
392 | 80.172.252.0 | - | - | High |
393 | 80.173.128.0 | - | - | High |
394 | 80.231.8.0 | if-ae-15-590.tcore1.ldn-london.as6453.net | - | High |
395 | 80.231.8.72 | - | - | High |
396 | 80.231.8.80 | - | - | High |
397 | 80.231.8.96 | - | - | High |
398 | 80.231.8.136 | - | - | High |
399 | 80.231.8.160 | - | - | High |
400 | 80.231.8.192 | - | - | High |
401 | 80.231.8.200 | - | - | High |
402 | ... | ... | ... | ... |
There are 1605 more IOC items available. Please use our online service to access the data.
TTP - Tactics, Techniques, Procedures
Tactics, techniques, and procedures (TTP) summarize the suspected MITRE ATT&CK techniques used by Portugal Unknown. This data is unique as it uses our predictive model for actor profiling.
ID | Technique | Weakness | Description | Confidence |
---|---|---|---|---|
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High |
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High |
3 | T1055 | CWE-74 | Injection | High |
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High |
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High |
6 | ... | ... | ... | ... |
There are 19 more TTP items available. Please use our online service to access the data.
IOA - Indicator of Attack
These indicators of attack (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Portugal Unknown. This data is unique as it uses our predictive model for actor profiling.
ID | Type | Indicator | Confidence |
---|---|---|---|
1 | File | //WEB-INF |
Medium |
2 | File | /?p=products |
Medium |
3 | File | /?r=recruit/resume/edit&op=status |
High |
4 | File | /about.php |
Medium |
5 | File | /admin.php/update/getFile.html |
High |
6 | File | /admin/?page=user/manage_user&id=3 |
High |
7 | File | /admin/about-us.php |
High |
8 | File | /admin/add-category.php |
High |
9 | File | /admin/cashadvance_row.php |
High |
10 | File | /admin/del_service.php |
High |
11 | File | /admin/edit_subject.php |
High |
12 | File | /admin/inquiries/view_inquiry.php |
High |
13 | File | /admin/maintenance/view_designation.php |
High |
14 | File | /admin/report/index.php |
High |
15 | File | /admin/service.php |
High |
16 | File | /admin/sys_sql_query.php |
High |
17 | File | /admin/userprofile.php |
High |
18 | File | /api/ |
Low |
19 | File | /api/admin/store/product/list |
High |
20 | File | /api/stl/actions/search |
High |
21 | File | /api/v2/cli/commands |
High |
22 | File | /api/wechat/app_auth |
High |
23 | File | /author_posts.php |
High |
24 | File | /bin/ate |
Medium |
25 | File | /booking/show_bookings/ |
High |
26 | File | /cgi-bin |
Medium |
27 | File | /cgi-bin/wlogin.cgi |
High |
28 | File | /chaincity/user/ticket/create |
High |
29 | File | /classes/Master.php?f=delete_service |
High |
30 | File | /classes/Master.php?f=save_course |
High |
31 | File | /classes/Master.php?f=save_item |
High |
32 | File | /classes/Users.php |
High |
33 | File | /company/store |
High |
34 | File | /contact/store |
High |
35 | File | /Controller/Ajaxfileupload.ashx |
High |
36 | File | /debug/pprof |
Medium |
37 | File | /Duty/AjaxHandle/UpLoadFloodPlanFile.ashx |
High |
38 | File | /Duty/AjaxHandle/UploadHandler.ashx |
High |
39 | File | /ecommerce/support_ticket |
High |
40 | File | /env |
Low |
41 | File | /etc/passwd |
Medium |
42 | File | /feeds/post/publish |
High |
43 | File | /forum/away.php |
High |
44 | File | /h/ |
Low |
45 | File | /hslist |
Low |
46 | File | /inc/jquery/uploadify/uploadify.php |
High |
47 | File | /inc/topBarNav.php |
High |
48 | File | /index.php?app=main&func=passport&action=login |
High |
49 | File | /index.php?page=category_list |
High |
50 | File | /jobinfo/ |
Medium |
51 | File | /Moosikay/order.php |
High |
52 | File | /note/index/delete |
High |
53 | File | /opac/Actions.php?a=login |
High |
54 | File | /paysystem/datatable.php |
High |
55 | File | /php-sms/admin/?page=user/manage_user |
High |
56 | File | /preview.php |
Medium |
57 | File | /PreviewHandler.ashx |
High |
58 | File | /property |
Medium |
59 | File | /recipe-result |
High |
60 | ... | ... | ... |
There are 527 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
References
The following list contains external sources which discuss the actor and the associated activities:
- https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_pt.netset
- https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_pt.netset
- https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/ipip_country/ipip_country_pt.netset
Literature
The following articles explain our unique predictive cyber threat intelligence:
- VulDB Cyber Threat Intelligence Documentation
- Cyber Threat Intelligence - Early Anticipation of Attacks
License
(c) 1997-2023 by vuldb.com. All data on this page is shared under the license CC BY-NC-SA 4.0. Questions? Check the FAQ, read the documentation or contact us!