Mirrors/cyber_threat_intelligence
6
0
Fork 0
mirror of https://github.com/vuldb/cyber_threat_intelligence synced 2024-06-28 09:53:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
5e84854492
cyber_threat_intelligence/actors/Emotet
History
Marc Ruef 5e84854492 Update October 2023
2023-10-27 13:52:44 +02:00
..
README.md Update October 2023 2023-10-27 13:52:44 +02:00

README.md

Emotet - Cyber Threat Intelligence

These indicators were reported, collected, and generated during the VulDB CTI analysis of the actor known as Emotet. The activity monitoring correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique predictive model uses big data to forecast activities and their characteristics.

Live data and more analysis capabilities are available at https://vuldb.com/?actor.emotet

Countries

These countries are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Emotet:

There are 10 more country items available. Please use our online service to access the data.

IOC - Indicator of Compromise

These indicators of compromise (IOC) indicate associated network resources which are known to be part of research and attack activities of Emotet.

ID IP address Hostname Campaign Confidence
1 0.0.0.1 - - High
2 0.0.1.0 - - High
3 0.0.1.1 - - High
4 0.0.1.4 - - High
5 0.0.4.0 - - High
6 0.0.5.0 - - High
7 0.0.5.4 - - High
8 0.1.0.0 - - High
9 0.1.1.0 - - High
10 0.1.1.4 - - High
11 0.1.4.4 - - High
12 0.1.5.0 - - High
13 0.1.5.4 - - High
14 0.2.0.0 - - High
15 0.2.0.1 - - High
16 0.32.0.1 - - High
17 0.64.0.0 - - High
18 0.64.0.1 - - High
19 0.64.0.65 - - High
20 0.64.2.1 - - High
21 0.64.2.9 - - High
22 0.64.16.1 - - High
23 0.64.16.65 - - High
24 0.66.0.0 - - High
25 0.66.0.1 - - High
26 0.68.0.1 - - High
27 0.68.2.9 - - High
28 0.96.0.1 - - High
29 0.96.0.65 - - High
30 0.96.16.1 - - High
31 0.96.16.65 - - High
32 1.0.0.4 - - High
33 1.0.1.0 - - High
34 1.0.1.1 - - High
35 1.0.1.4 - - High
36 1.0.4.0 - - High
37 1.0.4.4 ns1.gtelecom.com.au - High
38 1.0.5.0 - - High
39 1.0.5.4 - - High
40 1.1.0.0 - - High
41 1.1.0.4 - - High
42 1.1.1.0 - - High
43 1.1.1.4 - - High
44 1.1.4.0 - - High
45 1.1.4.4 - - High
46 1.1.5.0 - - High
47 1.1.5.4 - - High
48 1.5.141.72 - - High
49 1.21.136.179 - - High
50 1.40.193.129 - - High
51 1.48.7.221 - - High
52 1.48.131.141 - - High
53 1.53.34.223 - - High
54 1.54.67.22 - - High
55 1.74.7.221 mo1-74-7-221.air.mopera.net - High
56 1.104.7.221 - - High
57 1.120.193.129 cpe-1-120-193-129.4cbp-r-037.cha.qld.bigpond.net.au - High
58 1.125.7.221 - - High
59 1.128.131.141 - - High
60 1.137.72.0 - - High
61 1.139.72.13 - - High
62 1.139.72.14 - - High
63 1.139.72.207 - - High
64 1.142.132.15 - - High
65 1.186.249.82 1.186.249.82.dvois.com - High
66 1.192.235.164 - - High
67 1.220.7.221 - - High
68 1.221.254.82 - - High
69 1.223.7.221 - - High
70 1.226.84.243 - - High
71 1.234.2.232 - - High
72 1.234.21.73 - - High
73 1.234.65.61 - - High
74 1.238.233.0 - - High
75 2.36.95.106 net-2-36-95-106.cust.vodafonedsl.it - High
76 2.38.7.221 net-2-38-7-221.cust.vodafonedsl.it - High
77 2.40.128.139 net-2-40-128-139.cust.vodafonedsl.it - High
78 2.40.129.139 net-2-40-129-139.cust.vodafonedsl.it - High
79 2.45.176.233 net-2-45-176-233.cust.vodafonedsl.it - High
80 2.47.112.152 net-2-47-112-152.cust.vodafonedsl.it - High
81 2.58.16.86 - - High
82 2.58.16.87 - - High
83 2.58.16.88 - - High
84 2.58.16.89 - - High
85 2.80.112.146 bl19-112-146.dsl.telepac.pt - High
86 2.82.75.215 bl21-75-215.dsl.telepac.pt - High
87 2.84.12.98 ppp-2-84-12-98.home.otenet.gr - High
88 2.144.244.204 - - High
89 2.195.172.209 - - High
90 2.206.233.1 dslb-002-206-233-001.002.206.pools.vodafone-ip.de - High
91 2.214.46.14 dynamic-002-214-046-014.2.214.pool.telefonica.de - High
92 2.237.76.249 2-237-76-249.ip237.fastwebnet.it - High
93 3.2.1.1 - - High
94 3.136.17.20 ec2-3-136-17-20.us-east-2.compute.amazonaws.com - Medium
95 3.187.12.235 - - High
96 3.187.14.117 - - High
97 3.253.193.72 ec2-3-253-193-72.eu-west-1.compute.amazonaws.com - Medium
98 4.0.0.0 - - High
99 4.0.0.1 - - High
100 4.0.7.187 - - High
101 4.2.0.0 - - High
102 4.2.0.1 - - High
103 4.64.0.0 - - High
104 4.64.0.1 - - High
105 4.66.0.0 - - High
106 4.66.0.1 - - High
107 4.173.7.221 - - High
108 5.1.86.195 5-1-86-195.static.creoline.net - High
109 5.2.75.167 coms.a9v34.com.cn - High
110 5.2.84.232 momos.alastyr.com - High
111 5.2.136.90 static-5-2-136-90.rdsnet.ro - High
112 5.2.164.75 mail.curier.ro - High
113 5.2.182.7 static-5-2-182-7.rdsnet.ro - High
114 5.2.198.197 - - High
115 5.2.212.254 static-5-2-212-254.rdsnet.ro - High
116 5.2.246.108 static-5-2-246-108.rdsnet.ro - High
117 5.9.49.12 static.12.49.9.5.clients.your-server.de - High
118 5.9.116.246 static.246.116.9.5.clients.your-server.de - High
119 5.9.128.163 static.163.128.9.5.clients.your-server.de - High
120 5.9.189.24 static.24.189.9.5.clients.your-server.de - High
121 5.9.252.80 atlas.saturn.ggkthx.eu - High
122 5.12.233.12 5-12-233-12.residential.rdsnet.ro - High
123 5.12.246.155 5-12-246-155.residential.rdsnet.ro - High
124 5.32.55.214 - - High
125 5.32.65.50 - - High
126 5.35.249.46 rs250366.rs.hosteurope.de - High
127 5.37.191.91 5.37.191.91.dynamic-dsl-ip.omantel.net.om - High
128 5.39.69.166 ns340204.ip-5-39-69.eu - High
129 5.39.84.48 ns3126815.ip-5-39-84.eu - High
130 5.39.91.110 ns3278366.ip-5-39-91.eu - High
131 5.45.77.29 ds01.slirx.com - High
132 5.45.108.146 cosmo.jumpingcrab.com - High
133 5.56.56.146 sites1.tucomunidad.cloud - High
134 5.56.132.177 asiatech.dn-server.com - High
135 5.77.13.70 mx.pirant.tomsk.ru - High
136 5.79.70.250 - - High
137 5.89.33.136 net-5-89-33-136.cust.vodafonedsl.it - High
138 5.101.138.188 uk.mthservers.com - High
139 5.135.159.50 ks3303146.kimsufi.com - High
140 5.141.76.15 - - High
141 5.159.57.195 www-riedle.transfermarkt.de - High
142 5.189.148.98 - - High
143 5.189.160.61 ip-61-160-189-5.static.contabo.net - High
144 5.189.168.53 vmd97080.contaboserver.net - High
145 5.189.178.202 ip-202-178-189-5.static.contabo.net - High
146 5.196.35.138 vps10.open-techno.net - High
147 5.196.73.150 ns3000085.ip-5-196-73.eu - High
148 5.196.74.210 ns3003340.ip-5-196-74.eu - High
149 5.196.108.189 ip189.ip-5-196-108.eu - High
150 5.196.133.206 pixelfed.hosnet.fr - High
151 5.230.147.179 - - High
152 5.230.193.41 casagarcia-web.sys.netzfabrik.eu - High
153 5.253.30.17 17.30-253-5.rdns.scalabledns.com - High
154 5.255.255.70 yandex.ru - High
155 5.255.255.77 yandex.ru - High
156 6.43.51.17 - - High
157 6.62.33.25 - - High
158 6.116.51.249 - - High
159 6.143.56.130 - - High
160 7.4.223.187 - - High
161 7.119.118.126 - - High
162 7.139.72.0 - - High
163 7.187.14.117 - - High
164 7.221.185.208 - - High
165 7.221.185.218 - - High
166 7.228.68.224 - - High
167 7.232.185.208 - - High
168 8.0.0.0 - - High
169 8.0.0.1 - - High
170 8.0.0.9 - - High
171 8.0.0.65 - - High
172 8.0.16.1 - - High
173 8.0.16.65 - - High
174 8.2.0.0 8-2-0-0.choopa.net - High
175 8.2.0.1 8-2-0-1.choopa.net - High
176 8.2.0.64 8-2-0-64.choopa.net - High
177 8.2.2.0 - - High
178 8.2.2.8 - - High
179 8.2.16.0 - - High
180 8.2.16.64 - - High
181 8.4.2.1 - - High
182 8.4.2.9 - - High
183 8.4.9.137 onlinehorizons.net - High
184 8.6.0.0 - - High
185 8.6.0.8 - - High
186 8.6.2.0 - - High
187 8.6.2.8 - - High
188 8.9.11.48 8.9.11.48.vultrusercontent.com - High
189 8.9.36.234 8.9.36.234.vultrusercontent.com - High
190 8.14.232.207 - - High
191 8.32.0.1 - - High
192 8.32.0.65 - - High
193 8.32.16.1 - - High
194 8.34.0.0 - - High
195 8.34.0.64 - - High
196 8.34.16.0 - - High
197 8.34.16.64 - - High
198 8.64.0.0 - - High
199 8.64.0.1 - - High
200 8.64.16.1 - - High
201 8.66.0.0 - - High
202 8.66.0.1 - - High
203 8.75.57.144 - - High
204 8.116.49.57 - - High
205 8.137.32.70 - - High
206 8.139.72.24 - - High
207 8.139.72.72 - - High
208 8.144.232.83 - - High
209 8.153.103.130 - - High
210 8.184.129.38 - - High
211 8.193.131.72 - - High
212 8.247.6.134 - - High
213 8.248.153.254 - - High
214 8.248.163.254 - - High
215 8.249.219.254 - - High
216 8.249.241.254 - - High
217 8.253.45.214 - - High
218 8.253.131.121 - - High
219 9.5.14.49 - - High
220 9.15.49.96 - - High
221 9.72.10.187 - - High
222 9.116.192.133 - - High
223 9.172.212.216 - - High
224 9.234.94.202 - - High
225 10.120.225.81 - - High
226 11.23.33.44 - - High
227 11.83.16.118 - - High
228 11.113.10.58 - - High
229 11.116.245.109 - - High
230 11.152.26.27 - - High
231 12.6.148.4 mail.carters.com - High
232 12.6.183.21 - - High
233 12.30.50.130 - - High
234 12.32.68.154 mail.sealscoinc.com - High
235 12.116.192.133 - - High
236 12.136.199.117 - - High
237 12.149.72.170 - - High
238 12.162.84.2 - - High
239 12.163.144.0 - - High
240 12.163.208.58 - - High
241 12.175.220.98 - - High
242 12.182.146.226 - - High
243 12.184.217.101 - - High
244 12.222.134.10 - - High
245 12.238.114.130 - - High
246 13.24.105.178 - - High
247 13.107.21.200 - - High
248 13.111.29.162 mta.e.fields.ca - High
249 13.116.192.133 85.c0.740d.ip4.static.sl-reverse.com - High
250 13.116.201.133 85.c9.740d.ip4.static.sl-reverse.com - High
251 13.162.80.0 - - High
252 13.226.146.174 server-13-226-146-174.dus51.r.cloudfront.net - High
253 13.232.216.77 ec2-13-232-216-77.ap-south-1.compute.amazonaws.com - Medium
254 14.49.39.215 - - High
255 14.68.51.5 - - High
256 14.116.201.133 - - High
257 14.117.203.5 - - High
258 14.119.51.5 - - High
259 14.119.203.5 - - High
260 14.122.59.5 - - High
261 14.125.102.27 - - High
262 14.133.84.226 14-133-84-226.area5a.commufa.jp - High
263 14.160.93.230 mail.hamalinclothing.com - High
264 14.186.17.117 static.vnpt.vn - High
265 14.241.182.160 static.vnpt.vn - High
266 15.0.15.191 - - High
267 15.0.15.205 - - High
268 15.0.15.212 - - High
269 15.0.15.215 - - High
270 15.0.15.216 - - High
271 15.0.15.223 - - High
272 15.0.15.224 - - High
273 15.0.15.225 - - High
274 15.0.29.158 - - High
275 15.0.29.159 - - High
276 15.69.89.200 - - High
277 15.153.114.192 - - High
278 15.192.133.255 - - High
279 15.207.43.21 ec2-15-207-43-21.ap-south-1.compute.amazonaws.com - Medium
280 15.207.211.21 ec2-15-207-211-21.ap-south-1.compute.amazonaws.com - Medium
281 15.210.251.21 - - High
282 15.211.51.21 - - High
283 15.212.227.21 - - High
284 15.213.195.21 - - High
285 15.214.3.21 - - High
286 15.219.19.21 - - High
287 15.221.147.21 - - High
288 15.224.115.21 - - High
289 15.225.71.220 - - High
290 15.234.51.21 - - High
291 15.235.19.21 ip21.ip-15-235-19.net - High
292 15.243.59.238 - - High
293 15.255.133.72 - - High
294 15.255.133.77 - - High
295 16.0.0.0 - - High
296 16.64.139.72 - - High
297 16.79.107.21 - - High
298 16.91.8.134 - - High
299 17.20.148.183 - - High
300 17.36.205.74 - - High
301 17.56.136.171 p74-smtp.mail.icloud.com - High
302 17.154.126.30 - - High
303 17.233.0.0 - - High
304 17.234.138.68 - - High
305 18.37.240.161 - - High
306 18.188.218.228 ec2-18-188-218-228.us-east-2.compute.amazonaws.com - Medium
307 18.191.122.164 ec2-18-191-122-164.us-east-2.compute.amazonaws.com - Medium
308 18.209.113.128 ec2-18-209-113-128.compute-1.amazonaws.com - Medium
309 18.211.9.206 ec2-18-211-9-206.compute-1.amazonaws.com - Medium
310 18.217.99.164 ec2-18-217-99-164.us-east-2.compute.amazonaws.com - Medium
311 18.229.236.50 ec2-18-229-236-50.sa-east-1.compute.amazonaws.com - Medium
312 18.251.7.221 - - High
313 19.72.28.109 - - High
314 20.154.175.97 - - High
315 20.172.189.25 - - High
316 21.0.47.193 - - High
317 21.26.115.5 - - High
318 21.93.136.79 - - High
319 21.116.192.133 - - High
320 21.141.72.0 - - High
321 21.141.72.234 - - High
322 21.251.60.6 - - High
323 21.255.0.0 - - High
324 21.255.0.139 - - High
325 21.255.16.64 - - High
326 21.255.48.64 - - High
327 21.255.64.64 - - High
328 21.255.72.4 - - High
329 21.255.72.168 - - High
330 21.255.88.64 - - High
331 22.60.74.9 - - High
332 22.127.236.147 - - High
333 22.140.21.143 - - High
334 22.210.58.207 - - High
335 22.211.207.175 - - High
336 23.3.13.88 a23-3-13-88.deploy.static.akamaitechnologies.com - High
337 23.3.13.146 a23-3-13-146.deploy.static.akamaitechnologies.com - High
338 23.3.13.153 a23-3-13-153.deploy.static.akamaitechnologies.com - High
339 23.3.13.154 a23-3-13-154.deploy.static.akamaitechnologies.com - High
340 23.5.231.225 a23-5-231-225.deploy.static.akamaitechnologies.com - High
341 23.6.65.194 a23-6-65-194.deploy.static.akamaitechnologies.com - High
342 23.6.69.99 a23-6-69-99.deploy.static.akamaitechnologies.com - High
343 23.36.85.183 a23-36-85-183.deploy.static.akamaitechnologies.com - High
344 23.41.248.194 a23-41-248-194.deploy.static.akamaitechnologies.com - High
345 23.46.53.71 a23-46-53-71.deploy.static.akamaitechnologies.com - High
346 23.46.150.48 a23-46-150-48.deploy.static.akamaitechnologies.com - High
347 23.46.150.72 a23-46-150-72.deploy.static.akamaitechnologies.com - High
348 23.46.238.193 a23-46-238-193.deploy.static.akamaitechnologies.com - High
349 23.46.238.194 a23-46-238-194.deploy.static.akamaitechnologies.com - High
350 23.46.238.232 a23-46-238-232.deploy.static.akamaitechnologies.com - High
351 23.52.7.20 a23-52-7-20.deploy.static.akamaitechnologies.com - High
352 23.67.200.172 a23-67-200-172.deploy.static.akamaitechnologies.com - High
353 23.67.202.10 a23-67-202-10.deploy.static.akamaitechnologies.com - High
354 23.92.16.164 li640-164.members.linode.com - High
355 23.92.22.225 se1.xicrg.com - High
356 23.95.95.18 23-95-95-18-host.colocrossing.com - High
357 23.111.156.118 23-111-156-118.static.hvvc.us - High
358 23.115.24.218 23-115-24-218.lightspeed.dctril.sbcglobal.net - High
359 23.197.19.180 a23-197-19-180.deploy.static.akamaitechnologies.com - High
360 23.199.63.11 a23-199-63-11.deploy.static.akamaitechnologies.com - High
361 23.199.71.185 a23-199-71-185.deploy.static.akamaitechnologies.com - High
362 23.218.127.164 a23-218-127-164.deploy.static.akamaitechnologies.com - High
363 23.218.141.31 a23-218-141-31.deploy.static.akamaitechnologies.com - High
364 23.221.50.122 a23-221-50-122.deploy.static.akamaitechnologies.com - High
365 23.221.72.10 a23-221-72-10.deploy.static.akamaitechnologies.com - High
366 23.221.72.27 a23-221-72-27.deploy.static.akamaitechnologies.com - High
367 23.223.28.11 a23-223-28-11.deploy.static.akamaitechnologies.com - High
368 23.227.38.64 shops.myshopify.com - High
369 23.229.115.217 - - High
370 23.229.190.0 ip-23-229-190-0.ip.secureserver.net - High
371 23.239.0.12 li680-12.members.linode.com - High
372 23.239.2.11 li683-11.members.linode.com - High
373 23.246.204.126 7e.cc.f617.ip4.static.sl-reverse.com - High
374 23.253.208.162 - - High
375 23.254.203.51 hwsrv-779084.hostwindsdns.com - High
376 24.3.178.228 c-24-3-178-228.hsd1.pa.comcast.net - High
377 24.14.3.175 - - High
378 24.26.151.3 cpe-24-26-151-3.columbus.res.rr.com - High
379 24.40.239.62 24-40-239-62.fidnet.com - High
380 24.43.32.186 rrcs-24-43-32-186.west.biz.rr.com - High
381 24.43.99.75 rrcs-24-43-99-75.west.biz.rr.com - High
382 24.45.195.162 ool-182dc3a2.dyn.optonline.net - High
383 24.51.106.145 - - High
384 24.59.228.182 cpe-24-59-228-182.twcny.res.rr.com - High
385 24.69.65.8 - - High
386 24.69.137.72 S0106606c630d63f3.gv.shawcable.net - High
387 24.94.237.248 cpe-24-94-237-248.sw.res.rr.com - High
388 24.99.5.248 c-24-99-5-248.hsd1.ga.comcast.net - High
389 24.101.229.82 dynamic-acs-24-101-229-82.zoominternet.net - High
390 24.105.202.216 24-105-202-216.ip.mhcable.com - High
391 24.116.40.208 24-116-40-208.cpe.sparklight.net - High
392 24.119.116.230 24-119-116-230.cpe.sparklight.net - High
393 24.121.176.48 24-121-176-48.prkrcmtc01.com.sta.suddenlink.net - High
394 24.127.65.63 c-24-127-65-63.hsd1.mi.comcast.net - High
395 24.133.106.23 - - High
396 24.135.1.177 cable-24-135-1-177.dynamic.sbb.rs - High
397 24.135.69.146 cable-24-135-69-146.dynamic.sbb.rs - High
398 24.137.76.62 host-24-137-76-62.public.eastlink.ca - High
399 24.152.37.138 24-152-37-138.masterdaweb.com - High
400 24.157.25.203 dynamic.libertypr.net - High
401 24.164.79.147 cpe-24-164-79-147.cinci.res.rr.com - High
402 24.178.90.49 024-178-090-049.res.spectrum.com - High
403 24.179.13.119 024-179-013-119.res.spectrum.com - High
404 24.190.11.79 ool-18be0b4f.dyn.optonline.net - High
405 24.196.49.98 024-196-049-098.biz.spectrum.com - High
406 24.201.79.34 modemcable034.79-201-24.mc.videotron.ca - High
407 24.203.4.40 modemcable040.4-203-24.mc.videotron.ca - High
408 24.216.53.12 024-216-053-012.res.spectrum.com - High
409 24.217.117.217 024-217-117-217.res.spectrum.com - High
410 24.230.124.78 24-230-124-78-static.midco.net - High
411 24.230.141.169 24-230-141-169-dynamic.midco.net - High
412 24.231.51.190 - - High
413 24.231.88.85 host-24-231-88-85.public.eastlink.ca - High
414 24.232.0.227 smtp.fibertel.com.ar - High
415 24.232.228.233 OL233-228.fibertel.com.ar - High
416 24.234.133.205 wsip-24-234-133-205.lv.lv.cox.net - High
417 24.244.177.40 - - High
418 24.245.65.66 host-24-245-65-66.vyvebroadband.net - High
419 24.248.225.107 wsip-24-248-225-107.ks.ks.cox.net - High
420 24.249.135.121 wsip-24-249-135-121.ks.ks.cox.net - High
421 25.6.95.114 - - High
422 25.21.141.72 - - High
423 25.185.126.126 - - High
424 26.0.159.228 - - High
425 26.19.105.199 - - High
426 26.192.126.47 - - High
427 26.224.115.246 - - High
428 27.4.80.183 - - High
429 27.7.14.122 - - High
430 27.50.89.209 27-50-89-209.as45671.net - High
431 27.54.89.58 vm-1m-r44.ipv4.per01.ds.network - High
432 27.55.166.48 ppp-27-55-166-48.revip3.asianet.co.th - High
433 27.73.70.219 localhost - High
434 27.78.27.110 localhost - High
435 27.82.5.141 KD027082005141.ppp-bb.dion.ne.jp - High
436 27.82.13.10 KD027082013010.ppp-bb.dion.ne.jp - High
437 27.109.24.214 - - High
438 27.114.9.93 i27-114-9-93.s41.a011.ap.plala.or.jp - High
439 27.147.163.188 163.188.cetus.link3.net - High
440 27.254.65.114 - - High
441 27.254.81.87 cloud-linux09.thaidata.net - High
442 27.254.174.84 - - High
443 28.49.84.29 - - High
444 28.226.51.136 - - High
445 29.4.44.70 - - High
446 29.25.67.13 - - High
447 29.146.139.51 - - High
448 29.147.57.19 - - High
449 29.153.99.21 - - High
450 30.72.85.222 - - High
451 30.99.177.63 - - High
452 30.139.135.130 - - High
453 30.213.130.98 - - High
454 31.3.135.232 mirror.tillo.ch - High
455 31.12.67.62 - - High
456 31.15.0.15 - - High
457 31.22.4.160 sv.comparelight.com - High
458 31.24.158.56 bm.servidoresdedicados.com - High
459 31.27.59.105 net-31-27-59-105.cust.vodafonedsl.it - High
460 31.31.77.83 - - High
461 31.146.61.34 31-146-61-34.dsl.utg.ge - High
462 31.167.248.50 - - High
463 31.172.86.183 - - High
464 31.172.240.91 - - High
465 31.198.118.56 host-31-198-118-56.business.telecomitalia.it - High
466 31.207.89.74 - - High
467 31.220.49.39 - - High
468 31.238.181.227 - - High
469 32.7.221.185 - - High
470 32.36.68.137 - - High
471 32.53.89.86 - - High
472 32.64.0.9 - - High
473 32.64.2.1 - - High
474 32.68.0.1 - - High
475 32.68.2.1 - - High
476 32.68.2.9 - - High
477 32.153.19.64 - - High
478 32.196.131.72 - - High
479 32.236.131.72 - - High
480 33.88.48.79 - - High
481 33.92.35.218 - - High
482 34.70.32.113 113.32.70.34.bc.googleusercontent.com - Medium
483 34.80.191.247 247.191.80.34.bc.googleusercontent.com - Medium
484 34.85.105.209 209.105.85.34.bc.googleusercontent.com - Medium
485 34.113.42.231 - - High
486 34.117.59.81 81.59.117.34.bc.googleusercontent.com - Medium
487 34.192.19.33 ec2-34-192-19-33.compute-1.amazonaws.com - Medium
488 34.213.169.60 ec2-34-213-169-60.us-west-2.compute.amazonaws.com - Medium
489 34.242.208.206 ec2-34-242-208-206.eu-west-1.compute.amazonaws.com - Medium
490 34.252.175.201 ec2-34-252-175-201.eu-west-1.compute.amazonaws.com - Medium
491 35.104.141.214 - - High
492 35.143.99.174 035-143-099-174.biz.spectrum.com - High
493 35.167.6.44 ec2-35-167-6-44.us-west-2.compute.amazonaws.com - Medium
494 35.184.245.68 68.245.184.35.bc.googleusercontent.com - Medium
495 35.190.87.116 116.87.190.35.bc.googleusercontent.com - Medium
496 35.203.98.50 50.98.203.35.bc.googleusercontent.com - Medium
497 35.213.151.141 141.151.213.35.bc.googleusercontent.com - Medium
498 35.214.151.75 75.151.214.35.bc.googleusercontent.com - Medium
499 36.4.139.73 - - High
500 36.67.23.59 - - High
501 36.68.137.72 - - High
502 36.76.137.72 - - High
503 36.84.141.72 - - High
504 36.88.153.213 - - High
505 36.91.44.183 - - High
506 36.92.137.72 - - High
507 36.92.139.72 - - High
508 36.233.8.67 36-233-8-67.dynamic-ip.hinet.net - High
509 36.233.209.145 36-233-209-145.dynamic-ip.hinet.net - High
510 37.9.175.14 14.175.9.37.in-addr.arpa.websupport.sk - High
511 37.12.54.30 30.red-37-12-54.dynamicip.rima-tde.net - High
512 37.44.244.177 - - High
513 37.46.129.215 we-too.ru - High
514 37.59.1.74 ns321849.ip-37-59-1.eu - High
515 37.59.103.148 148.ip-37-59-103.eu - High
516 37.59.209.141 - - High
517 37.70.8.161 161.8.70.37.rev.sfr.net - High
518 37.70.131.107 107.131.70.37.rev.sfr.net - High
519 37.81.186.251 - - High
520 37.85.5.208 - - High
521 37.97.135.82 37-97-135-82.colo.transip.net - High
522 37.120.175.15 v220220112692175454.nicesrv.de - High
523 37.139.21.175 37.139.21.175-e2-8080-keep-up - High
524 37.157.194.134 - - High
525 37.179.145.105 net-37-179-145-105.cust.vodafonedsl.it - High
526 37.179.204.33 - - High
527 37.183.81.217 - - High
528 37.187.4.178 ks2.kku.io - High
529 37.187.5.82 ks3370412.kimsufi.com - High
530 37.187.56.166 - - High
531 37.187.57.57 ns3357940.ovh.net - High
532 37.187.72.193 ns3362285.ip-37-187-72.eu - High
533 37.187.100.220 ns3045097.ip-37-187-100.eu - High
534 37.187.114.15 ns328458.ip-37-187-114.eu - High
535 37.187.115.122 ns328855.ip-37-187-115.eu - High
536 37.187.161.206 toolbox.alabs.io - High
537 37.187.216.196 196.ip-37-187-216.eu - High
538 37.205.9.252 s1.ithelp24.eu - High
539 37.208.39.59 - - High
540 37.208.106.146 mail.joerrens.com - High
541 37.220.6.126 mac-qq.space - High
542 37.221.70.250 b2b-customer.inftele.net - High
543 37.228.137.204 wiki.lmap.ir - High
544 37.232.216.112 static-37-232-216-112.netbynet.ru - High
545 37.247.35.132 ns2.djhost.nl - High
546 37.247.101.241 server241.turkwebdizayn.com - High
547 38.18.235.242 38-235-242.wifrs.pars.tx.3dsn.net - High
548 38.30.163.236 - - High
549 38.69.157.53 38-69-157-53.cust.metroloop.net - High
550 38.85.40.247 - - High
551 38.88.126.202 h38-88-126-202.ip4.unmetered.zone - High
552 38.111.46.46 cbegypt.use-trade.com - High
553 38.217.125.207 - - High
554 38.227.173.245 - - High
555 39.112.243.65 - - High
556 39.195.42.35 - - High
557 40.0.0.1 nametest-proxy.ema.lilly.com - High
558 40.2.0.0 - - High
559 40.2.0.8 - - High
560 40.2.2.0 - - High
561 40.2.2.8 - - High
562 40.4.2.9 - - High
563 40.6.0.0 - - High
564 40.6.0.8 - - High
565 40.6.2.0 - - High
566 40.6.2.8 ustltllyc417.am.lilly.com - High
567 40.65.198.17 - - High
568 40.76.187.142 - - High
569 40.77.139.72 - - High
570 40.97.124.18 - - High
571 40.114.217.184 - - High
572 40.131.141.72 h72.141.131.40.dynamic.ip.windstream.net - High
573 40.251.54.87 - - High
574 41.21.255.16 vc-vb-41-21-255-16.ens.vodacom.co.za - High
575 41.40.125.237 host-41.40.125.237.tedata.net - High
576 41.45.222.121 host-41.45.222.121.tedata.net - High
577 41.60.200.34 41.60.200.34.liquidtelecom.net - High
578 41.73.252.195 - - High
579 41.76.108.46 - - High
580 41.76.213.144 diamondelement.dedicated.co.za - High
581 41.150.87.93 8ta-150-87-93.telkomadsl.co.za - High
582 41.169.20.147 - - High
583 41.169.36.237 - - High
584 41.185.28.84 brf01-nix01.wadns.net - High
585 41.185.29.128 abp79-nix01.wadns.net - High
586 41.190.32.8 smtp11.utande.co.zw - High
587 41.203.62.170 - - High
588 41.204.202.41 www41.cpt2.host-h.net - High
589 41.212.89.128 - - High
590 41.220.119.246 41.220.119.246.accesskenya.com - High
591 41.226.30.6 - - High
592 41.231.225.139 - - High
593 41.233.0.0 - - High
594 42.6.66.255 - - High
595 42.58.177.189 - - High
596 42.62.40.103 - - High
597 42.112.214.48 - - High
598 42.200.96.63 42-200-96-63.static.imsbiz.com - High
599 42.200.107.142 42-200-107-142.static.imsbiz.com - High
600 43.36.55.179 - - High
601 43.72.219.51 - - High
602 43.119.87.160 - - High
603 43.129.209.178 - - High
604 43.207.140.129 ec2-43-207-140-129.ap-northeast-1.compute.amazonaws.com - Medium
605 43.229.62.186 rocket-cheese.bnr.la - High
606 43.229.206.214 214.subnet43-229-206.static.inet.net.id - High
607 44.96.104.36 - - High
608 44.117.178.22 - - High
609 44.153.110.120 - - High
610 44.163.215.176 - - High
611 45.7.221.185 45-7-221-185.i9fibra.net.br - High
612 45.10.24.134 stunn.oa1000.com - High
613 45.12.90.144 - - High
614 45.13.132.26 - - High
615 45.15.23.184 - - High
616 45.16.226.117 45-16-226-117.lightspeed.sndgca.sbcglobal.net - High
617 45.32.114.141 45.32.114.141.vultrusercontent.com - High
618 45.33.35.74 45-33-35-74.ip.linodeusercontent.com - High
619 45.33.35.103 li985-103.members.linode.com - High
620 45.33.49.124 45-33-49-124.ip.linodeusercontent.com - High
621 45.33.54.74 li1004-74.members.linode.com - High
622 45.33.77.42 li1023-42.members.linode.com - High
623 45.36.193.58 gen-045-036-193-58.res.spectrum.com - High
624 45.42.31.50 - - High
625 45.46.37.97 cpe-45-46-37-97.maine.res.rr.com - High
626 45.55.36.51 - - High
627 45.55.44.204 - - High
628 45.55.63.166 - - High
629 45.55.65.123 - - High
630 45.55.82.2 - - High
631 45.55.134.126 - - High
632 45.55.179.121 - - High
633 45.55.191.130 - - High
634 45.55.219.163 - - High
635 45.56.88.91 45-56-88-91.ip.linodeusercontent.com - High
636 45.56.127.75 li945-75.members.linode.com - High
637 45.59.204.133 rrcs-45-59-204-133.west.biz.rr.com - High
638 45.63.5.129 45.63.5.129.vultrusercontent.com - High
639 45.63.99.23 unifi.wl88.pt - High
640 45.71.195.104 - - High
641 45.71.195.106 speedtest2.alternativaip.net.br - High
642 45.71.195.120 45-71-195-120.alternativaip.net.br - High
643 45.76.1.145 45.76.1.145.vultrusercontent.com - High
644 45.76.159.214 45.76.159.214.vultrusercontent.com - High
645 45.76.176.10 45.76.176.10.vultrusercontent.com - High
646 45.76.181.158 45.76.181.158.vultrusercontent.com - High
647 45.77.154.161 45.77.154.161.vultrusercontent.com - High
648 45.79.33.48 45-79-33-48.ip.linodeusercontent.com - High
649 45.79.80.198 45-79-80-198.ip.linodeusercontent.com - High
650 45.79.95.107 li1194-107.members.linode.com - High
651 45.79.173.200 45-79-173-200.ip.linodeusercontent.com - High
652 45.79.188.67 li1287-67.members.linode.com - High
653 45.79.208.4 45-79-208-4.ip.linodeusercontent.com - High
654 45.79.223.161 www.coasterqueen.com - High
655 45.80.148.200 - - High
656 45.93.136.110 - - High
657 45.114.167.125 - - High
658 45.117.10.70 - - High
659 45.118.115.99 - - High
660 45.118.135.203 45-118-135-203.ip.linodeusercontent.com - High
661 45.118.136.92 - - High
662 45.119.83.237 - - High
663 45.123.3.54 ns2.blss.in.3.123.45.in-addr.arpa - High
664 45.138.98.34 xtream - High
665 45.142.114.231 mail.dounutmail.de - High
666 45.142.213.135 vm564361.stark-industries.solutions - High
667 45.150.67.141 trong93.com - High
668 45.161.242.102 45-161-242-102.megalink.com.br - High
669 45.173.88.33 33.88.173.45.redebandalarga.net.br - High
670 45.176.232.124 - - High
671 45.176.232.125 - - High
672 45.177.120.37 45-177-120-37.netlimit.net.br - High
673 45.182.161.17 17-161-182-45.lhtech.net.br - High
674 45.184.36.10 - - High
675 45.184.103.73 - - High
676 45.186.16.18 45-186-16-18.winnet.com.br - High
677 45.226.53.34 - - High
678 45.230.45.171 - - High
679 45.230.140.156 156-140-230-45.netline.net.br - High
680 45.235.8.30 - - High
681 45.239.204.100 - - High
682 45.252.251.10 - - High
683 46.4.100.178 support.wizard-shopservice.de - High
684 46.4.192.185 static.185.192.4.46.clients.your-server.de - High
685 46.21.105.59 46-21-105-59-static.glesys.net - High
686 46.22.116.163 46-22-116-163.ip.axbyte.se - High
687 46.28.111.142 enkindu.jsuchy.net - High
688 46.29.183.211 46.29.183.211.mixvoip.solutions - High
689 46.30.213.132 - - High
690 46.32.229.152 094882.vps-10.com - High
691 46.32.233.226 yetitoolusa.com - High
692 46.38.238.8 v2202109122001163131.happysrv.de - High
693 46.40.239.180 static.isp.ooredoo.om - High
694 46.41.130.218 - - High
695 46.41.134.46 panel.gotoweb.pl - High
696 46.41.151.103 mul.wkl.pl - High
697 46.43.2.95 chris.default.cjenkinson.uk0.bigv.io - High
698 46.49.124.53 - - High
699 46.55.222.11 - - High
700 46.101.58.37 46.101.58.37-e1-8080 - High
701 46.101.98.60 - - High
702 46.101.126.21 - - High
703 46.101.205.45 - - High
704 46.101.212.195 - - High
705 46.101.234.246 - - High
706 46.105.81.76 myu0.cylipo.sbs - High
707 46.105.114.137 ns3188253.ip-46-105-114.eu - High
708 46.105.131.68 http.adven.fr - High
709 46.105.131.69 epouventaille.adven.fr - High
710 46.105.131.79 relay.adven.fr - High
711 46.105.131.87 pop.adven.fr - High
712 46.105.236.18 - - High
713 46.163.76.187 lvps46-163-76-187.dedicated.hosteurope.de - High
714 46.163.144.228 - - High
715 46.165.212.76 - - High
716 46.165.254.206 - - High
717 46.214.11.172 46-214-11-172.next-gen.ro - High
718 46.214.107.142 46-214-107-142.next-gen.ro - High
719 46.245.165.4 wordpress.webcozumevi.com - High
720 46.249.204.99 - - High
721 47.6.15.79 047-006-015-079.res.spectrum.com - High
722 47.14.41.119 047-014-041-119.res.spectrum.com - High
723 47.26.155.17 047-026-155-017.res.spectrum.com - High
724 47.36.140.164 047-036-140-164.res.spectrum.com - High
725 47.41.213.2 047-041-213-002.res.spectrum.com - High
726 47.52.19.221 - - High
727 47.52.121.173 - - High
728 47.110.149.223 - - High
729 47.120.187.145 - - High
730 47.138.19.152 - - High
731 47.144.21.12 47-144-21-12.lsan.ca.frontiernet.net - High
732 47.144.21.37 47-144-21-37.lsan.ca.frontiernet.net - High
733 47.146.32.175 - - High
734 47.146.39.147 - - High
735 47.146.117.214 - - High
736 47.150.11.161 - - High
737 47.153.182.47 - - High
738 47.153.183.211 - - High
739 47.154.85.229 - - High
740 47.155.214.239 - - High
741 47.156.70.145 - - High
742 47.157.181.81 - - High
743 47.162.220.239 - - High
744 47.188.131.94 - - High
745 47.201.208.154 - - High
746 47.246.24.225 - - High
747 47.246.24.226 - - High
748 47.246.24.230 - - High
749 47.246.24.232 - - High
750 48.69.141.72 - - High
751 48.77.139.11 - - High
752 48.105.139.72 - - High
753 48.141.61.19 - - High
754 48.158.232.207 - - High
755 48.196.131.72 - - High
756 48.252.179.81 - - High
757 49.3.224.99 - - High
758 49.12.121.47 filezilla-project.org - High
759 49.21.141.72 - - High
760 49.21.255.72 - - High
761 49.41.163.200 - - High
762 49.50.209.131 131.host-49-50-209.euba.megatel.co.nz - High
763 49.94.121.99 - - High
764 49.190.180.66 n49-190-180-66.meb2.vic.optusnet.com.au - High
765 49.205.182.134 49.205.182.134.actcorp.in - High
766 49.212.135.76 os3-321-50322.vs.sakura.ne.jp - High
767 49.212.155.94 os3-325-52340.vs.sakura.ne.jp - High
768 49.231.16.102 49-231-16-102.sbn-idc.com - High
769 49.243.9.118 118.9.243.49.ap.yournet.ne.jp - High
770 50.2.217.16 srv2.sintetix.com - High
771 50.3.233.192 - - High
772 50.21.147.8 - - High
773 50.22.35.194 c2.23.1632.ip4.static.sl-reverse.com - High
774 50.23.248.182 b6.f8.1732.ip4.static.sl-reverse.com - High
775 50.28.51.143 - - High
776 50.30.40.196 usve255301.serverprofi24.com - High
777 50.31.146.101 mail.brillinjurylaw.com - High
778 50.31.174.165 priva28.privatednsorg.com - High
779 50.35.17.13 - - High
780 50.56.135.44 - - High
781 50.62.176.42 p3plcpnl0515.prod.phx3.secureserver.net - High
782 50.62.176.244 p3plcpnl0728.prod.phx3.secureserver.net - High
783 50.62.194.30 ip-50-62-194-30.ip.secureserver.net - High
784 50.63.8.21 ip-50-63-8-21.ip.secureserver.net - High
785 50.78.167.65 millcreek.cc - High
786 50.84.95.206 rrcs-50-84-95-206.sw.biz.rr.com - High
787 50.84.214.74 rrcs-50-84-214-74.sw.biz.rr.com - High
788 50.87.59.65 50-87-59-65.unifiedlayer.com - High
789 50.87.144.137 gator3103.hostgator.com - High
790 50.87.144.197 gator3161.hostgator.com - High
791 50.87.150.177 50-87-150-177.unifiedlayer.com - High
792 50.91.114.38 050-091-114-038.res.spectrum.com - High
793 50.92.101.60 d50-92-101-60.bchsia.telus.net - High
794 50.111.161.4 - - High
795 50.116.19.225 li419-225.members.linode.com - High
796 50.116.54.215 li440-215.members.linode.com - High
797 50.116.62.25 inserthero2.inserthero.com - High
798 50.116.78.109 intersearchmedia.com - High
799 50.116.86.205 template3.domain.com - High
800 50.116.111.59 its.itsagigdeal.com - High
801 50.121.220.50 static-50-121-220-50.clbg.wv.frontiernet.net - High
802 50.121.220.115 static-50-121-220-115.clbg.wv.frontiernet.net - High
803 50.132.143.230 - - High
804 50.189.40.86 c-50-189-40-86.unallocated.comcastbusiness.net - High
805 50.245.107.73 50-245-107-73-static.hfc.comcastbusiness.net - High
806 51.0.15.211 - - High
807 51.15.4.22 51-15-4-22.rev.poneytelecom.eu - High
808 51.15.7.145 51-15-7-145.rev.poneytelecom.eu - High
809 51.15.7.189 51-15-7-189.rev.poneytelecom.eu - High
810 51.15.8.192 51-15-8-192.rev.poneytelecom.eu - High
811 51.22.116.0 - - High
812 51.38.50.144 vs128.evxonline.net - High
813 51.38.71.0 0.ip-51-38-71.eu - High
814 51.38.124.206 206.ip-51-38-124.eu - High
815 51.38.134.203 203.ip-51-38-134.eu - High
816 51.38.201.19 ip19.ip-51-38-201.eu - High
817 51.56.119.75 - - High
818 51.57.233.158 - - High
819 51.68.46.188 188.ip-51-68-46.eu - High
820 51.68.138.110 110.ip-51-68-138.eu - High
821 51.68.141.164 164.ip-51-68-141.eu - High
822 51.68.175.8 vps-9dba3732.vps.ovh.net - High
823 51.68.220.244 vps-7a400d57.vps.ovh.net - High
824 51.69.0.20 - - High
825 51.69.3.235 - - High
826 51.69.246.51 - - High
827 51.75.33.120 ip120.ip-51-75-33.eu - High
828 51.75.33.122 ip122.ip-51-75-33.eu - High
829 51.75.33.127 ip127.ip-51-75-33.eu - High
830 51.77.82.125 ip125.51-77-82.iproute.de - High
831 51.77.113.100 titan40.fastworldwideweb.com - High
832 51.79.205.117 vps-c0828464.vps.ovh.ca - High
833 51.89.36.180 ip180.ip-51-89-36.eu - High
834 51.89.199.141 ip141.ip-51-89-199.eu - High
835 51.91.7.5 ns3147667.ip-51-91-7.eu - High
836 51.91.76.89 89.ip-51-91-76.eu - High
837 51.91.142.26 - - High
838 51.91.142.158 ayome.eu - High
839 51.159.23.217 jambold.co.uk - High
840 51.159.35.157 51-159-35-157.rev.poneytelecom.eu - High
841 51.161.73.194 ip194.ip-51-161-73.net - High
842 51.178.61.60 - - High
843 51.178.186.134 ip134.ip-51-178-186.eu - High
844 51.210.176.76 vps-3a6c6346.vps.ovh.net - High
845 51.210.242.234 vps-36767060.vps.ovh.net - High
846 51.254.137.156 mail.unolan.net - High
847 51.254.140.238 238.ip-51-254-140.eu - High
848 51.255.50.164 vps-b6cfe010.vps.ovh.net - High
849 51.255.165.160 160.ip-51-255-165.eu - High
850 52.18.235.51 ec2-52-18-235-51.eu-west-1.compute.amazonaws.com - Medium
851 52.31.99.185 ec2-52-31-99-185.eu-west-1.compute.amazonaws.com - Medium
852 52.66.202.63 ec2-52-66-202-63.ap-south-1.compute.amazonaws.com - Medium
853 52.78.120.74 ec2-52-78-120-74.ap-northeast-2.compute.amazonaws.com - Medium
854 52.94.153.104 - - High
855 52.96.38.82 - - High
856 52.96.40.242 - - High
857 52.96.62.226 - - High
858 53.61.228.110 - - High
859 53.157.168.143 - - High
860 53.166.236.6 - - High
861 54.12.95.56 - - High
862 54.36.98.59 59.ip-54-36-98.eu - High
863 54.36.185.60 ip60.ip-54-36-185.eu - High
864 54.36.185.63 ip63.ip-54-36-185.eu - High
865 54.37.42.48 - - High
866 54.37.70.105 105.ip-54-37-70.eu - High
867 54.37.106.167 ip167.ip-54-37-106.eu - High
868 54.37.136.187 187.ip-54-37-136.eu - High
869 54.37.212.235 ip235.ip-54-37-212.eu - High
870 54.37.228.122 122.ip-54-37-228.eu - High
871 54.37.237.253 ip253.ip-54-37-237.eu - High
872 54.38.94.197 ns3140984.ip-54-38-94.eu - High
873 54.38.143.245 tools.inovato.me - High
874 54.38.143.246 ip246.ip-54-38-143.eu - High
875 54.38.242.185 vps-f3507bbf.vps.ovh.net - High
876 54.57.97.235 - - High
877 54.88.144.211 va-smtp01.263.net - High
878 54.102.103.237 - - High
879 54.180.252.38 ec2-54-180-252-38.ap-northeast-2.compute.amazonaws.com - Medium
880 54.183.177.28 ec2-54-183-177-28.us-west-1.compute.amazonaws.com - Medium
881 55.22.40.204 - - High
882 55.74.152.152 - - High
883 55.128.90.30 - - High
884 55.136.121.162 - - High
885 55.219.59.212 - - High
886 55.239.116.223 - - High
887 56.36.53.6 - - High
888 56.64.139.72 - - High
889 56.98.83.112 - - High
890 56.98.83.136 - - High
891 56.131.8.84 - - High
892 56.147.146.123 - - High
893 56.149.97.192 - - High
894 56.196.131.72 - - High
895 56.222.186.198 - - High
896 57.48.18.72 - - High
897 57.72.208.235 - - High
898 57.82.67.9 - - High
899 57.88.97.175 - - High
900 57.91.102.32 - - High
901 58.1.242.115 fntoska030019.oska.fnt.ftth4.ppp.ocn.ne.jp - High
902 58.7.221.185 58-7-221-185.dyn.iinet.net.au - High
903 58.27.215.3 58-27-215-3.wateen.net - High
904 58.94.58.13 i58-94-58-13.s41.a014.ap.plala.or.jp - High
905 58.96.74.42 42.74.96.58.static.exetel.com.au - High
906 58.105.146.189 d58-105-146-189.dsl.nsw.optusnet.com.au - High
907 58.140.44.23 - - High
908 58.167.223.125 - - High
909 58.171.38.26 - - High
910 58.171.153.81 - - High
911 58.174.185.169 cpe-58-174-185-169.sb03.sa.asp.telstra.net - High
912 58.216.16.130 - - High
913 58.227.42.236 - - High
914 58.234.12.220 - - High
915 58.246.232.213 - - High
916 58.253.207.222 - - High
917 59.21.235.119 - - High
918 59.51.188.224 - - High
919 59.103.164.174 - - High
920 59.110.18.236 - - High
921 59.120.5.154 59-120-5-154.hinet-ip.hinet.net - High
922 59.124.1.19 59-124-1-19.hinet-ip.hinet.net - High
923 59.125.219.109 59-125-219-109.hinet-ip.hinet.net - High
924 ... ... ... ...

There are 3693 more IOC items available. Please use our online service to access the data.

TTP - Tactics, Techniques, Procedures

Tactics, techniques, and procedures (TTP) summarize the suspected MITRE ATT&CK techniques used by Emotet. This data is unique as it uses our predictive model for actor profiling.

ID Technique Weakness Description Confidence
1 T1006 CWE-21, CWE-22, CWE-23, CWE-29, CWE-37 Pathname Traversal High
2 T1040 CWE-319 Authentication Bypass by Capture-replay High
3 T1055 CWE-74 Injection High
4 T1059 CWE-94, CWE-1321 Cross Site Scripting High
5 T1059.007 CWE-79, CWE-80 Cross Site Scripting High
6 ... ... ... ...

There are 21 more TTP items available. Please use our online service to access the data.

IOA - Indicator of Attack

These indicators of attack (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Emotet. This data is unique as it uses our predictive model for actor profiling.

ID Type Indicator Confidence
1 File $HOME/.terminfo High
2 File /admin/admin-profile.php High
3 File /admin/sales/view_details.php High
4 File /api/cron/settings/setJob/ High
5 File /api/v1/snapshots High
6 File /aqpg/users/login.php High
7 File /audit/log/log_management.php High
8 File /authUserAction!edit.action High
9 File /cgi-bin/mainfunction.cgi High
10 File /cgi-bin/upload_vpntar High
11 File /cgi-bin/wlogin.cgi High
12 File /cgi/networkDiag.cgi High
13 File /dashboard/add-blog.php High
14 File /debug/pprof Medium
15 File /dottie.js Medium
16 File /env Low
17 File /forms/doLogin High
18 File /forum/away.php High
19 File /index.php Medium
20 File /install/index.php High
21 File /librarian/bookdetails.php High
22 File /log/webmailattach.php High
23 File /mc Low
24 File /mgmt/ Low
25 File /preview.php Medium
26 File /project/tasks/list High
27 File /public/login.htm High
28 File /qsr_server/device/reboot High
29 File /recreate.php High
30 File /search.php Medium
31 File /spip.php Medium
32 File /student/bookdetails.php High
33 ... ... ...

There are 285 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

References

The following list contains external sources which discuss the actor and the associated activities:

Literature

The following articles explain our unique predictive cyber threat intelligence:

License

(c) 1997-2023 by vuldb.com. All data on this page is shared under the license CC BY-NC-SA 4.0. Questions? Check the FAQ, read the documentation or contact us!