-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathlatest-HTML-AlienVault-OTX.html
5 lines (3 loc) · 16.7 KB
/
latest-HTML-AlienVault-OTX.html
1
2
3
4
5
<html><head><style>td{white-space:nowrap;}.h3{display:inline;}.pulse{border-top:1px #dddddd solid;}</style><link rel='stylesheet' href='https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/bootstrap.min.css'><script src='https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js'></script><script src='https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js'></script></head><body><h3>IP Address: 192.160.102.164</h3><h4>Geolocation</h4><table class="table table-sm"><tr><th>Location</th><td>Winnipeg, Canada <img src='https://otx.alienvault.com/assets/images/flags/ca.png'></td></tr><tr><th>ASN/Owner</th><td>AS395089 Hextet Systems</td></tr></table><h4>Passive DNS</h4><h5>(5 found)</h5><table class="table table-sm"><thead><tr><th>Date resolved</th><th>Domain</th></tr></thead><tbody><tr><td>2017-03-09T23:00:00+00:00</td><td><a href="https://otx.alienvault.com/indicator/hostname/nounours.synology.me">[A] nounours.synology.me</a></td></tr><tr><td>2017-01-08T23:00:00+00:00</td><td><a href="https://otx.alienvault.com/indicator/hostname/idm2017.hopto.org">[A] idm2017.hopto.org</a></td></tr><tr><td>2016-12-08T23:00:00+00:00</td><td><a href="https://otx.alienvault.com/indicator/hostname/antvirus.ddns.com.br">[A] antvirus.ddns.com.br</a></td></tr><tr><td>2016-07-15T22:55:30+00:00 - 2017-10-31T04:30:22+00:00</td><td><a href="https://otx.alienvault.com/indicator/hostname/snowfall.relay.coldhak.com">[A] snowfall.relay.coldhak.com</a></td></tr></tbody></table><h4>Observed Malicious Activity</h4><h5>(1 found)</h5><table class="table table-sm"><thead><tr><th>Scanned</th><th>Activity</th><th>Finding</th><th>Source</th></tr></thead><tbody><tr><td>2017-04-30T07:55:45 - 2017-04-30T22:07:00</td><td>Scanning Host</td><td>192.160.102.164 scan-ssh</td><td>openbl_ssh</td></tr></tbody></table><h4>Associated Files</h4><h5>(43 found)</h5><table class="table table-sm"><thead><tr><th>Scanned</th><th>File Hash (SHA256)</th><th>Detections</th></tr></thead><tbody><tr><td>2019-07-27 08:47:27</td><td><a href="https://otx.alienvault.com/indicator/file/ae2b26e258871dbfad142eac299952eafc99634f8d0630ed7fab53f19c358985">ae2b26e258871dbfad142eac299952eafc99634f8d0630ed7fab53f19c358985</a></td><td><span style="color:red">[avast] Win32:Malware-gen</span></td></tr><tr><td>2019-07-27 08:45:23</td><td><a href="https://otx.alienvault.com/indicator/file/cfb942f7fbb88dbc3d17927cdabec9faf105e51be0c0bb2c39772d1b1c795ee8">cfb942f7fbb88dbc3d17927cdabec9faf105e51be0c0bb2c39772d1b1c795ee8</a></td><td><span style="color:red">[avast] Win32:Malware-gen</span>, <span style="color:red">[clamav] Win.Malware.Clipbanker-6952638-0</span></td></tr><tr><td>2019-07-24 04:15:29</td><td><a href="https://otx.alienvault.com/indicator/file/bc4ffb3cb5648afe4815168fdd8a2a12e7589ff3dff072f125c026596d6d0c45">bc4ffb3cb5648afe4815168fdd8a2a12e7589ff3dff072f125c026596d6d0c45</a></td><td></td></tr><tr><td>2019-07-23 21:41:43</td><td><a href="https://otx.alienvault.com/indicator/file/913f70fcb9f22549303622416efef682077d41ab42c31ef90c295b6e8569c445">913f70fcb9f22549303622416efef682077d41ab42c31ef90c295b6e8569c445</a></td><td></td></tr><tr><td>2019-06-03 17:31:25</td><td><a href="https://otx.alienvault.com/indicator/file/bbb739e2fda44a3064dffa77a88b9aad338e892d1dd4db2873822690c828b8a5">bbb739e2fda44a3064dffa77a88b9aad338e892d1dd4db2873822690c828b8a5</a></td><td><span style="color:red">[avast] Win32:Malware-gen</span></td></tr><tr><td>2019-03-20 08:22:52</td><td><a href="https://otx.alienvault.com/indicator/file/6a0a62ec562c64f49cf1bd608cb7036cf3f2be035f2ffe7cfc6ffb276c86aa2c">6a0a62ec562c64f49cf1bd608cb7036cf3f2be035f2ffe7cfc6ffb276c86aa2c</a></td><td><span style="color:red">[avast] Win32:IRCBot-EXE\ [Trj]</span>, <span style="color:red">[clamav] Win.Trojan.Delf-6717398-0</span>, <span style="color:red">[msdefender] Backdoor:Win32/Delf.DU</span></td></tr><tr><td>2019-03-20 08:20:50</td><td><a href="https://otx.alienvault.com/indicator/file/5ce3fad13255782100385824debe3c4493a4ca1e9fba4c8edeb25104380dcef0">5ce3fad13255782100385824debe3c4493a4ca1e9fba4c8edeb25104380dcef0</a></td><td></td></tr><tr><td>2019-03-20 08:11:11</td><td><a href="https://otx.alienvault.com/indicator/file/fa22fc5c4f8ce6d308b7f818926107fb4626b137277fa1c2c59705a1d27669a1">fa22fc5c4f8ce6d308b7f818926107fb4626b137277fa1c2c59705a1d27669a1</a></td><td><span style="color:red">[avast] Win32:Farfli-AV\ [Trj]</span>, <span style="color:red">[clamav] Win.Trojan.Farfli-6781337-0</span>, <span style="color:red">[msdefender] Backdoor:Win32/Zegost.AD</span></td></tr><tr><td>2019-03-20 08:07:36</td><td><a href="https://otx.alienvault.com/indicator/file/a03c3f506a05b8b3c616c2bfed69b6366ecb4ce77e250cd5d0fc0b6ca715885d">a03c3f506a05b8b3c616c2bfed69b6366ecb4ce77e250cd5d0fc0b6ca715885d</a></td><td><span style="color:red">[avast] Win32:Malware-gen</span></td></tr><tr><td>2019-01-22 14:10:57</td><td><a href="https://otx.alienvault.com/indicator/file/96cae18645d5600b0fe9dca33e79e9dba6eaa4c07d47b74df0e7a18857d918ea">96cae18645d5600b0fe9dca33e79e9dba6eaa4c07d47b74df0e7a18857d918ea</a></td><td><span style="color:red">[avast] Win32:Malware-gen</span></td></tr></tbody></table><h4>Associated URLs</h4><h5>(11 found)</h5><table class="table table-sm"><thead><tr><th>Scanned</th><th>URL</th><th>HTTP Response</th></tr></thead><tbody><tr><td>2019-11-30T03:15:20</td><td><a href="http://192.160.102.164/tor/server/fp/6ff440dfb1d0697b942357d747900cc308dd57cc">http://192.160.102.164/tor/server/fp/6ff440dfb1d0697b942357d747900cc308dd57cc</a></td><td>200</td></tr><tr><td>2019-07-07T20:50:04</td><td><a href="http://192.160.102.164/tor/server/fp/">http://192.160.102.164/tor/server/fp/</a></td><td>404</td></tr><tr><td>2019-07-07T19:55:20</td><td><a href="http://192.160.102.164/tor/server/fp/906dcb390f2ba987ae258d745e60baaabad31de8">http://192.160.102.164/tor/server/fp/906dcb390f2ba987ae258d745e60baaabad31de8</a></td><td>200</td></tr><tr><td>2019-02-14T14:22:53</td><td><a href="http://192.160.102.164:9001/">http://192.160.102.164:9001/</a></td><td>Connection Error</td></tr><tr><td>2018-08-11T01:04:20</td><td><a href="http://192.160.102.164/tor/server/fp/59b7c535aef26c3a902aaf6eb6a4bd4b4f2ce4a6">http://192.160.102.164/tor/server/fp/59b7c535aef26c3a902aaf6eb6a4bd4b4f2ce4a6</a></td><td>Connection Error</td></tr><tr><td>2018-06-22T10:19:38</td><td><a href="http://192.160.102.164/tor/server/fp/970ce6b17927f083abf157e9bfa305fd39e062e5">http://192.160.102.164/tor/server/fp/970ce6b17927f083abf157e9bfa305fd39e062e5</a></td><td>200</td></tr><tr><td>2018-04-19T06:27:55</td><td><a href="http://pertalkcudex.kvrddns.com/">http://pertalkcudex.kvrddns.com/</a></td><td>200</td></tr><tr><td>2017-08-15T00:06:18</td><td><a href="http://192.160.102.164">http://192.160.102.164</a></td><td>200</td></tr><tr><td>2017-06-29T06:46:39</td><td><a href="http://snowfall.relay.coldhak.com">http://snowfall.relay.coldhak.com</a></td><td>200</td></tr><tr><td>2017-03-27T23:52:08</td><td><a href="http://192.160.102.164/">http://192.160.102.164/</a></td><td>200</td></tr></tbody></table><h4>Submitted Pulses</h4><h5>(40 found)</h5><div class='pulse'><h4><a href='https://otx.alienvault.com/pulse/5cbe5ab2d0f87c413b175a71'>TOR Nodes</a></h4><h5>[Created] 2019-12-01T07:06:44.791000</h5><p>Outbound connections suggest your users are using TOR. Inbound connections suggest TOR users are connecting to your services.
This pulse is auto-updated daily through API.
Please note that some of these addresses also host other (non-TOR related) services.</p><p>Tags: TOR, VPN</p></div><div class='pulse'><h4><a href='https://otx.alienvault.com/pulse/5d5e49099164f0c27a0aaa9d'>N6 Torlist 2019-08-22</a></h4><h5>[Modified] 2019-08-22T07:49:29.076000</h5><p></p><p>Tags: tor</p></div><div class='pulse'><h4><a href='https://otx.alienvault.com/pulse/5d47dcba80b662ea8131282e'>N6 Torlist 2019-08-05</a></h4><h5>[Modified] 2019-08-05T07:37:30.851000</h5><p></p><p>Tags: tor</p></div><div class='pulse'><h4><a href='https://otx.alienvault.com/pulse/5d410cc304ca76e46ef6e71f'>VNC honeypot logs for 2019/07/30</a></h4><h5>[Modified] 2019-07-31T03:36:35.409000</h5><p>VNC honeypot authentication attempts from a US /32</p><p>Tags: vnc, honeypot</p></div><div class='pulse'><h4><a href='https://otx.alienvault.com/pulse/5d19a643fa27ed41cc9ad62d'>dan.me.uk tor nodes 1.07.2019</a></h4><h5>[Created] 2019-07-01T06:22:06.248000</h5><p></p><p>Tags: tor</p></div><div class='pulse'><h4><a href='https://otx.alienvault.com/pulse/5d16dc35ece1a4c2d93ece07'>VNC honeypot logs for 2019/06/28</a></h4><h5>[Modified] 2019-06-29T03:34:13.166000</h5><p>VNC honeypot authentication attempts from a US /32</p><p>Tags: vnc, honeypot</p></div><div class='pulse'><h4><a href='https://otx.alienvault.com/pulse/5d158a9e1e0e448cdcc20fef'>VNC honeypot logs for 2019/06/27</a></h4><h5>[Modified] 2019-06-28T03:33:50.644000</h5><p>VNC honeypot authentication attempts from a US /32</p><p>Tags: vnc, honeypot</p></div><div class='pulse'><h4><a href='https://otx.alienvault.com/pulse/5d1439263587b4e193e0bd39'>VNC honeypot logs for 2019/06/26</a></h4><h5>[Modified] 2019-06-27T03:33:58.410000</h5><p>VNC honeypot authentication attempts from a US /32</p><p>Tags: vnc, honeypot</p></div><div class='pulse'><h4><a href='https://otx.alienvault.com/pulse/5d12e7371f60f58c995151de'>VNC honeypot logs for 2019/06/25</a></h4><h5>[Modified] 2019-06-26T03:32:07.606000</h5><p>VNC honeypot authentication attempts from a US /32</p><p>Tags: vnc, honeypot</p></div><div class='pulse'><h4><a href='https://otx.alienvault.com/pulse/5d1195fdaa197d79058654a9'>VNC honeypot logs for 2019/06/24</a></h4><h5>[Modified] 2019-06-25T03:33:17.345000</h5><p>VNC honeypot authentication attempts from a US /32</p><p>Tags: vnc, honeypot</p></div><h3>IP Address: 216.58.213.131</h3><h4>Geolocation</h4><table class="table table-sm"><tr><th>Location</th><td>Mountain View, United States <img src='https://otx.alienvault.com/assets/images/flags/us.png'></td></tr><tr><th>ASN/Owner</th><td>AS15169 Google LLC</td></tr></table><h4>Passive DNS</h4><h5>(500 found)</h5><table class="table table-sm"><thead><tr><th>Date resolved</th><th>Domain</th></tr></thead><tbody><tr><td>2018-12-11T23:00:00+00:00</td><td><a href="https://otx.alienvault.com/indicator/hostname/maps.google.com.sa">[A] maps.google.com.sa</a></td></tr><tr><td>2018-11-04T23:00:00+00:00</td><td><a href="https://otx.alienvault.com/indicator/domain/265.com">[A] 265.com</a></td></tr><tr><td>2018-10-02T22:00:00+00:00</td><td><a href="https://otx.alienvault.com/indicator/domain/google.mg">[A] google.mg</a></td></tr><tr><td>2018-09-09T22:00:00+00:00</td><td><a href="https://otx.alienvault.com/indicator/domain/google.pk">[A] google.pk</a></td></tr><tr><td>2018-08-28T22:00:00+00:00</td><td><a href="https://otx.alienvault.com/indicator/hostname/p2-dbapvhtkbybj2-cqpldx4qpb4vt2xl-597930-s1-v6exp3-v4.metric.gstatic.com">[A] p2-dbapvhtkbybj2-cqpldx4qpb4vt2xl-597930-s1-v6exp3-v4.metric.gstatic.com</a></td></tr><tr><td>2018-08-27T22:00:00+00:00</td><td><a href="https://otx.alienvault.com/indicator/hostname/p2-bipv5zihcqace-dazdbhzhefndwmuc-if-v6exp3-v4.metric.gstatic.com">[A] p2-bipv5zihcqace-dazdbhzhefndwmuc-if-v6exp3-v4.metric.gstatic.com</a></td></tr><tr><td>2018-08-26T22:00:00+00:00</td><td><a href="https://otx.alienvault.com/indicator/domain/bcsaon.com">[A] bcsaon.com</a></td></tr><tr><td>2018-08-23T22:00:00+00:00</td><td><a href="https://otx.alienvault.com/indicator/hostname/p2-acek5k7lf4awm-drchjtwudrp6yoqc-if-v6exp3-v4.metric.gstatic.com">[A] p2-acek5k7lf4awm-drchjtwudrp6yoqc-if-v6exp3-v4.metric.gstatic.com</a></td></tr><tr><td>2018-08-21T22:00:00+00:00</td><td><a href="https://otx.alienvault.com/indicator/hostname/56d48d38-pokavvoqzrptz4lm-c2r-ds.metric.gstatic.com">[A] 56d48d38-pokavvoqzrptz4lm-c2r-ds.metric.gstatic.com</a></td></tr><tr><td>2018-08-20T22:00:00+00:00</td><td><a href="https://otx.alienvault.com/indicator/hostname/p2-cfwbzy6lc3tvy-r2ajlpfxifndix6m-if-v6exp3-v4.metric.gstatic.com">[A] p2-cfwbzy6lc3tvy-r2ajlpfxifndix6m-if-v6exp3-v4.metric.gstatic.com</a></td></tr></tbody></table><h4>Associated Files</h4><h5>(1292 found)</h5><table class="table table-sm"><thead><tr><th>Scanned</th><th>File Hash (SHA256)</th><th>Detections</th></tr></thead><tbody><tr><td>2019-11-25 20:49:23</td><td><a href="https://otx.alienvault.com/indicator/file/7688ef0391129e3d4c66a6d09d33b36a204051cd10b1109278af0270f991cae8">7688ef0391129e3d4c66a6d09d33b36a204051cd10b1109278af0270f991cae8</a></td><td></td></tr><tr><td>2019-11-25 11:46:58</td><td><a href="https://otx.alienvault.com/indicator/file/85d39fab6f26e08c49cf34f4d3d99ca0ed0b4f51709fa2caaa75e1758db7ae63">85d39fab6f26e08c49cf34f4d3d99ca0ed0b4f51709fa2caaa75e1758db7ae63</a></td><td></td></tr><tr><td>2019-11-25 11:42:15</td><td><a href="https://otx.alienvault.com/indicator/file/41f8e9599a1c77907977016f174a0ef357220e43fe096cbe161d2a7cdbfa07d1">41f8e9599a1c77907977016f174a0ef357220e43fe096cbe161d2a7cdbfa07d1</a></td><td></td></tr><tr><td>2019-11-24 23:22:34</td><td><a href="https://otx.alienvault.com/indicator/file/304b95af8385506e825f0faaa335c811fbb56d993aa1c75259103151f1b067b0">304b95af8385506e825f0faaa335c811fbb56d993aa1c75259103151f1b067b0</a></td><td></td></tr><tr><td>2019-11-15 19:37:51</td><td><a href="https://otx.alienvault.com/indicator/file/d509e74aefa61f8e3b38fa524047227ab235a9c8fb7540abccac6b37a654119b">d509e74aefa61f8e3b38fa524047227ab235a9c8fb7540abccac6b37a654119b</a></td><td></td></tr><tr><td>2019-11-15 19:05:54</td><td><a href="https://otx.alienvault.com/indicator/file/e1009d377773091934970e786ce1d18bdc15714408eaf353002d86c5159b8f87">e1009d377773091934970e786ce1d18bdc15714408eaf353002d86c5159b8f87</a></td><td><span style="color:red">[avast] Win32:Downloader-WIE\ [Trj]</span>, <span style="color:red">[clamav] Win.Malware.Upatre-6759739-0</span>, <span style="color:red">[msdefender] TrojanDownloader:Win32/Upatre.AA</span></td></tr><tr><td>2019-11-15 18:16:07</td><td><a href="https://otx.alienvault.com/indicator/file/6d3e840602589f9490bb8a13b31184982347527e04f479e354f40091e83cddc6">6d3e840602589f9490bb8a13b31184982347527e04f479e354f40091e83cddc6</a></td><td></td></tr><tr><td>2019-11-15 17:29:32</td><td><a href="https://otx.alienvault.com/indicator/file/5f83be9451c252838cb30916a2ea5db858688557880d5cc198ecf636e7ef6374">5f83be9451c252838cb30916a2ea5db858688557880d5cc198ecf636e7ef6374</a></td><td></td></tr><tr><td>2019-11-15 17:13:49</td><td><a href="https://otx.alienvault.com/indicator/file/37f92b5f81cb206d70bc5d3e50e3b4e3a22234359361def019dbe6b552da4f6a">37f92b5f81cb206d70bc5d3e50e3b4e3a22234359361def019dbe6b552da4f6a</a></td><td></td></tr><tr><td>2019-11-15 16:58:17</td><td><a href="https://otx.alienvault.com/indicator/file/c42382e811b3fb23bcbc660720640e6d7c1274f6ab709ec49f3d9974aea1a22b">c42382e811b3fb23bcbc660720640e6d7c1274f6ab709ec49f3d9974aea1a22b</a></td><td></td></tr></tbody></table><h4>Associated URLs</h4><h5>(9 found)</h5><table class="table table-sm"><thead><tr><th>Scanned</th><th>URL</th><th>HTTP Response</th></tr></thead><tbody><tr><td>2019-11-13T20:39:45</td><td><a href="http://216.58.213.131/gwt/n?u=http://xqhkgbsly.info/YTZmZDkxY/WOV7U5NalL/ujMRn65l70O/wVDPbX726/">http://216.58.213.131/gwt/n?u=http://xqhkgbsly.info/YTZmZDkxY/WOV7U5NalL/ujMRn65l70O/wVDPbX726/</a></td><td>200</td></tr><tr><td>2019-11-13T20:30:14</td><td><a href="http://216.58.213.131/gwt/n?u=http://xqhkgbsly.info/YTZmZDkxY/WOV7U5NalL/ujMRn65l70O/wVDPbX726/mg_24DsI">http://216.58.213.131/gwt/n?u=http://xqhkgbsly.info/YTZmZDkxY/WOV7U5NalL/ujMRn65l70O/wVDPbX726/mg_24DsI</a></td><td>200</td></tr><tr><td>2019-10-09T07:49:18</td><td><a href="http://csi.gstatic.com/csi?v=3&s=gapi_module&action=gapi_iframes__gapi_iframes_s21&it=mli.16,mei.0&e=abc_l0,abc_m0,abc_pgapi_iframes__gapi_iframes_s21,abc_u0&rt=">http://csi.gstatic.com/csi?v=3&s=gapi_module&action=gapi_iframes__gapi_iframes_s21&it=mli.16,mei.0&e=abc_l0,abc_m0,abc_pgapi_iframes__gapi_iframes_s21,abc_u0&rt=</a></td><td>204</td></tr><tr><td>2018-09-18T07:29:26</td><td><a href="http://bcsaon.com/">http://bcsaon.com/</a></td><td>404</td></tr><tr><td>2018-08-13T22:40:03</td><td><a href="http://xn--yhcsckhe-z80dza6z.vn/">http://xn--yhcsckhe-z80dza6z.vn/</a></td><td>404</td></tr><tr><td>2017-10-20T06:23:07</td><td><a href="http://216.58.213.131">http://216.58.213.131</a></td><td>Connection Error</td></tr><tr><td>2017-04-25T21:10:50</td><td><a href="http://216.58.213.131/">http://216.58.213.131/</a></td><td>Connection Error</td></tr><tr><td>2017-04-23T18:38:09</td><td><a href="http://216.58.213.131/gwt/n?u=http://65.49.2.24/MzVkZWFlM2/Wvm9ullI19H/rF8wdTlgC/xXrGsJmlYDa/FHwRYqH_fc">http://216.58.213.131/gwt/n?u=http://65.49.2.24/MzVkZWFlM2/Wvm9ullI19H/rF8wdTlgC/xXrGsJmlYDa/FHwRYqH_fc</a></td><td>200</td></tr><tr><td>2017-04-23T18:38:09</td><td><a href="http://216.58.213.131/gwt/n?u=http://rss.e39sd.info/NDQ1N2NlOG/UyuJSjg/QO0VDy8co/In_pDzRwLw/8ndREyurRia/NKzDGj2M">http://216.58.213.131/gwt/n?u=http://rss.e39sd.info/NDQ1N2NlOG/UyuJSjg/QO0VDy8co/In_pDzRwLw/8ndREyurRia/NKzDGj2M</a></td><td>200</td></tr></tbody></table></body></html>