-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathThreatview.io-log4j2-IOC-list
110 lines (110 loc) · 10.5 KB
/
Threatview.io-log4j2-IOC-list
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
#List of Indicators of compromise identified by Threatview.io
#
#IP,Domain,Country,Region,City,ISP,ASN,Lat,Long
109.237.96.124,server.com,Russia,Tatarstan Republic,"Kazan??,Hostglobal.plus Ltd""",202306,56.0248,48.9526,
133.130.120.176,v133-130-120-176.a04b.g.tyo1.static.cnode.io,Japan,Kanagawa,Kawasaki,"GMO Internet,Inc",7506,35.5311,139.7314
138.197.216.230,jerry-se-do-na-west-scanners-89.do.binaryedge.ninja,United States,California,Santa Clara,DIGITALOCEAN-ASN,14061,37.3417,-121.9753
138.197.72.76,NA,United States,New Jersey,Clifton,DIGITALOCEAN-ASN,14061,40.8364,-74.1403
138.197.9.239,db-mongodb-nyc3-tasklogs-53558181.mongo.ondigitalocean.com,United States,New Jersey,Clifton,DIGITALOCEAN-ASN,14061,40.8364,-74.1403
139.28.219.110,NA,France,Paris,Paris,M247 Ltd,9009,48.9335,2.3661
139.59.103.254,NA,Singapore,NA,Singapore,DIGITALOCEAN-ASN,14061,1.3078,103.6818
139.59.188.119,NA,United Kingdom,England,London,DIGITALOCEAN-ASN,14061,51.5368,-0.6718
142.93.157.150,NA,Canada,Ontario,Toronto,DIGITALOCEAN-ASN,14061,43.6547,-79.3623
143.198.183.66,NA,United States,New Jersey,North Bergen,DIGITALOCEAN-ASN,14061,40.793,-74.0247
147.182.131.229,NA,United States,New Jersey,North Bergen,DIGITALOCEAN-ASN,14061,40.793,-74.0247
159.223.9.17,jerry-se-do-eu-central-scanners-23.do.binaryedge.ninja,Netherlands,North Holland,Amsterdam,DIGITALOCEAN-ASN,14061,52.352,4.9392
167.71.13.196,synprobe001.leakix.net,Netherlands,North Holland,Amsterdam,DIGITALOCEAN-ASN,14061,52.352,4.9392
167.99.221.249,NA,Netherlands,North Holland,Amsterdam,DIGITALOCEAN-ASN,14061,52.352,4.9392
167.99.44.32,NA,Netherlands,North Holland,Amsterdam,DIGITALOCEAN-ASN,14061,52.352,4.9392
171.25.193.20,tor-exit0-readme.dfri.se,Sweden,NA,NA,Foreningen for digitala fri- och rattigheter,198093,59.3247,18.056
171.25.193.25,tor-exit5-readme.dfri.se,Sweden,NA,NA,Foreningen for digitala fri- och rattigheter,198093,59.3247,18.056
172.105.42.5,resolver09.mum1.linode.com,India,Maharashtra,Mumbai,"Linode, LLC",63949,19.0748,72.8856
173.234.27.143,solaris.verybighakdlfj.com,United States,New York,New York,DEDICATED,63018,40.738,-73.9858
18.27.197.252,wholesomeserver.media.mit.edu,United States,Massachusetts,Cambridge,MIT-GATEWAYS,3,42.3649,-71.0987
18.64.115.100,server-18-64-115-100.txl50.r.cloudfront.net,United States,NA,NA,AMAZON-02,16509,37.751,-97.822
185.191.32.198,NA,Russia,NA,NA,OOO Network of data-centers Selectel,50340,55.7386,37.6068
185.220.100.242,tor-exit-15.zbau.f3netze.de,Germany,Bavaria,Nuremberg,F3 Netze e.V.,205100,49.4324,11.052
185.236.200.117,NA,United States,California,Los Angeles,M247 Ltd,9009,34.0485,-118.2529
185.244.214.217,no-mans-land.m247.com,Poland,Mazovia,Warsaw,M247 Ltd,9009,52.1574,21.0126
185.250.148.157,vm233926.pq.hosting,Moldova,Chi?in?u Municipality,Chisinau,Pq Hosting S.r.l.,43624,47.0042,28.8574
188.241.156.221,NA,United Kingdom,England,London,Hydra Communications Ltd,25369,51.5016,-0.0149
195.251.41.139,web.eef.edu.gr,Greece,Attica,Old Faliron,National Infrastructures for Research and Technology S.A.,5408,37.9312,23.7032
20.71.156.146,NA,Netherlands,North Holland,Amsterdam,MICROSOFT-CORP-MSN-AS-BLOCK,8075,52.3759,4.8975
205.185.115.217,NA,United States,Nevada,Las Vegas,PONYNET,53667,36.102,-115.1447
212.192.216.30,research.rhapsodizingemend.com,Germany,NA,NA,Des Capital B.V.,213035,51.2993,9.491
212.193.57.225,260129.simplecloud.ru,Russia,NA,NA,Trader soft LLC,201848,55.7386,37.6068
217.112.83.246,217-112-83-246.static.as29550.net,United Kingdom,NA,NA,Simply Transit Ltd,29550,51.4964,-0.1224
37.187.122.82,ns331632.ip-37-187-122.eu,France,NA,NA,OVH SAS,16276,48.8582,2.3387
40.64.92.153,NA,United States,Washington,,MICROSOFT-CORP-MSN-AS-BLOCK,8075,47.6034,-122.3414
40.64.92.157,NA,United States,Washington,,MICROSOFT-CORP-MSN-AS-BLOCK,8075,47.6034,-122.3414
40.64.92.158,NA,United States,Washington,,MICROSOFT-CORP-MSN-AS-BLOCK,8075,47.6034,-122.3414
40.64.92.159,NA,United States,Washington,,MICROSOFT-CORP-MSN-AS-BLOCK,8075,47.6034,-122.3414
45.130.229.168,NA,Germany,NA,NA,Hostinger International Limited,47583,51.2993,9.491
45.137.21.9,hosted-by.rootlayer.net,Bangladesh,NA,NA,RootLayer Web Services Ltd.,51447,23.7018,90.3742
45.155.205.233,NA,Russia,St.-Petersburg,St Petersburg,OOO Network of data-centers Selectel,49505,59.8983,30.2618
46.105.95.220,re-load.elastix.com,France,NA,NA,OVH SAS,16276,48.8582,2.3387
5.157.38.50,NA,Sweden,Stockholm County,Stockholm,Inter Connects Inc,60485,59.3333,18.05
5.22.208.77,5-22-208-77.nl-ams1.upcloud.host,Finland,NA,NA,UpCloud Ltd,202053,60.1717,24.9349
52.200.111.193,ec2-52-200-111-193.compute-1.amazonaws.com,United States,Virginia,Ashburn,AMAZON-AES,14618,39.0469,-77.4903
52.232.211.160,NA,United States,Virginia,Boydton,MICROSOFT-CORP-MSN-AS-BLOCK,8075,36.6534,-78.375
52.232.211.163,NA,United States,Virginia,Boydton,MICROSOFT-CORP-MSN-AS-BLOCK,8075,36.6534,-78.375
52.232.211.166,NA,United States,Virginia,Boydton,MICROSOFT-CORP-MSN-AS-BLOCK,8075,36.6534,-78.375
52.232.211.167,NA,United States,Virginia,Boydton,MICROSOFT-CORP-MSN-AS-BLOCK,8075,36.6534,-78.375
52.95.72.73,NA,India,Maharashtra,Mumbai,AMAZON-02,16509,19.0748,72.8856
62.181.147.15,NA,Germany,NA,NA,Finanz Informatik GmbH & Co. KG,15790,51.2993,9.491
62.210.130.250,NA,France,NA,NA,Online S.a.s.,12876,48.8582,2.3387
62.76.41.46,392.mighost.ru,Russia,NA,NA,"IT House, Ltd",57010,55.7386,37.6068
80.71.158.12,server.com,Ukraine,NA,NA,Rices Privately owned enterprise,48693,50.4522,30.5287
82.118.18.201,vds884035.hosted-by-itldc.com,Ukraine,Kharkiv,Kharkiv,ITL LLC,15626,49.982,36.2566
85.10.195.175,static.85-10-195-175.clients.your-server.de,Germany,Land Berlin,Berlin,Hetzner Online GmbH,24940,52.4833,13.531
89.187.162.98,unn-89-187-162-98.cdn77.com,Singapore,NA,Singapore,Datacamp Limited,60068,1.3036,103.8554
92.151.52.150,lfbn-idf1-1-2253-150.w92-151.abo.wanadoo.fr,France,Yvelines,Rambouillet,Orange,3215,48.639,1.8284
92.242.40.21,NA,Ukraine,Crimea,Yalta,CloudLite LLC,210200,44.5014,34.1614
93.189.42.8,mysocialmediareputation.co,Russia,NA,NA,Limited Liability Company NTCOM,41853,55.7386,37.6068
95.216.226.236,static.236.226.216.95.clients.your-server.de,Finland,Uusimaa,Helsinki,Hetzner Online GmbH,24940,60.1719,24.9347
172.245.14.50,172-245-14-50-host.colocrossing.com,United States,,NA,AS-COLOCROSSING,36352,37.751,-97.822
89.249.63.3,NA,Russia,Sverdlovsk Oblast,Reftinskiy,Uzbektelekom Joint Stock Company,8193,57.0899,61.6865
161.35.119.60,jerry-se-do-na-east-scanners-62.do.binaryedge.ninja,United States,New Jersey,North Bergen,DIGITALOCEAN-ASN,14061,40.793,-74.0247
157.245.109.75,jerry-se-do-ap-central-scanners-11.do.binaryedge.ninja,India,Karnataka,Bengaluru,DIGITALOCEAN-ASN,14061,12.9634,77.5855
61.19.25.207,NA,Thailand,NA,NA,"The Communication Authoity of Thailand, CAT",9931,13.7442,100.4608
167.99.172.99,jerry-se-do-na-west-scanners-44.do.binaryedge.ninja,United States,California,Santa Clara,DIGITALOCEAN-ASN,14061,37.3417,-121.9753
159.65.194.103,jerry-se-do-eu-central-scanners-70.do.binaryedge.ninja,Netherlands,North Holland,Amsterdam,DIGITALOCEAN-ASN,14061,52.352,4.9392
194.48.199.78,NA,Poland,Mazovia,Warsaw,Riviera Telecom Ltd,207804,52.2484,21.0026
162.255.202.246,NA,United States,Michigan,Traverse City,FNL-33-19754,19754,44.7603,-85.618
172.111.48.30,NA,United States,New York,New York,PUREVOLTAGE-INC,26548,40.6063,-74.1774
45.155.205.233,NA,Russia,St.-Petersburg,St Petersburg,OOO Network of data-centers Selectel,49505,59.8983,30.2618
167.172.44.255,NA,Netherlands,North Holland,Amsterdam,DIGITALOCEAN-ASN,14061,52.352,4.9392
198.98.51.189,tor.teitel.net,United States,New York,Staten Island,PONYNET,53667,40.6063,-74.1774
45.130.229.168,NA,Germany,NA,NA,Hostinger International Limited,47583,51.2993,9.491
193.3.19.159,NA,Russia,NA,NA,OOO Network of data-centers Selectel,50340,55.7386,37.6068
45.83.64.1,NA,Germany,NA,NA,Alpha Strike Labs GmbH,208843,51.2993,9.491
195.54.160.149,NA,Russia,NA,NA,OOO Network of data-centers Selectel,49505,55.7386,37.6068
45.83.193.150,NA,Estonia,NA,NA,PE Skurykhin Mukola Volodumurovuch,56851,59,26
112.74.52.90,NA,China,Guangdong,Shenzhen,"Hangzhou Alibaba Advertising Co.,Ltd.",37963,22.5318,114.1374
195.251.41.139,eticket.eef.edu.gr,Greece,Attica,Old Faliron,National Infrastructures for Research and Technology S.A.,5408,37.9312,23.7032
45.83.65.114,NA,Germany,NA,NA,Alpha Strike Labs GmbH,208843,51.2993,9.491
45.137.21.9,hosted-by.rootlayer.net,Bangladesh,NA,NA,RootLayer Web Services Ltd.,51447,23.7018,90.3742
5.22.208.77,5-22-208-77.nl-ams1.upcloud.host,Finland,NA,NA,UpCloud Ltd,202053,60.1717,24.9349
62.210.130.250,NA,France,NA,NA,Online S.a.s.,12876,48.8582,2.3387
80.71.158.12,server.com,Ukraine,NA,NA,Rices Privately owned enterprise,48693,50.4522,30.5287
172.245.14.50,172-245-14-50-host.colocrossing.com,United States,NA,NA,AS-COLOCROSSING,36352,37.751,-97.822
45.83.67.27,NA,Germany,NA,NA,Alpha Strike Labs GmbH,208843,51.2993,9.491
45.83.64.77,NA,Germany,NA,NA,Alpha Strike Labs GmbH,208843,51.2993,9.491
45.146.164.160,NA,Russia,Moscow,Moscow,OOO Network of data-centers Selectel,49505,55.7483,37.6171
51.105.55.17,NA,United Kingdom,England,London,MICROSOFT-CORP-MSN-AS-BLOCK,8075,51.5095,-0.0955
185.220.101.37,tor-exit-37.for-privacy.net,Germany,NA,NA,Cia Triad Security LLC,208294,51.2993,9.491
34.65.121.142,142.121.65.34.bc.googleusercontent.com,Switzerland,Zurich,Zurich,GOOGLE-CLOUD-PLATFORM,396982,47.3682,8.5671
157.90.35.190,static.190.35.90.157.clients.your-server.de,Germany,NA,NA,Hetzner Online GmbH,24940,51.2993,9.491
143.244.156.104,system-02.kingsk.com.br,United States,New Jersey,North Bergen,DIGITALOCEAN-ASN,14061,40.793,-74.0247
157.245.108.125,NA,India,Karnataka,Bengaluru,DIGITALOCEAN-ASN,14061,12.9634,77.5855
135.148.143.217,ip-135-148-143-217.hyperium.ovh,United States,NA,NA,OVH SAS,16276,37.751,-97.822
162.55.90.26,static.26.90.55.162.clients.your-server.de,Germany,NA,NA,Hetzner Online GmbH,24940,51.2993,9.491
167.71.175.10,NA,United States,New Jersey,Clifton,DIGITALOCEAN-ASN,14061,40.8364,-74.1403
139.59.70.139,NA,India,Karnataka,Bengaluru,DIGITALOCEAN-ASN,14061,12.9634,77.5855
159.223.5.30,NA,Netherlands,North Holland,Amsterdam,DIGITALOCEAN-ASN,14061,52.352,4.9392
31.131.16.127,moy-dom.biz,Ukraine,NA,NA,PE Skurykhin Mukola Volodumurovuch,56851,50.4522,30.5287
170.210.45.163,vm02unlpam.riu.edu.ar,Argentina,Buenos Aires F.D.,Buenos Aires,Red de Interconexion Universitaria,4270,-34.6022,-58.3845
107.189.29.181,NA,Luxembourg,Luxembourg,Luxembourg,PONYNET,53667,49.6113,6.1294
143.198.231.94,NA,United States,California,Santa Clara,DIGITALOCEAN-ASN,14061,37.3931,-121.962
179.43.175.101,NA,Switzerland,Zurich,Zurich,Private Layer INC,51852,47.3682,8.5671
5.101.118.127,s7cf2484f.fastvps-server.com,Estonia,NA,NA,P.a.g.m. Ou,198068,59,26