mirror of
https://github.com/vuldb/cyber_threat_intelligence
synced 2024-07-03 08:58:21 +00:00
543 lines
31 KiB
Markdown
543 lines
31 KiB
Markdown
# Sliver - Cyber Threat Intelligence
|
|
|
|
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Sliver](https://vuldb.com/?actor.sliver). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
|
|
|
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.sliver](https://vuldb.com/?actor.sliver)
|
|
|
|
## Countries
|
|
|
|
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Sliver:
|
|
|
|
* [US](https://vuldb.com/?country.us)
|
|
* [CN](https://vuldb.com/?country.cn)
|
|
* [RU](https://vuldb.com/?country.ru)
|
|
* ...
|
|
|
|
There are 22 more country items available. Please use our online service to access the data.
|
|
|
|
## IOC - Indicator of Compromise
|
|
|
|
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Sliver.
|
|
|
|
ID | IP address | Hostname | Campaign | Confidence
|
|
-- | ---------- | -------- | -------- | ----------
|
|
1 | [1.13.17.105](https://vuldb.com/?ip.1.13.17.105) | - | - | High
|
|
2 | [1.13.174.161](https://vuldb.com/?ip.1.13.174.161) | - | - | High
|
|
3 | [1.13.180.253](https://vuldb.com/?ip.1.13.180.253) | - | - | High
|
|
4 | [3.8.115.155](https://vuldb.com/?ip.3.8.115.155) | ec2-3-8-115-155.eu-west-2.compute.amazonaws.com | - | Medium
|
|
5 | [3.18.103.195](https://vuldb.com/?ip.3.18.103.195) | ec2-3-18-103-195.us-east-2.compute.amazonaws.com | - | Medium
|
|
6 | [3.68.73.20](https://vuldb.com/?ip.3.68.73.20) | ec2-3-68-73-20.eu-central-1.compute.amazonaws.com | - | Medium
|
|
7 | [3.70.227.81](https://vuldb.com/?ip.3.70.227.81) | ec2-3-70-227-81.eu-central-1.compute.amazonaws.com | - | Medium
|
|
8 | [3.80.71.248](https://vuldb.com/?ip.3.80.71.248) | ec2-3-80-71-248.compute-1.amazonaws.com | - | Medium
|
|
9 | [3.82.226.95](https://vuldb.com/?ip.3.82.226.95) | ec2-3-82-226-95.compute-1.amazonaws.com | - | Medium
|
|
10 | [3.85.22.130](https://vuldb.com/?ip.3.85.22.130) | ec2-3-85-22-130.compute-1.amazonaws.com | - | Medium
|
|
11 | [3.92.41.116](https://vuldb.com/?ip.3.92.41.116) | ec2-3-92-41-116.compute-1.amazonaws.com | - | Medium
|
|
12 | [3.93.154.104](https://vuldb.com/?ip.3.93.154.104) | ec2-3-93-154-104.compute-1.amazonaws.com | - | Medium
|
|
13 | [3.101.117.8](https://vuldb.com/?ip.3.101.117.8) | ec2-3-101-117-8.us-west-1.compute.amazonaws.com | - | Medium
|
|
14 | [3.104.54.39](https://vuldb.com/?ip.3.104.54.39) | ec2-3-104-54-39.ap-southeast-2.compute.amazonaws.com | - | Medium
|
|
15 | [3.128.135.199](https://vuldb.com/?ip.3.128.135.199) | ec2-3-128-135-199.us-east-2.compute.amazonaws.com | - | Medium
|
|
16 | [3.130.73.232](https://vuldb.com/?ip.3.130.73.232) | ec2-3-130-73-232.us-east-2.compute.amazonaws.com | - | Medium
|
|
17 | [3.134.102.71](https://vuldb.com/?ip.3.134.102.71) | ec2-3-134-102-71.us-east-2.compute.amazonaws.com | - | Medium
|
|
18 | [3.142.79.130](https://vuldb.com/?ip.3.142.79.130) | ec2-3-142-79-130.us-east-2.compute.amazonaws.com | - | Medium
|
|
19 | [3.235.153.136](https://vuldb.com/?ip.3.235.153.136) | ec2-3-235-153-136.compute-1.amazonaws.com | - | Medium
|
|
20 | [3.237.92.13](https://vuldb.com/?ip.3.237.92.13) | ec2-3-237-92-13.compute-1.amazonaws.com | - | Medium
|
|
21 | [3.238.195.247](https://vuldb.com/?ip.3.238.195.247) | ec2-3-238-195-247.compute-1.amazonaws.com | - | Medium
|
|
22 | [4.240.86.147](https://vuldb.com/?ip.4.240.86.147) | - | - | High
|
|
23 | [5.75.238.234](https://vuldb.com/?ip.5.75.238.234) | static.234.238.75.5.clients.your-server.de | - | High
|
|
24 | [5.178.2.76](https://vuldb.com/?ip.5.178.2.76) | - | - | High
|
|
25 | [5.188.34.63](https://vuldb.com/?ip.5.188.34.63) | monting10136.example.com | - | High
|
|
26 | [5.199.168.209](https://vuldb.com/?ip.5.199.168.209) | - | - | High
|
|
27 | [5.199.173.106](https://vuldb.com/?ip.5.199.173.106) | - | - | High
|
|
28 | [5.199.173.134](https://vuldb.com/?ip.5.199.173.134) | - | - | High
|
|
29 | [5.199.174.230](https://vuldb.com/?ip.5.199.174.230) | - | - | High
|
|
30 | [5.252.176.26](https://vuldb.com/?ip.5.252.176.26) | 5-252-176-26.mivocloud.com | - | High
|
|
31 | [5.255.114.206](https://vuldb.com/?ip.5.255.114.206) | - | - | High
|
|
32 | [5.255.120.28](https://vuldb.com/?ip.5.255.120.28) | - | - | High
|
|
33 | [8.212.148.49](https://vuldb.com/?ip.8.212.148.49) | - | - | High
|
|
34 | [8.217.54.75](https://vuldb.com/?ip.8.217.54.75) | - | - | High
|
|
35 | [8.218.149.214](https://vuldb.com/?ip.8.218.149.214) | - | - | High
|
|
36 | [8.218.200.114](https://vuldb.com/?ip.8.218.200.114) | - | - | High
|
|
37 | [8.218.204.19](https://vuldb.com/?ip.8.218.204.19) | - | - | High
|
|
38 | [8.219.200.180](https://vuldb.com/?ip.8.219.200.180) | - | - | High
|
|
39 | [13.48.204.226](https://vuldb.com/?ip.13.48.204.226) | ec2-13-48-204-226.eu-north-1.compute.amazonaws.com | - | Medium
|
|
40 | [13.49.46.31](https://vuldb.com/?ip.13.49.46.31) | ec2-13-49-46-31.eu-north-1.compute.amazonaws.com | - | Medium
|
|
41 | [13.56.236.146](https://vuldb.com/?ip.13.56.236.146) | ec2-13-56-236-146.us-west-1.compute.amazonaws.com | - | Medium
|
|
42 | [13.115.21.133](https://vuldb.com/?ip.13.115.21.133) | ec2-13-115-21-133.ap-northeast-1.compute.amazonaws.com | - | Medium
|
|
43 | [13.229.251.52](https://vuldb.com/?ip.13.229.251.52) | ec2-13-229-251-52.ap-southeast-1.compute.amazonaws.com | - | Medium
|
|
44 | [13.236.149.120](https://vuldb.com/?ip.13.236.149.120) | ec2-13-236-149-120.ap-southeast-2.compute.amazonaws.com | - | Medium
|
|
45 | [13.238.218.206](https://vuldb.com/?ip.13.238.218.206) | ec2-13-238-218-206.ap-southeast-2.compute.amazonaws.com | - | Medium
|
|
46 | [14.1.29.189](https://vuldb.com/?ip.14.1.29.189) | - | - | High
|
|
47 | [18.140.228.104](https://vuldb.com/?ip.18.140.228.104) | ec2-18-140-228-104.ap-southeast-1.compute.amazonaws.com | - | Medium
|
|
48 | [18.159.62.29](https://vuldb.com/?ip.18.159.62.29) | ec2-18-159-62-29.eu-central-1.compute.amazonaws.com | - | Medium
|
|
49 | [18.163.80.92](https://vuldb.com/?ip.18.163.80.92) | ec2-18-163-80-92.ap-east-1.compute.amazonaws.com | - | Medium
|
|
50 | [18.234.7.23](https://vuldb.com/?ip.18.234.7.23) | ec2-18-234-7-23.compute-1.amazonaws.com | - | Medium
|
|
51 | [20.1.134.133](https://vuldb.com/?ip.20.1.134.133) | - | - | High
|
|
52 | [20.58.167.202](https://vuldb.com/?ip.20.58.167.202) | - | - | High
|
|
53 | [20.61.4.19](https://vuldb.com/?ip.20.61.4.19) | - | - | High
|
|
54 | [20.118.135.66](https://vuldb.com/?ip.20.118.135.66) | - | - | High
|
|
55 | [20.123.75.93](https://vuldb.com/?ip.20.123.75.93) | - | - | High
|
|
56 | [20.227.28.202](https://vuldb.com/?ip.20.227.28.202) | - | - | High
|
|
57 | [20.248.225.130](https://vuldb.com/?ip.20.248.225.130) | - | - | High
|
|
58 | [23.19.227.106](https://vuldb.com/?ip.23.19.227.106) | - | - | High
|
|
59 | [23.81.246.193](https://vuldb.com/?ip.23.81.246.193) | - | - | High
|
|
60 | [23.82.141.146](https://vuldb.com/?ip.23.82.141.146) | - | - | High
|
|
61 | [23.83.127.233](https://vuldb.com/?ip.23.83.127.233) | - | - | High
|
|
62 | [23.94.131.51](https://vuldb.com/?ip.23.94.131.51) | beikeet.com | - | High
|
|
63 | [23.94.200.202](https://vuldb.com/?ip.23.94.200.202) | ju7-ry.insulin-pumpers.org | - | High
|
|
64 | [23.95.44.80](https://vuldb.com/?ip.23.95.44.80) | 23-95-44-80-host.colocrossing.com | - | High
|
|
65 | [23.105.193.194](https://vuldb.com/?ip.23.105.193.194) | cs.hax0x.win | - | High
|
|
66 | [23.224.135.138](https://vuldb.com/?ip.23.224.135.138) | - | - | High
|
|
67 | [23.224.135.139](https://vuldb.com/?ip.23.224.135.139) | - | - | High
|
|
68 | [23.224.135.140](https://vuldb.com/?ip.23.224.135.140) | - | - | High
|
|
69 | [23.224.135.141](https://vuldb.com/?ip.23.224.135.141) | - | - | High
|
|
70 | [23.224.135.142](https://vuldb.com/?ip.23.224.135.142) | - | - | High
|
|
71 | [23.234.199.141](https://vuldb.com/?ip.23.234.199.141) | 141-199-234-23-dedicated.multacom.com | - | High
|
|
72 | [23.239.30.17](https://vuldb.com/?ip.23.239.30.17) | 23-239-30-17.ip.linodeusercontent.com | - | High
|
|
73 | [31.41.44.19](https://vuldb.com/?ip.31.41.44.19) | huotovich.maks.example.com | - | High
|
|
74 | [34.105.151.117](https://vuldb.com/?ip.34.105.151.117) | 117.151.105.34.bc.googleusercontent.com | - | Medium
|
|
75 | [34.136.159.101](https://vuldb.com/?ip.34.136.159.101) | 101.159.136.34.bc.googleusercontent.com | - | Medium
|
|
76 | [34.150.49.203](https://vuldb.com/?ip.34.150.49.203) | 203.49.150.34.bc.googleusercontent.com | - | Medium
|
|
77 | [34.162.188.150](https://vuldb.com/?ip.34.162.188.150) | 150.188.162.34.bc.googleusercontent.com | - | Medium
|
|
78 | [34.171.81.60](https://vuldb.com/?ip.34.171.81.60) | 60.81.171.34.bc.googleusercontent.com | - | Medium
|
|
79 | [34.176.0.227](https://vuldb.com/?ip.34.176.0.227) | 227.0.176.34.bc.googleusercontent.com | - | Medium
|
|
80 | [34.201.98.138](https://vuldb.com/?ip.34.201.98.138) | ec2-34-201-98-138.compute-1.amazonaws.com | - | Medium
|
|
81 | [34.212.32.244](https://vuldb.com/?ip.34.212.32.244) | ec2-34-212-32-244.us-west-2.compute.amazonaws.com | - | Medium
|
|
82 | [34.221.238.130](https://vuldb.com/?ip.34.221.238.130) | ec2-34-221-238-130.us-west-2.compute.amazonaws.com | - | Medium
|
|
83 | [35.72.242.198](https://vuldb.com/?ip.35.72.242.198) | ec2-35-72-242-198.ap-northeast-1.compute.amazonaws.com | - | Medium
|
|
84 | [35.167.111.43](https://vuldb.com/?ip.35.167.111.43) | ec2-35-167-111-43.us-west-2.compute.amazonaws.com | - | Medium
|
|
85 | [35.180.5.225](https://vuldb.com/?ip.35.180.5.225) | ec2-35-180-5-225.eu-west-3.compute.amazonaws.com | - | Medium
|
|
86 | [35.180.135.137](https://vuldb.com/?ip.35.180.135.137) | ec2-35-180-135-137.eu-west-3.compute.amazonaws.com | - | Medium
|
|
87 | [35.225.60.206](https://vuldb.com/?ip.35.225.60.206) | 206.60.225.35.bc.googleusercontent.com | - | Medium
|
|
88 | [35.236.117.76](https://vuldb.com/?ip.35.236.117.76) | 76.117.236.35.bc.googleusercontent.com | - | Medium
|
|
89 | [35.240.171.140](https://vuldb.com/?ip.35.240.171.140) | 140.171.240.35.bc.googleusercontent.com | - | Medium
|
|
90 | [37.10.71.215](https://vuldb.com/?ip.37.10.71.215) | pewna-kamagra.pl | - | High
|
|
91 | [37.27.17.204](https://vuldb.com/?ip.37.27.17.204) | static.204.17.27.37.clients.your-server.de | - | High
|
|
92 | [37.28.157.7](https://vuldb.com/?ip.37.28.157.7) | d157007.artnet.gda.pl | - | High
|
|
93 | [37.48.120.35](https://vuldb.com/?ip.37.48.120.35) | - | - | High
|
|
94 | [37.120.238.184](https://vuldb.com/?ip.37.120.238.184) | - | - | High
|
|
95 | [37.187.123.146](https://vuldb.com/?ip.37.187.123.146) | ns332345.ip-37-187-123.eu | - | High
|
|
96 | [37.235.49.25](https://vuldb.com/?ip.37.235.49.25) | ns2.test-ipv6.is | - | High
|
|
97 | [38.55.24.35](https://vuldb.com/?ip.38.55.24.35) | - | - | High
|
|
98 | [38.55.97.95](https://vuldb.com/?ip.38.55.97.95) | - | - | High
|
|
99 | [39.98.48.67](https://vuldb.com/?ip.39.98.48.67) | - | - | High
|
|
100 | [42.194.137.196](https://vuldb.com/?ip.42.194.137.196) | - | - | High
|
|
101 | [43.133.22.89](https://vuldb.com/?ip.43.133.22.89) | - | - | High
|
|
102 | [43.137.3.222](https://vuldb.com/?ip.43.137.3.222) | - | - | High
|
|
103 | [43.137.17.156](https://vuldb.com/?ip.43.137.17.156) | - | - | High
|
|
104 | [43.138.196.138](https://vuldb.com/?ip.43.138.196.138) | - | - | High
|
|
105 | [43.142.109.133](https://vuldb.com/?ip.43.142.109.133) | - | - | High
|
|
106 | [43.153.101.130](https://vuldb.com/?ip.43.153.101.130) | - | - | High
|
|
107 | [43.154.223.31](https://vuldb.com/?ip.43.154.223.31) | - | - | High
|
|
108 | [43.156.59.135](https://vuldb.com/?ip.43.156.59.135) | - | - | High
|
|
109 | [43.207.147.229](https://vuldb.com/?ip.43.207.147.229) | ec2-43-207-147-229.ap-northeast-1.compute.amazonaws.com | - | Medium
|
|
110 | [43.248.136.99](https://vuldb.com/?ip.43.248.136.99) | - | - | High
|
|
111 | [44.202.249.7](https://vuldb.com/?ip.44.202.249.7) | ec2-44-202-249-7.compute-1.amazonaws.com | - | Medium
|
|
112 | [44.211.101.170](https://vuldb.com/?ip.44.211.101.170) | ec2-44-211-101-170.compute-1.amazonaws.com | - | Medium
|
|
113 | [45.8.146.160](https://vuldb.com/?ip.45.8.146.160) | vm1125144.stark-industries.solutions | - | High
|
|
114 | [45.8.157.45](https://vuldb.com/?ip.45.8.157.45) | super-links777.com | - | High
|
|
115 | [45.9.148.64](https://vuldb.com/?ip.45.9.148.64) | - | - | High
|
|
116 | [45.9.148.212](https://vuldb.com/?ip.45.9.148.212) | - | - | High
|
|
117 | [45.9.148.252](https://vuldb.com/?ip.45.9.148.252) | - | - | High
|
|
118 | [45.9.150.109](https://vuldb.com/?ip.45.9.150.109) | - | - | High
|
|
119 | [45.9.150.132](https://vuldb.com/?ip.45.9.150.132) | - | - | High
|
|
120 | [45.14.224.102](https://vuldb.com/?ip.45.14.224.102) | hosted-by.spectraip.net | - | High
|
|
121 | [45.32.233.220](https://vuldb.com/?ip.45.32.233.220) | 45.32.233.220.vultrusercontent.com | - | High
|
|
122 | [45.56.113.227](https://vuldb.com/?ip.45.56.113.227) | 45-56-113-227.ip.linodeusercontent.com | - | High
|
|
123 | [45.56.114.203](https://vuldb.com/?ip.45.56.114.203) | 45-56-114-203.ip.linodeusercontent.com | - | High
|
|
124 | [45.61.136.196](https://vuldb.com/?ip.45.61.136.196) | - | - | High
|
|
125 | [45.61.137.59](https://vuldb.com/?ip.45.61.137.59) | - | - | High
|
|
126 | ... | ... | ... | ...
|
|
|
|
There are 500 more IOC items available. Please use our online service to access the data.
|
|
|
|
## TTP - Tactics, Techniques, Procedures
|
|
|
|
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Sliver_. This data is unique as it uses our predictive model for actor profiling.
|
|
|
|
ID | Technique | Weakness | Description | Confidence
|
|
-- | --------- | -------- | ----------- | ----------
|
|
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
|
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
|
3 | T1055 | CWE-74 | Injection | High
|
|
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
|
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
|
6 | ... | ... | ... | ...
|
|
|
|
There are 18 more TTP items available. Please use our online service to access the data.
|
|
|
|
## IOA - Indicator of Attack
|
|
|
|
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Sliver. This data is unique as it uses our predictive model for actor profiling.
|
|
|
|
ID | Type | Indicator | Confidence
|
|
-- | ---- | --------- | ----------
|
|
1 | File | `//WEB-INF` | Medium
|
|
2 | File | `/about.php` | Medium
|
|
3 | File | `/admin.php/update/getFile.html` | High
|
|
4 | File | `/admin/cashadvance_row.php` | High
|
|
5 | File | `/admin/maintenance/view_designation.php` | High
|
|
6 | File | `/admin/sys_sql_query.php` | High
|
|
7 | File | `/admin/userprofile.php` | High
|
|
8 | File | `/api/baskets/{name}` | High
|
|
9 | File | `/APR/login.php` | High
|
|
10 | File | `/cgi-bin/wapopen` | High
|
|
11 | File | `/College/admin/teacher.php` | High
|
|
12 | File | `/company/store` | High
|
|
13 | File | `/Controller/Ajaxfileupload.ashx` | High
|
|
14 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
|
15 | File | `/dcim/rack-roles/` | High
|
|
16 | File | `/en/blog-comment-4` | High
|
|
17 | File | `/feeds/post/publish` | High
|
|
18 | File | `/forms/doLogin` | High
|
|
19 | File | `/forum/away.php` | High
|
|
20 | File | `/goform/aspForm` | High
|
|
21 | File | `/h/` | Low
|
|
22 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
|
23 | File | `/inc/topBarNav.php` | High
|
|
24 | File | `/index.php` | Medium
|
|
25 | File | `/index.php?app=main&func=passport&action=login` | High
|
|
26 | File | `/index.php?page=category_list` | High
|
|
27 | File | `/jobinfo/` | Medium
|
|
28 | File | `/kelas/data` | Medium
|
|
29 | File | `/Moosikay/order.php` | High
|
|
30 | File | `/opac/Actions.php?a=login` | High
|
|
31 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
|
32 | File | `/PreviewHandler.ashx` | High
|
|
33 | File | `/public/launchNewWindow.jsp` | High
|
|
34 | File | `/recipe-result` | High
|
|
35 | File | `/reservation/add_message.php` | High
|
|
36 | File | `/rom-0` | Low
|
|
37 | File | `/Service/ImageStationDataService.asmx` | High
|
|
38 | File | `/ServletAPI/accounts/login` | High
|
|
39 | File | `/student/bookdetails.php` | High
|
|
40 | File | `/uploads/exam_question/` | High
|
|
41 | File | `/user/profile` | High
|
|
42 | File | `/user/ticket/create` | High
|
|
43 | File | `/user/updatePwd` | High
|
|
44 | File | `/var/lib/docker/<remapping>` | High
|
|
45 | File | `/wp-admin/admin-ajax.php` | High
|
|
46 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
|
47 | File | `a-forms.php` | Medium
|
|
48 | File | `acloudCosAction.php.SQL` | High
|
|
49 | File | `activenews_view.asp` | High
|
|
50 | File | `ActiveServices.java` | High
|
|
51 | ... | ... | ...
|
|
|
|
There are 444 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
|
|
|
## References
|
|
|
|
The following list contains _external sources_ which discuss the actor and the associated activities:
|
|
|
|
* https://bazaar.abuse.ch/sample/9fb9483c4b5f51906736ddffe7c4faebe924cc7d1a6160043ade31f1bd1f174b/
|
|
* https://github.com/executemalware/Malware-IOCs/blob/main/2021-10-21%20Sliver%20IOCs
|
|
* https://search.censys.io/hosts/1.13.17.105
|
|
* https://search.censys.io/hosts/3.18.103.195
|
|
* https://search.censys.io/hosts/3.85.22.130
|
|
* https://search.censys.io/hosts/3.101.117.8
|
|
* https://search.censys.io/hosts/3.104.54.39
|
|
* https://search.censys.io/hosts/3.134.102.71
|
|
* https://search.censys.io/hosts/3.235.153.136
|
|
* https://search.censys.io/hosts/3.237.92.13
|
|
* https://search.censys.io/hosts/3.238.195.247
|
|
* https://search.censys.io/hosts/4.240.86.147
|
|
* https://search.censys.io/hosts/5.75.238.234
|
|
* https://search.censys.io/hosts/5.199.173.134
|
|
* https://search.censys.io/hosts/5.252.176.26
|
|
* https://search.censys.io/hosts/5.255.114.206
|
|
* https://search.censys.io/hosts/5.255.120.28
|
|
* https://search.censys.io/hosts/8.212.148.49
|
|
* https://search.censys.io/hosts/8.217.54.75
|
|
* https://search.censys.io/hosts/8.218.200.114
|
|
* https://search.censys.io/hosts/13.115.21.133
|
|
* https://search.censys.io/hosts/14.1.29.189
|
|
* https://search.censys.io/hosts/20.61.4.19
|
|
* https://search.censys.io/hosts/20.118.135.66
|
|
* https://search.censys.io/hosts/20.248.225.130
|
|
* https://search.censys.io/hosts/23.82.141.146
|
|
* https://search.censys.io/hosts/23.95.44.80
|
|
* https://search.censys.io/hosts/23.224.135.138
|
|
* https://search.censys.io/hosts/23.224.135.139
|
|
* https://search.censys.io/hosts/23.224.135.140
|
|
* https://search.censys.io/hosts/23.224.135.141
|
|
* https://search.censys.io/hosts/23.224.135.142
|
|
* https://search.censys.io/hosts/23.239.30.17
|
|
* https://search.censys.io/hosts/31.41.44.19
|
|
* https://search.censys.io/hosts/34.162.188.150
|
|
* https://search.censys.io/hosts/34.201.98.138
|
|
* https://search.censys.io/hosts/34.221.238.130
|
|
* https://search.censys.io/hosts/35.72.242.198
|
|
* https://search.censys.io/hosts/35.180.5.225
|
|
* https://search.censys.io/hosts/37.10.71.215
|
|
* https://search.censys.io/hosts/37.27.17.204
|
|
* https://search.censys.io/hosts/37.28.157.7
|
|
* https://search.censys.io/hosts/37.120.238.184
|
|
* https://search.censys.io/hosts/38.55.97.95
|
|
* https://search.censys.io/hosts/43.133.22.89
|
|
* https://search.censys.io/hosts/43.137.3.222
|
|
* https://search.censys.io/hosts/43.138.196.138
|
|
* https://search.censys.io/hosts/43.153.101.130
|
|
* https://search.censys.io/hosts/43.207.147.229
|
|
* https://search.censys.io/hosts/43.248.136.99
|
|
* https://search.censys.io/hosts/44.211.101.170
|
|
* https://search.censys.io/hosts/45.8.146.160
|
|
* https://search.censys.io/hosts/45.9.148.64
|
|
* https://search.censys.io/hosts/45.9.148.212
|
|
* https://search.censys.io/hosts/45.9.150.109
|
|
* https://search.censys.io/hosts/45.32.233.220
|
|
* https://search.censys.io/hosts/45.56.113.227
|
|
* https://search.censys.io/hosts/45.61.136.196
|
|
* https://search.censys.io/hosts/45.61.137.200
|
|
* https://search.censys.io/hosts/45.77.120.140
|
|
* https://search.censys.io/hosts/45.77.221.80
|
|
* https://search.censys.io/hosts/45.81.39.39
|
|
* https://search.censys.io/hosts/45.87.43.114
|
|
* https://search.censys.io/hosts/45.88.66.59
|
|
* https://search.censys.io/hosts/45.89.234.23
|
|
* https://search.censys.io/hosts/45.120.52.106
|
|
* https://search.censys.io/hosts/45.120.52.149
|
|
* https://search.censys.io/hosts/45.129.14.69
|
|
* https://search.censys.io/hosts/45.134.83.252
|
|
* https://search.censys.io/hosts/45.142.166.93
|
|
* https://search.censys.io/hosts/45.152.114.93
|
|
* https://search.censys.io/hosts/45.154.14.194
|
|
* https://search.censys.io/hosts/45.227.255.185
|
|
* https://search.censys.io/hosts/45.227.255.217
|
|
* https://search.censys.io/hosts/45.227.255.223
|
|
* https://search.censys.io/hosts/45.227.255.225
|
|
* https://search.censys.io/hosts/46.21.153.155
|
|
* https://search.censys.io/hosts/46.21.159.189
|
|
* https://search.censys.io/hosts/46.29.160.10
|
|
* https://search.censys.io/hosts/46.101.179.149
|
|
* https://search.censys.io/hosts/46.148.26.88
|
|
* https://search.censys.io/hosts/47.94.169.63
|
|
* https://search.censys.io/hosts/49.232.0.5
|
|
* https://search.censys.io/hosts/49.232.136.115
|
|
* https://search.censys.io/hosts/51.15.252.225
|
|
* https://search.censys.io/hosts/51.81.201.194
|
|
* https://search.censys.io/hosts/51.178.81.117
|
|
* https://search.censys.io/hosts/52.40.129.127
|
|
* https://search.censys.io/hosts/52.53.230.115
|
|
* https://search.censys.io/hosts/52.70.185.38
|
|
* https://search.censys.io/hosts/54.152.37.54
|
|
* https://search.censys.io/hosts/54.165.231.50
|
|
* https://search.censys.io/hosts/54.197.29.26
|
|
* https://search.censys.io/hosts/54.255.40.113
|
|
* https://search.censys.io/hosts/60.204.185.123
|
|
* https://search.censys.io/hosts/62.210.124.105
|
|
* https://search.censys.io/hosts/64.44.102.190
|
|
* https://search.censys.io/hosts/64.227.108.134
|
|
* https://search.censys.io/hosts/65.21.180.80
|
|
* https://search.censys.io/hosts/65.108.250.5
|
|
* https://search.censys.io/hosts/66.42.87.133
|
|
* https://search.censys.io/hosts/67.205.151.119
|
|
* https://search.censys.io/hosts/67.205.175.21
|
|
* https://search.censys.io/hosts/68.183.207.200
|
|
* https://search.censys.io/hosts/77.91.73.143
|
|
* https://search.censys.io/hosts/80.78.22.106
|
|
* https://search.censys.io/hosts/81.19.141.14
|
|
* https://search.censys.io/hosts/82.156.227.47
|
|
* https://search.censys.io/hosts/82.157.142.84
|
|
* https://search.censys.io/hosts/85.204.116.80
|
|
* https://search.censys.io/hosts/85.208.136.119
|
|
* https://search.censys.io/hosts/85.217.144.22
|
|
* https://search.censys.io/hosts/88.119.174.210
|
|
* https://search.censys.io/hosts/89.116.234.48
|
|
* https://search.censys.io/hosts/89.147.111.80
|
|
* https://search.censys.io/hosts/91.240.202.179
|
|
* https://search.censys.io/hosts/92.118.39.25
|
|
* https://search.censys.io/hosts/92.204.160.119
|
|
* https://search.censys.io/hosts/92.205.29.124
|
|
* https://search.censys.io/hosts/92.223.65.169
|
|
* https://search.censys.io/hosts/93.95.229.168
|
|
* https://search.censys.io/hosts/95.164.46.194
|
|
* https://search.censys.io/hosts/95.170.68.91
|
|
* https://search.censys.io/hosts/95.214.27.241
|
|
* https://search.censys.io/hosts/95.216.192.109
|
|
* https://search.censys.io/hosts/97.107.134.18
|
|
* https://search.censys.io/hosts/101.35.172.163
|
|
* https://search.censys.io/hosts/101.35.234.201
|
|
* https://search.censys.io/hosts/101.35.253.83
|
|
* https://search.censys.io/hosts/101.36.121.133
|
|
* https://search.censys.io/hosts/101.37.91.112
|
|
* https://search.censys.io/hosts/101.43.156.89
|
|
* https://search.censys.io/hosts/103.56.19.196
|
|
* https://search.censys.io/hosts/103.87.10.156
|
|
* https://search.censys.io/hosts/103.103.128.167
|
|
* https://search.censys.io/hosts/103.124.104.77
|
|
* https://search.censys.io/hosts/103.124.104.80
|
|
* https://search.censys.io/hosts/104.224.176.67
|
|
* https://search.censys.io/hosts/107.174.78.227
|
|
* https://search.censys.io/hosts/107.189.1.156
|
|
* https://search.censys.io/hosts/110.173.59.146
|
|
* https://search.censys.io/hosts/110.173.59.147
|
|
* https://search.censys.io/hosts/111.68.7.122
|
|
* https://search.censys.io/hosts/111.68.7.123
|
|
* https://search.censys.io/hosts/114.118.5.135
|
|
* https://search.censys.io/hosts/114.118.5.138
|
|
* https://search.censys.io/hosts/114.132.197.186
|
|
* https://search.censys.io/hosts/116.62.139.1
|
|
* https://search.censys.io/hosts/116.203.179.171
|
|
* https://search.censys.io/hosts/117.50.177.140
|
|
* https://search.censys.io/hosts/118.25.22.185
|
|
* https://search.censys.io/hosts/118.25.158.13
|
|
* https://search.censys.io/hosts/118.193.37.157
|
|
* https://search.censys.io/hosts/118.195.164.144
|
|
* https://search.censys.io/hosts/119.45.121.239
|
|
* https://search.censys.io/hosts/119.45.206.25
|
|
* https://search.censys.io/hosts/119.91.77.189
|
|
* https://search.censys.io/hosts/120.24.42.20
|
|
* https://search.censys.io/hosts/121.199.2.153
|
|
* https://search.censys.io/hosts/123.57.39.29
|
|
* https://search.censys.io/hosts/123.249.88.252
|
|
* https://search.censys.io/hosts/124.71.84.65
|
|
* https://search.censys.io/hosts/124.222.166.93
|
|
* https://search.censys.io/hosts/128.199.38.50
|
|
* https://search.censys.io/hosts/129.211.212.112
|
|
* https://search.censys.io/hosts/134.122.24.31
|
|
* https://search.censys.io/hosts/134.122.121.18
|
|
* https://search.censys.io/hosts/134.209.26.96
|
|
* https://search.censys.io/hosts/134.209.65.138
|
|
* https://search.censys.io/hosts/134.209.122.158
|
|
* https://search.censys.io/hosts/134.255.218.232
|
|
* https://search.censys.io/hosts/136.244.95.237
|
|
* https://search.censys.io/hosts/137.175.12.37
|
|
* https://search.censys.io/hosts/137.175.12.38
|
|
* https://search.censys.io/hosts/138.68.99.116
|
|
* https://search.censys.io/hosts/138.68.107.45
|
|
* https://search.censys.io/hosts/138.68.123.125
|
|
* https://search.censys.io/hosts/138.68.149.85
|
|
* https://search.censys.io/hosts/139.99.3.237
|
|
* https://search.censys.io/hosts/139.144.27.201
|
|
* https://search.censys.io/hosts/139.177.196.67
|
|
* https://search.censys.io/hosts/139.177.203.214
|
|
* https://search.censys.io/hosts/139.224.50.7
|
|
* https://search.censys.io/hosts/139.224.254.195
|
|
* https://search.censys.io/hosts/140.82.6.222
|
|
* https://search.censys.io/hosts/140.238.226.66
|
|
* https://search.censys.io/hosts/141.164.45.81
|
|
* https://search.censys.io/hosts/141.164.50.44
|
|
* https://search.censys.io/hosts/141.193.159.146
|
|
* https://search.censys.io/hosts/142.93.136.194
|
|
* https://search.censys.io/hosts/143.110.155.198
|
|
* https://search.censys.io/hosts/143.110.237.32
|
|
* https://search.censys.io/hosts/143.110.240.214
|
|
* https://search.censys.io/hosts/143.110.252.93
|
|
* https://search.censys.io/hosts/143.198.40.42
|
|
* https://search.censys.io/hosts/143.244.185.237
|
|
* https://search.censys.io/hosts/144.22.135.107
|
|
* https://search.censys.io/hosts/144.22.230.36
|
|
* https://search.censys.io/hosts/144.34.160.57
|
|
* https://search.censys.io/hosts/144.34.180.27
|
|
* https://search.censys.io/hosts/144.126.211.191
|
|
* https://search.censys.io/hosts/147.182.137.225
|
|
* https://search.censys.io/hosts/149.28.90.162
|
|
* https://search.censys.io/hosts/149.28.157.116
|
|
* https://search.censys.io/hosts/149.56.132.95
|
|
* https://search.censys.io/hosts/149.127.231.12
|
|
* https://search.censys.io/hosts/149.248.8.148
|
|
* https://search.censys.io/hosts/150.158.27.149
|
|
* https://search.censys.io/hosts/150.158.184.129
|
|
* https://search.censys.io/hosts/151.115.60.162
|
|
* https://search.censys.io/hosts/154.3.8.48
|
|
* https://search.censys.io/hosts/157.230.6.223
|
|
* https://search.censys.io/hosts/157.245.96.88
|
|
* https://search.censys.io/hosts/158.51.123.137
|
|
* https://search.censys.io/hosts/158.247.217.247
|
|
* https://search.censys.io/hosts/159.65.62.90
|
|
* https://search.censys.io/hosts/159.75.154.130
|
|
* https://search.censys.io/hosts/159.223.168.25
|
|
* https://search.censys.io/hosts/159.223.189.221
|
|
* https://search.censys.io/hosts/161.35.214.132
|
|
* https://search.censys.io/hosts/162.33.177.72
|
|
* https://search.censys.io/hosts/162.33.177.203
|
|
* https://search.censys.io/hosts/164.92.161.89
|
|
* https://search.censys.io/hosts/164.92.255.219
|
|
* https://search.censys.io/hosts/165.22.178.225
|
|
* https://search.censys.io/hosts/165.227.204.151
|
|
* https://search.censys.io/hosts/165.227.230.18
|
|
* https://search.censys.io/hosts/165.227.231.125
|
|
* https://search.censys.io/hosts/167.71.108.217
|
|
* https://search.censys.io/hosts/167.71.194.21
|
|
* https://search.censys.io/hosts/167.172.228.48
|
|
* https://search.censys.io/hosts/167.179.108.215
|
|
* https://search.censys.io/hosts/170.178.195.189
|
|
* https://search.censys.io/hosts/170.187.152.186
|
|
* https://search.censys.io/hosts/172.86.75.56
|
|
* https://search.censys.io/hosts/172.104.238.198
|
|
* https://search.censys.io/hosts/172.105.125.49
|
|
* https://search.censys.io/hosts/172.245.92.226
|
|
* https://search.censys.io/hosts/173.82.58.62
|
|
* https://search.censys.io/hosts/173.82.135.18
|
|
* https://search.censys.io/hosts/173.82.192.38
|
|
* https://search.censys.io/hosts/174.138.7.112
|
|
* https://search.censys.io/hosts/175.41.187.111
|
|
* https://search.censys.io/hosts/175.178.107.105
|
|
* https://search.censys.io/hosts/178.62.47.29
|
|
* https://search.censys.io/hosts/184.73.118.20
|
|
* https://search.censys.io/hosts/185.25.51.144
|
|
* https://search.censys.io/hosts/185.34.52.140
|
|
* https://search.censys.io/hosts/185.39.204.47
|
|
* https://search.censys.io/hosts/185.77.96.155
|
|
* https://search.censys.io/hosts/185.99.133.148
|
|
* https://search.censys.io/hosts/185.141.61.185
|
|
* https://search.censys.io/hosts/185.150.119.7
|
|
* https://search.censys.io/hosts/185.186.245.34
|
|
* https://search.censys.io/hosts/188.127.227.216
|
|
* https://search.censys.io/hosts/188.166.27.178
|
|
* https://search.censys.io/hosts/188.166.81.141
|
|
* https://search.censys.io/hosts/188.166.165.134
|
|
* https://search.censys.io/hosts/190.92.243.156
|
|
* https://search.censys.io/hosts/191.101.78.79
|
|
* https://search.censys.io/hosts/192.9.132.63
|
|
* https://search.censys.io/hosts/192.169.6.122
|
|
* https://search.censys.io/hosts/192.227.194.106
|
|
* https://search.censys.io/hosts/192.241.154.94
|
|
* https://search.censys.io/hosts/193.29.13.203
|
|
* https://search.censys.io/hosts/193.149.185.51
|
|
* https://search.censys.io/hosts/193.178.147.164
|
|
* https://search.censys.io/hosts/194.26.135.89
|
|
* https://search.censys.io/hosts/194.26.135.116
|
|
* https://search.censys.io/hosts/194.67.67.118
|
|
* https://search.censys.io/hosts/194.87.46.13
|
|
* https://search.censys.io/hosts/194.87.68.68
|
|
* https://search.censys.io/hosts/194.87.68.191
|
|
* https://search.censys.io/hosts/194.87.218.16
|
|
* https://search.censys.io/hosts/194.135.17.3
|
|
* https://search.censys.io/hosts/195.80.148.103
|
|
* https://search.censys.io/hosts/195.123.240.41
|
|
* https://search.censys.io/hosts/195.245.239.108
|
|
* https://search.censys.io/hosts/198.98.52.184
|
|
* https://search.censys.io/hosts/198.211.15.57
|
|
* https://search.censys.io/hosts/198.211.109.235
|
|
* https://search.censys.io/hosts/206.81.5.204
|
|
* https://search.censys.io/hosts/206.189.143.81
|
|
* https://search.censys.io/hosts/208.64.230.6
|
|
* https://search.censys.io/hosts/208.117.83.103
|
|
* https://search.censys.io/hosts/208.123.119.232
|
|
* https://search.censys.io/hosts/216.127.175.18
|
|
* https://search.censys.io/hosts/216.127.186.202
|
|
* https://search.censys.io/hosts/217.6.46.91
|
|
* https://search.censys.io/hosts/222.208.209.13
|
|
* https://search.censys.io/hosts/222.208.209.46
|
|
* https://search.censys.io/hosts/222.208.209.148
|
|
* https://search.censys.io/hosts/222.208.210.47
|
|
* https://threatfox.abuse.ch
|
|
* https://twitter.com/embee_research/status/1660922163002757120
|
|
* https://twitter.com/MichalKoczwara/status/1603709696405225472
|
|
* https://twitter.com/MichalKoczwara/status/1639587828899147777
|
|
* https://twitter.com/r3dhttps://twitter.com/r3dbU7z/status/1627205584108896256bU7z/status/1627205584108896256
|
|
* https://twitter.com/sicehice/status/1647641806190911494
|
|
* https://www.virustotal.com/gui/file/6385c94a74aa8a6abafc6b398f43ba4039926a242e0f62d9c2e433a496fabc5d
|
|
|
|
## Literature
|
|
|
|
The following _articles_ explain our unique predictive cyber threat intelligence:
|
|
|
|
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
|
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
|
|
|
## License
|
|
|
|
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|