{ "Event": { "analysis": "2", "date": "2023-12-19", "extends_uuid": "", "info": "Phishing targeting Luxembourg services (hosted and served on/from AWS)", "publish_timestamp": "1721049681", "published": true, "threat_level_id": "2", "timestamp": "1721049635", "uuid": "f3290493-8f74-4220-aa04-b83408e37a0c", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#001e3a", "local": false, "name": "phishing:techniques=\"fake-website\"", "relationship_type": "" }, { "colour": "#0073de", "local": false, "name": "phishing:psychological-acceptability=\"high\"", "relationship_type": "" }, { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Phishing - T1566\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#0071c3", "local": false, "name": "osint:lifetime=\"perpetual\"", "relationship_type": "" }, { "colour": "#ffffff", "local": false, "name": "tlp:white", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:country=\"luxembourg\"", "relationship_type": "targets" } ], "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1702970648", "to_ids": true, "type": "ip-dst", "uuid": "16938dd2-96b7-481e-a446-347ffddfd7b3", "value": "18.117.184.102" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1702970683", "to_ids": true, "type": "domain", "uuid": "21468923-3073-4459-bb5e-00d6f9bf6808", "value": "ccss-public.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1702970717", "to_ids": true, "type": "domain", "uuid": "d47117a6-a4d1-486e-8d0b-12695c6bb48c", "value": "cns-lu.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1702970737", "to_ids": true, "type": "domain", "uuid": "bf64e660-fce8-44ff-9e28-b250e2ffc096", "value": "luxtrust.support" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1702970751", "to_ids": true, "type": "domain", "uuid": "3ebcc5fb-5a83-4685-b3db-0e925a14b96d", "value": "luxtrust.help" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1704276873", "to_ids": true, "type": "domain", "uuid": "c6c58ad3-aa8c-4fe1-8bf8-62e9a4707611", "value": "www-cns-lu.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1704277006", "to_ids": true, "type": "ip-dst", "uuid": "530e86ba-50f1-442b-a55a-e252e1648b2e", "value": "54.93.211.218" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1704277167", "to_ids": true, "type": "ip-dst", "uuid": "0df7ed22-6a64-489e-a25a-47909943fbe5", "value": "35.177.103.239" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1705419131", "to_ids": true, "type": "ip-dst", "uuid": "1df7ca81-743b-4821-98b9-1d32f5e9c9f8", "value": "3.71.1.255" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1706516536", "to_ids": true, "type": "domain", "uuid": "22cbe28b-1395-4820-b053-82bef0ffeb01", "value": "www-cns.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1706516536", "to_ids": true, "type": "domain", "uuid": "b18296a0-8fe2-4b6e-b48f-8f18d5dd9752", "value": "luxtrust-cancel.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1707383732", "to_ids": true, "type": "domain", "uuid": "40697a97-eeee-462a-8bde-f4d831bc2e59", "value": "luxtrust-unlock.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1707383927", "to_ids": true, "type": "domain", "uuid": "7fc1bb43-67d5-4f49-b674-132c7be2196f", "value": "ccss-sante-lu.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1710756979", "to_ids": true, "type": "url", "uuid": "04585ab4-3c86-457e-9443-5952051739b9", "value": "https://public-ccss.com/index.php" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1710757289", "to_ids": true, "type": "ip-dst", "uuid": "de6bf108-bd3e-424c-bf10-3c6d7c3b88d4", "value": "51.20.69.186" } ], "Object": [ { "comment": "luxtrust.help: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "first_seen": "2023-12-07T00:00:00+00:00", "last_seen": "2023-12-08T00:00:00+00:00", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702976991", "uuid": "0cbb8cdd-d630-4e20-8a0f-141d8e49a852", "ObjectReference": [ { "comment": "", "object_uuid": "0cbb8cdd-d630-4e20-8a0f-141d8e49a852", "referenced_uuid": "16938dd2-96b7-481e-a446-347ffddfd7b3", "relationship_type": "hosted-by", "timestamp": "1702976991", "uuid": "03517667-d4c5-40cd-8b2d-5d1bcee315ca" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702976933", "to_ids": false, "type": "counter", "uuid": "fa3650fb-171e-4d73-bd64-6d0e847e802d", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702976933", "to_ids": false, "type": "text", "uuid": "a2d8c4e1-351e-4fa9-9a79-a20d91c6b975", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702976933", "to_ids": false, "type": "datetime", "uuid": "a120a0f8-3687-4be0-b34d-d6de1c15a9f1", "value": "2023-12-07T13:42:52+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702976933", "to_ids": false, "type": "text", "uuid": "4f3a3350-dcb6-4074-abf5-d5ad966e8fc9", "value": "A" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702976933", "to_ids": false, "type": "text", "uuid": "124bebd8-1f07-421f-8c4c-0f7524662568", "value": "18.117.184.102" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702976933", "to_ids": true, "type": "text", "uuid": "2d7f9e52-a08b-452f-8b33-1340ddec9c35", "value": "luxtrust.help" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702976933", "to_ids": false, "type": "datetime", "uuid": "a55dba49-8c52-4f92-ad89-3921ca77f844", "value": "2023-12-07T13:42:52+00:00" } ] }, { "comment": "luxtrust.support: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702977008", "uuid": "a10e462b-cffa-41bb-a9f2-a8bd297e06c2", "ObjectReference": [ { "comment": "", "object_uuid": "a10e462b-cffa-41bb-a9f2-a8bd297e06c2", "referenced_uuid": "16938dd2-96b7-481e-a446-347ffddfd7b3", "relationship_type": "hosted-by", "timestamp": "1702977008", "uuid": "2391802b-58bb-477b-8ce8-ae6d56f49e0c" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702970767", "to_ids": false, "type": "counter", "uuid": "2e955f36-0101-4deb-a846-889c53470819", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "54106d70-a4e9-4461-90d0-06c5f5b14e4a", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702970767", "to_ids": false, "type": "datetime", "uuid": "70b95f9e-9367-412c-9c01-62ec357b18f4", "value": "2023-12-15T14:56:56+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "e6e08c24-527d-4756-a5ff-01a8b9b6994d", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "e1d617e9-0b1d-4331-9190-b58517ff7983", "value": "18.117.184.102" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702971443", "to_ids": true, "type": "text", "uuid": "b95e7a28-6630-4312-9e74-3ff366a41999", "value": "luxtrust.support" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702970767", "to_ids": false, "type": "datetime", "uuid": "f7c9c2a8-0b82-4a50-8d8b-267ea7dd73da", "value": "2023-12-19T07:22:05+00:00" } ] }, { "comment": "luxtrust.support: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702977187", "uuid": "c6b7db3a-2494-4a30-98d3-367f1c41006c", "ObjectReference": [ { "comment": "", "object_uuid": "c6b7db3a-2494-4a30-98d3-367f1c41006c", "referenced_uuid": "87640280-6595-43e7-b4bd-7f0bcba060cc", "relationship_type": "hosted-by", "timestamp": "1702977187", "uuid": "3ba136e4-16d8-4b62-adbb-c34cbe2b5daa" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702970767", "to_ids": false, "type": "counter", "uuid": "395c14e4-3644-4987-8555-b07b906a3332", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "c3bfdae9-7bd7-464d-9bba-13a3f9150400", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702970767", "to_ids": false, "type": "datetime", "uuid": "08fb34ce-0ff6-4bef-bc8d-eea1f8ccf3f8", "value": "2023-12-19T07:22:05+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "a05cf453-3958-49f8-8a9d-7ac3cc864543", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "efa614bf-9f22-4a14-8bcf-1746f29d6823", "value": "ns-137.awsdns-17.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702971449", "to_ids": true, "type": "text", "uuid": "884c6a89-549c-4ff9-b6ab-79f5cb073bfc", "value": "luxtrust.support" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702970767", "to_ids": false, "type": "datetime", "uuid": "a6fb10d1-956a-4d9c-a51d-6b60d4dae59e", "value": "2023-12-19T07:22:05+00:00" } ] }, { "comment": "luxtrust.support: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702977199", "uuid": "9da052e3-54b7-46c6-ba8e-6967d191c464", "ObjectReference": [ { "comment": "", "object_uuid": "9da052e3-54b7-46c6-ba8e-6967d191c464", "referenced_uuid": "87640280-6595-43e7-b4bd-7f0bcba060cc", "relationship_type": "hosted-by", "timestamp": "1702977199", "uuid": "b3d8296d-9a8d-4227-955e-7b2d34e0eaa0" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702970767", "to_ids": false, "type": "counter", "uuid": "a6b13f18-c36d-45fc-ae25-3e7ccc8174bb", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "32e5b9a0-d23e-4cd8-bfe5-cf94b75cafde", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702970767", "to_ids": false, "type": "datetime", "uuid": "526de953-3b0b-47d5-ac30-f49f7e274387", "value": "2023-12-19T07:22:05+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "e3210bc0-53dd-4393-b710-aad1b66940da", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "00a69ea5-a33f-4c3d-a67d-2b5d809a0d51", "value": "ns-1028.awsdns-00.org" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702971455", "to_ids": true, "type": "text", "uuid": "a2cd9820-df5c-4a45-b0d6-5073bc36a40b", "value": "luxtrust.support" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702970767", "to_ids": false, "type": "datetime", "uuid": "13e4e924-6f55-4c75-84fb-71467bff3192", "value": "2023-12-19T07:22:05+00:00" } ] }, { "comment": "luxtrust.support: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702977039", "uuid": "d7c78ba7-0786-4aed-8fe4-c75fafefc308", "ObjectReference": [ { "comment": "", "object_uuid": "d7c78ba7-0786-4aed-8fe4-c75fafefc308", "referenced_uuid": "16938dd2-96b7-481e-a446-347ffddfd7b3", "relationship_type": "hosted-by", "timestamp": "1702977039", "uuid": "68c310f8-8e3b-4fee-98e0-57b27b858df1" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702970767", "to_ids": false, "type": "counter", "uuid": "7b9f776e-723e-4aa8-a05f-5e683af1fcf1", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "116169b8-b9cf-4cff-b211-f121902e998e", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702970767", "to_ids": false, "type": "datetime", "uuid": "1ea23764-a99f-496e-bc4e-2d05b753ddc0", "value": "2023-12-19T07:22:05+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "dcf3ebb2-551e-4200-830e-84fcad428c93", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "f4a3d5f5-affb-4b69-9eb4-06db886048e0", "value": "ns-1684.awsdns-18.co.uk" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702971462", "to_ids": true, "type": "text", "uuid": "66a056e9-e152-4817-929e-e0460af9bbda", "value": "luxtrust.support" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702970767", "to_ids": false, "type": "datetime", "uuid": "585ac13f-87b8-4547-9978-07a812a026e6", "value": "2023-12-19T07:22:05+00:00" } ] }, { "comment": "luxtrust.support: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702977123", "uuid": "4e776373-54e8-43f5-9c7f-cab16b363230", "ObjectReference": [ { "comment": "", "object_uuid": "4e776373-54e8-43f5-9c7f-cab16b363230", "referenced_uuid": "e3ae2059-3cfc-4bc4-98b7-c9f511055b7f", "relationship_type": "hosted-by", "timestamp": "1702977123", "uuid": "03674519-9c8c-4186-b212-609592974c0f" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702970767", "to_ids": false, "type": "counter", "uuid": "f2f356a5-4b3a-439f-a968-1bfd9e8000a2", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "0dd8dfb1-cde8-4f65-856d-fe16b338a1b4", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702970767", "to_ids": false, "type": "datetime", "uuid": "259f3a75-9320-4790-9e6a-49f43a2ea964", "value": "2023-12-19T07:22:05+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "19dcdbb7-460b-4e4a-a5c6-b9b4b5b8e6e2", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702970767", "to_ids": false, "type": "text", "uuid": "caa4621a-ba05-4933-a97f-e1d3f50461a1", "value": "ns-566.awsdns-06.net" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702971478", "to_ids": true, "type": "text", "uuid": "e971b210-f363-4a96-80c6-d5aa60e5d875", "value": "luxtrust.support" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702970767", "to_ids": false, "type": "datetime", "uuid": "6ed63fe7-3e79-4145-a178-a796822f7925", "value": "2023-12-19T07:22:05+00:00" } ] }, { "comment": "luxtrust.support: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "first_seen": "2023-12-19T00:00:00+00:00", "last_seen": "2023-12-19T00:00:00+00:00", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702977212", "uuid": "a62e8c29-d5fd-4efd-ad1e-7c07491ac3c4", "ObjectReference": [ { "comment": "", "object_uuid": "a62e8c29-d5fd-4efd-ad1e-7c07491ac3c4", "referenced_uuid": "87640280-6595-43e7-b4bd-7f0bcba060cc", "relationship_type": "hosted-by", "timestamp": "1702977212", "uuid": "e625704c-2298-4644-adb8-905f84ae24f1" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702976956", "to_ids": false, "type": "counter", "uuid": "4e62b6b9-36f1-4e50-892d-113afda7da65", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702976956", "to_ids": false, "type": "text", "uuid": "3094627f-223d-4361-994c-edc372fb5450", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702976956", "to_ids": false, "type": "datetime", "uuid": "03e3f350-43b7-481b-9bb3-b983cd520f5e", "value": "2023-12-19T07:22:05+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702976956", "to_ids": false, "type": "text", "uuid": "69669e9d-176e-4bfc-9201-cff9f04ddca5", "value": "SOA" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702976956", "to_ids": false, "type": "text", "uuid": "4aa9c6bc-fafd-46c4-901e-16dde7207236", "value": "ns-566.awsdns-06.net awsdns-hostmaster.amazon.com 1 7200 900 1209600 86400" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702976956", "to_ids": true, "type": "text", "uuid": "595b30d1-4583-4863-97a6-62488ae7aba5", "value": "luxtrust.support" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702976956", "to_ids": false, "type": "datetime", "uuid": "2698755f-63d6-41aa-b8b9-91e5583f4333", "value": "2023-12-19T07:22:05+00:00" } ] }, { "comment": "cns-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702977027", "uuid": "26cc8401-561c-400c-8354-143e9118a5ed", "ObjectReference": [ { "comment": "", "object_uuid": "26cc8401-561c-400c-8354-143e9118a5ed", "referenced_uuid": "16938dd2-96b7-481e-a446-347ffddfd7b3", "relationship_type": "hosted-by", "timestamp": "1702977027", "uuid": "b9a408be-d065-441a-a029-3dd60f2e7a38" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702970777", "to_ids": false, "type": "counter", "uuid": "9f3dc447-5cca-4a21-98e2-4345fec85561", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702970777", "to_ids": false, "type": "text", "uuid": "a7dfa06f-98f2-4a6f-825e-561317642afa", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702970777", "to_ids": false, "type": "datetime", "uuid": "2decf978-dc61-4ecd-8f2f-07f9603d1e9f", "value": "2023-12-19T06:09:53+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702970777", "to_ids": false, "type": "text", "uuid": "796edaf3-b942-4fcb-bd23-d4f1baa2d01d", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702970777", "to_ids": false, "type": "text", "uuid": "f252c3db-1ba1-45f1-8141-d67f430855fd", "value": "ns-417.awsdns-52.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702971487", "to_ids": true, "type": "text", "uuid": "a5cd1e5f-6fe5-4e6f-8545-6a89f2d3b0a9", "value": "cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702970777", "to_ids": false, "type": "datetime", "uuid": "a4bf3876-e5ee-419a-8568-e550ad2a8b5b", "value": "2023-12-19T06:09:53+00:00" } ] }, { "comment": "cns-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702977080", "uuid": "75d8e3c4-c399-4a27-8dff-f0618a0177b0", "ObjectReference": [ { "comment": "", "object_uuid": "75d8e3c4-c399-4a27-8dff-f0618a0177b0", "referenced_uuid": "16938dd2-96b7-481e-a446-347ffddfd7b3", "relationship_type": "hosted-by", "timestamp": "1702977080", "uuid": "3ee85779-7bb1-454b-8491-93a24373b551" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702970777", "to_ids": false, "type": "counter", "uuid": "1d48ef5c-cbfd-43fc-855e-1597de01d8e4", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702970777", "to_ids": false, "type": "text", "uuid": "dae07c8b-8174-4c66-8618-eeb95d1bac15", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702970777", "to_ids": false, "type": "datetime", "uuid": "c2bdd9ba-a33c-4c65-82d9-e8a9319914a8", "value": "2023-12-19T06:09:53+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702970777", "to_ids": false, "type": "text", "uuid": "2134a003-ee81-4f67-a530-39118611b528", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702970777", "to_ids": false, "type": "text", "uuid": "273e1a9c-daaa-45e3-8974-dedd7c1e7e4a", "value": "ns-1004.awsdns-61.net" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702971490", "to_ids": true, "type": "text", "uuid": "a7b48592-f8ba-4e3a-927d-ee6d47cf6935", "value": "cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702970777", "to_ids": false, "type": "datetime", "uuid": "4e168f74-7917-4860-9e14-af224c817744", "value": "2023-12-19T06:09:53+00:00" } ] }, { "comment": "cns-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "first_seen": "2023-12-19T00:00:00+00:00", "last_seen": "2023-12-19T00:00:00+00:00", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702977093", "uuid": "f8e18655-d771-45c8-af2c-cecf2fee6a9d", "ObjectReference": [ { "comment": "", "object_uuid": "f8e18655-d771-45c8-af2c-cecf2fee6a9d", "referenced_uuid": "16938dd2-96b7-481e-a446-347ffddfd7b3", "relationship_type": "hosted-by", "timestamp": "1702977093", "uuid": "b727758d-429c-48b2-b0f8-1d86b720514d" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702971095", "to_ids": false, "type": "counter", "uuid": "a6e335ad-4436-432d-9a02-782066eae55f", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702971095", "to_ids": false, "type": "text", "uuid": "89405886-910f-4bac-9211-fc814e273a1f", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702971095", "to_ids": false, "type": "datetime", "uuid": "ca54d3ff-ea7b-4223-aac3-22a5701ba62f", "value": "2023-12-19T06:09:53+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702971095", "to_ids": false, "type": "text", "uuid": "fe9c0124-4d06-4d84-bcca-c1f8ae9dddce", "value": "NS" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702971095", "to_ids": false, "type": "text", "uuid": "84b3a542-2cb8-483a-9b50-7853b6bde3fa", "value": "ns-1064.awsdns-05.org" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702971519", "to_ids": true, "type": "text", "uuid": "91301aca-e656-4c15-9f65-40cf2ad1812c", "value": "cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702971095", "to_ids": false, "type": "datetime", "uuid": "9a85f727-d779-42e5-82fc-560bfcc0c300", "value": "2023-12-19T06:09:53+00:00" } ] }, { "comment": "cns-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702977108", "uuid": "e3ae2059-3cfc-4bc4-98b7-c9f511055b7f", "ObjectReference": [ { "comment": "", "object_uuid": "e3ae2059-3cfc-4bc4-98b7-c9f511055b7f", "referenced_uuid": "16938dd2-96b7-481e-a446-347ffddfd7b3", "relationship_type": "hosted-by", "timestamp": "1702977108", "uuid": "2195f9d7-6a9b-4996-a6c6-ab3c57a58b47" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702970778", "to_ids": false, "type": "counter", "uuid": "d7591bb3-3fc0-475f-85d5-53198af74649", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702970778", "to_ids": false, "type": "text", "uuid": "7740f650-02c5-47fe-bf97-840bd8ed6407", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702970778", "to_ids": false, "type": "datetime", "uuid": "4c0ceca3-ab28-45a0-888b-4d9a7d5eff5c", "value": "2023-12-19T06:09:53+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702970778", "to_ids": false, "type": "text", "uuid": "d39b54a2-f62b-41ab-82bf-7a60b72f43b5", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702970778", "to_ids": false, "type": "text", "uuid": "c6ca68f3-b09c-40c0-9dc5-214e42eddadb", "value": "ns-1932.awsdns-49.co.uk" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702971495", "to_ids": true, "type": "text", "uuid": "8737edf6-7366-4b8b-87ae-e830abc5d1c7", "value": "cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702970778", "to_ids": false, "type": "datetime", "uuid": "745b1dfb-1563-4144-8b2a-b2198a34ac57", "value": "2023-12-19T06:09:53+00:00" } ] }, { "comment": "cns-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702977066", "uuid": "3a04a344-f245-4565-8880-ee7da8f55886", "ObjectReference": [ { "comment": "", "object_uuid": "3a04a344-f245-4565-8880-ee7da8f55886", "referenced_uuid": "16938dd2-96b7-481e-a446-347ffddfd7b3", "relationship_type": "hosted-by", "timestamp": "1702977066", "uuid": "2b6cae29-f20c-4e4d-8983-9db4111e2784" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702970778", "to_ids": false, "type": "counter", "uuid": "c1f25136-8fbc-4b3b-a286-6f7c0a548f2f", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702970778", "to_ids": false, "type": "text", "uuid": "6c46694f-83d1-4e46-94a8-f536dcb804d2", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702970778", "to_ids": false, "type": "datetime", "uuid": "edadf5a8-d7f2-49ec-8ba0-df9c5313a6a8", "value": "2023-12-19T06:09:53+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702970778", "to_ids": false, "type": "text", "uuid": "010971d4-9d0b-4186-a11e-1ba4f7f8a2e7", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702970778", "to_ids": false, "type": "text", "uuid": "51b956d2-9614-491c-8efd-f7f576f0c6af", "value": "18.117.184.102" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702971500", "to_ids": true, "type": "text", "uuid": "3c69f63d-4119-4a2c-9115-d9e0c31b821a", "value": "cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702970778", "to_ids": false, "type": "datetime", "uuid": "0ba2777c-9128-41b5-a9a4-a14fb3b69806", "value": "2023-12-19T07:21:13+00:00" } ] }, { "comment": "cns-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702977138", "uuid": "87640280-6595-43e7-b4bd-7f0bcba060cc", "ObjectReference": [ { "comment": "", "object_uuid": "87640280-6595-43e7-b4bd-7f0bcba060cc", "referenced_uuid": "16938dd2-96b7-481e-a446-347ffddfd7b3", "relationship_type": "hosted-by", "timestamp": "1702977138", "uuid": "176874dd-b6d5-4c61-a948-2e697c5876e0" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702970778", "to_ids": false, "type": "counter", "uuid": "3c483dd7-4e04-45f8-b369-cb39a4760e2a", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702970778", "to_ids": false, "type": "text", "uuid": "65eef0cd-f6ec-49a1-839f-7df9576d3bd1", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702970778", "to_ids": false, "type": "datetime", "uuid": "e9e6c513-f8d5-4db7-afc5-ccdad39799ae", "value": "2023-12-19T07:21:32+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702970778", "to_ids": false, "type": "text", "uuid": "9cfa510e-ed0b-46b6-9d8f-00763a3ef0c4", "value": "SOA" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702970778", "to_ids": false, "type": "text", "uuid": "b44bc017-2b73-4335-99f0-7ed3b1eb7915", "value": "ns-1064.awsdns-05.org awsdns-hostmaster.amazon.com 1 7200 900 1209600 86400" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702971504", "to_ids": true, "type": "text", "uuid": "58c3c7ce-1efe-41c9-9c27-1dac9f54170d", "value": "cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702970778", "to_ids": false, "type": "datetime", "uuid": "63d3c7f7-deae-41dc-8870-6b27872f772e", "value": "2023-12-19T07:21:32+00:00" } ] }, { "comment": "ccss-public.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "first_seen": "2023-12-04T00:00:00+00:00", "last_seen": "2023-12-06T00:00:00+00:00", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702977157", "uuid": "d2f3711c-fc78-4463-b9f9-d3e69711f124", "ObjectReference": [ { "comment": "", "object_uuid": "d2f3711c-fc78-4463-b9f9-d3e69711f124", "referenced_uuid": "16938dd2-96b7-481e-a446-347ffddfd7b3", "relationship_type": "hosted-by", "timestamp": "1702977157", "uuid": "66e50b14-7abd-471f-b9cf-d2c2402beae8" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702971010", "to_ids": false, "type": "counter", "uuid": "06ef34f0-af0a-419c-9869-ede378cb2266", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702971010", "to_ids": false, "type": "text", "uuid": "99aff1ca-5e6e-4ac8-af97-1d65d62a9112", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702971010", "to_ids": false, "type": "datetime", "uuid": "060edb1c-2b7b-4222-9375-9befcacdce57", "value": "2023-12-04T15:07:11+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702971010", "to_ids": false, "type": "text", "uuid": "e3dfe153-ff4b-4ed9-b426-4f0020650d0c", "value": "A" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702971010", "to_ids": false, "type": "text", "uuid": "4c3f4029-627f-4a8e-a200-168b380b2415", "value": "54.211.144.11" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702971513", "to_ids": true, "type": "text", "uuid": "bbb34ffb-7cbc-4e28-8c26-702db3e63581", "value": "ccss-public.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702971010", "to_ids": false, "type": "datetime", "uuid": "a43d96ae-079e-4aed-b7c6-6a9482565575", "value": "2023-12-06T12:43:27+00:00" } ] }, { "comment": "ccss-public.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "first_seen": "2023-12-07T00:00:00+00:00", "last_seen": "2023-12-11T00:00:00+00:00", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1702977170", "uuid": "78a4958a-bae2-409b-8a45-5f96709691a6", "ObjectReference": [ { "comment": "", "object_uuid": "78a4958a-bae2-409b-8a45-5f96709691a6", "referenced_uuid": "87640280-6595-43e7-b4bd-7f0bcba060cc", "relationship_type": "hosted-by", "timestamp": "1702977169", "uuid": "dfcc1d06-ab17-4c54-a2b5-f6f4822794f5" } ], "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1702970976", "to_ids": false, "type": "counter", "uuid": "e859d60b-c7de-489d-975c-1909b6e9b2a9", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1702970976", "to_ids": false, "type": "text", "uuid": "e77345f3-9e21-46b1-b810-5c8747ff3a38", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1702970976", "to_ids": false, "type": "datetime", "uuid": "42b4fc02-17d9-4d4a-b943-b59c7cce83cd", "value": "2023-12-07T09:57:23+00:00" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1702970976", "to_ids": false, "type": "text", "uuid": "cd214892-254a-4e4c-9f3b-05883c43880d", "value": "A" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1702970976", "to_ids": false, "type": "text", "uuid": "6b680236-2c38-4b94-a39a-ffa2c9c0cbee", "value": "18.117.184.102" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1702971510", "to_ids": true, "type": "text", "uuid": "87faf614-277d-424c-a83f-ec18e2877613", "value": "ccss-public.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1702970976", "to_ids": false, "type": "datetime", "uuid": "300a5dae-3bb3-4e3e-b2f4-4c9777754e9c", "value": "2023-12-11T12:51:55+00:00" } ] }, { "comment": "www-cns-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1704276918", "uuid": "1db47c5c-0e8a-46e5-af37-7c0b553d0f25", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1704276918", "to_ids": false, "type": "counter", "uuid": "2ae61db0-c121-4c97-85b4-a27189e242c2", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1704276918", "to_ids": false, "type": "text", "uuid": "f633221a-c4fc-49d4-8786-a6e840d5db45", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1704276918", "to_ids": false, "type": "datetime", "uuid": "c4087fed-0768-43dd-9dc3-00adb745a4fd", "value": "2023-12-24T15:17:57+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1704276918", "to_ids": false, "type": "text", "uuid": "71aab429-e7ce-4972-bd7f-957fcc95c14a", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1704276918", "to_ids": true, "type": "text", "uuid": "f747cfe4-9642-4d48-9eec-6f62aa2d63b1", "value": "54.93.211.218" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1704276918", "to_ids": false, "type": "text", "uuid": "e04d6aad-b4b2-4702-a8ab-104f1038ceac", "value": "www-cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1704276918", "to_ids": false, "type": "datetime", "uuid": "d10744c8-5d31-4112-8c27-d2655425c85e", "value": "2023-12-29T12:53:49+00:00" } ] }, { "comment": "www-cns-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1704276918", "uuid": "90fac912-8faa-4967-9fde-71262c8fcde5", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1704276918", "to_ids": false, "type": "counter", "uuid": "75face1c-23cd-43d5-97fe-067e784a2c9a", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1704276918", "to_ids": false, "type": "text", "uuid": "0429ac16-bf80-465c-a11f-911948c8d378", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1704276918", "to_ids": false, "type": "datetime", "uuid": "59472a61-35e3-4fb6-80a0-3f7530669e5e", "value": "2023-12-24T15:17:57+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1704276918", "to_ids": false, "type": "text", "uuid": "884b6d8d-7b35-4e42-9e1e-895befbe2ea7", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1704276918", "to_ids": false, "type": "text", "uuid": "3d31395a-1ac8-4e5a-a2ed-0b36839e557e", "value": "ns-1809.awsdns-34.co.uk" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1704276918", "to_ids": false, "type": "text", "uuid": "771080e0-0ec5-4549-932a-6ee93745fccc", "value": "www-cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1704276918", "to_ids": false, "type": "datetime", "uuid": "92beaaee-4fab-434f-be8a-cbf1c6ddf3bf", "value": "2024-01-01T10:11:18+00:00" } ] }, { "comment": "www-cns-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1704276918", "uuid": "526fc830-0158-454c-b31a-5616781d5521", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1704276918", "to_ids": false, "type": "counter", "uuid": "d53b37f3-21cf-4024-b4e8-b04206ddc463", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1704276918", "to_ids": false, "type": "text", "uuid": "5d579c2a-dae8-4992-bbe3-c5b1df53f59c", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1704276918", "to_ids": false, "type": "datetime", "uuid": "46f25fa9-c7f8-49eb-96de-b1428a544025", "value": "2023-12-24T15:17:57+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1704276918", "to_ids": false, "type": "text", "uuid": "56b81b26-ba55-4d63-adcc-7e038f4f88c6", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1704276918", "to_ids": false, "type": "text", "uuid": "60b6410d-9b52-4e4e-bc26-fa535cdc12fb", "value": "ns-800.awsdns-36.net" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1704276918", "to_ids": true, "type": "text", "uuid": "e21f2487-716d-4089-990c-c17aa0b13062", "value": "www-cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1704276918", "to_ids": false, "type": "datetime", "uuid": "77c4cc06-ddac-4437-9bd6-d5c74a70af57", "value": "2024-01-01T10:11:18+00:00" } ] }, { "comment": "www-cns-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1704276918", "uuid": "7c7f5b07-6a2f-4e89-bd4b-0b4abb003ff9", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1704276918", "to_ids": false, "type": "counter", "uuid": "b6991e98-85b8-4d69-b1e4-860403daf463", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1704276918", "to_ids": false, "type": "text", "uuid": "2f490691-5dad-47a7-895c-f26437d376c1", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1704276918", "to_ids": false, "type": "datetime", "uuid": "06ed6a08-253b-4ca2-8977-efebc2711c0b", "value": "2023-12-24T15:17:57+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1704276918", "to_ids": false, "type": "text", "uuid": "047ac498-849c-4a8f-ad38-3b414d7b349e", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1704276918", "to_ids": false, "type": "text", "uuid": "8ec501bd-2d12-4633-8580-d902b170cb38", "value": "ns-1377.awsdns-44.org" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1704276918", "to_ids": true, "type": "text", "uuid": "6486765d-ba8e-4d23-9e09-59b90de8a3e6", "value": "www-cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1704276918", "to_ids": false, "type": "datetime", "uuid": "e12cc819-231d-4156-af4c-00d3d42e6c8b", "value": "2024-01-01T10:11:18+00:00" } ] }, { "comment": "www-cns-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1704276918", "uuid": "5e321b05-3652-487f-8901-3c5fae054dbf", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1704276919", "to_ids": false, "type": "counter", "uuid": "a8349e6d-bf68-46f9-8232-ddf14a0aa785", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1704276919", "to_ids": false, "type": "text", "uuid": "fbe4afdf-913b-480d-ba0f-fc1d7efb77cc", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1704276919", "to_ids": false, "type": "datetime", "uuid": "0e0fdf5a-e1c8-41ab-acca-f401cab6dc0e", "value": "2023-12-24T15:17:57+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1704276919", "to_ids": false, "type": "text", "uuid": "cd6b3a92-6c31-490f-814a-f0a7e95db1ff", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1704276919", "to_ids": false, "type": "text", "uuid": "832dc521-d47c-446b-90d0-48d22e60e65e", "value": "ns-185.awsdns-23.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1704276919", "to_ids": false, "type": "text", "uuid": "3f836b3d-d55a-4ed9-afc0-44030c9f98cf", "value": "www-cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1704276919", "to_ids": false, "type": "datetime", "uuid": "d46f4ffd-9a36-4654-bd29-41d3e017a308", "value": "2024-01-01T10:11:18+00:00" } ] }, { "comment": "www-cns-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1704276919", "uuid": "d9ffe987-6fd2-4b14-b299-0837d2acea3e", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1704276919", "to_ids": false, "type": "counter", "uuid": "51ee6ab6-b391-4403-a4c7-506eea6ca316", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1704276919", "to_ids": false, "type": "text", "uuid": "a821c357-b465-4e00-aa6c-de51c040032c", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1704276919", "to_ids": false, "type": "datetime", "uuid": "c7c4ccab-2822-4522-9f35-a31dfc35f195", "value": "2024-01-01T10:11:18+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1704276919", "to_ids": false, "type": "text", "uuid": "d423b436-7669-4afb-8884-6db0fcc8b9d7", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1704276919", "to_ids": false, "type": "text", "uuid": "caa614d4-d28a-436d-8aea-c20ba364e47e", "value": "35.177.103.239" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1704276919", "to_ids": false, "type": "text", "uuid": "c7d9095d-ac8b-4e28-9f7f-2bab7f1cadc8", "value": "www-cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1704276919", "to_ids": false, "type": "datetime", "uuid": "a8807bf1-c0af-443f-bc59-a0d4012560c0", "value": "2024-01-01T18:02:49+00:00" } ] }, { "comment": "54.93.211.218: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1704277024", "uuid": "5af48ad2-7964-412c-9a8c-9fa7775bdf08", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1704277024", "to_ids": false, "type": "counter", "uuid": "f4c710c3-300d-44c2-b58e-cbd56fb9bea4", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1704277024", "to_ids": false, "type": "text", "uuid": "fce87087-564d-47eb-a896-f73150261ac4", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1704277024", "to_ids": false, "type": "datetime", "uuid": "a6a864f3-202c-4a43-8086-28d240823b66", "value": "2023-12-28T07:20:46+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1704277024", "to_ids": false, "type": "text", "uuid": "a9c37027-8965-4012-aff3-3731452266be", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1704277024", "to_ids": false, "type": "text", "uuid": "14e2874a-49be-429a-a7b5-311055170bad", "value": "54.93.211.218" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1704277024", "to_ids": false, "type": "text", "uuid": "3cd19cfe-3436-40f6-a2ef-eee9e82371ae", "value": "luxtrust.co" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1704277024", "to_ids": false, "type": "datetime", "uuid": "c3b5dbc7-ecf2-41f7-b635-16632dc6facc", "value": "2023-12-28T07:20:46+00:00" } ] }, { "comment": "54.93.211.218: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1704277024", "uuid": "48211c46-99d6-4e05-a4a6-8d256cb2fd1c", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1704277024", "to_ids": false, "type": "counter", "uuid": "dfc9ef32-b540-44c8-b25a-cd7bcd410ab7", "value": "6" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1704277024", "to_ids": false, "type": "text", "uuid": "ecef5065-4b0f-417f-ae84-746accbbe1ba", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1704277024", "to_ids": false, "type": "datetime", "uuid": "6363d21f-73ed-4499-bdb3-c92ec0805f8a", "value": "2023-12-24T15:17:57+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1704277024", "to_ids": false, "type": "text", "uuid": "1b1445ad-6b75-4b68-9629-78c1d39047e5", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1704277024", "to_ids": false, "type": "text", "uuid": "22d2ee62-0e1a-4f7c-ae18-b4c4eed62776", "value": "54.93.211.218" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1704277024", "to_ids": false, "type": "text", "uuid": "b0ba25a6-ff08-4880-ad22-623f8f887cfa", "value": "www-cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1704277024", "to_ids": false, "type": "datetime", "uuid": "c46329ec-bdef-486d-bb7f-b942c8484295", "value": "2023-12-29T12:53:49+00:00" } ] }, { "comment": "35.177.103.239: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1704277194", "uuid": "ef1a611a-fdd6-4feb-a8b9-2e55a2d3a58e", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1704277194", "to_ids": false, "type": "counter", "uuid": "f32b4d96-380d-4c4d-8bb9-ad4212605ebf", "value": "2" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1704277194", "to_ids": false, "type": "text", "uuid": "481315c5-21bd-4ffa-b122-c2f0d36bdd79", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1704277194", "to_ids": false, "type": "datetime", "uuid": "4060d78b-309e-4e03-8f4b-3c6bf1108ae1", "value": "2024-01-01T06:20:20+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1704277194", "to_ids": false, "type": "text", "uuid": "b22d2d1d-4dc5-4093-ad6b-926b66fe2bbf", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1704277194", "to_ids": false, "type": "text", "uuid": "17dfc802-c901-4561-86bf-8ff6cf6837cd", "value": "35.177.103.239" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1704277194", "to_ids": true, "type": "text", "uuid": "244d67b0-15eb-4e16-8d7d-57dd306e28b2", "value": "tango-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1704277194", "to_ids": false, "type": "datetime", "uuid": "578aa083-78d7-4330-bdaf-2b830ad7d061", "value": "2024-01-01T10:19:23+00:00" } ] }, { "comment": "35.177.103.239: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1704277194", "uuid": "c92ec0a9-e8d4-4ebb-81a7-360b14669c6f", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1704277194", "to_ids": false, "type": "counter", "uuid": "505ff708-59df-4019-bf07-fd734afd066c", "value": "5" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1704277194", "to_ids": false, "type": "text", "uuid": "2a3568dc-1599-402b-83dd-337eebf4004f", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1704277194", "to_ids": false, "type": "datetime", "uuid": "558205c1-5820-420e-9dbc-8f4c2f564d36", "value": "2024-01-01T10:11:18+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1704277194", "to_ids": false, "type": "text", "uuid": "744a9d72-32ef-4197-8bd8-a1511b4e4d96", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1704277194", "to_ids": false, "type": "text", "uuid": "5f471c1d-75b0-41df-adce-7a35198ea67f", "value": "35.177.103.239" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1704277194", "to_ids": true, "type": "text", "uuid": "6517ba6f-39e1-4a74-bd15-a223ef4d396f", "value": "www-cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1704277194", "to_ids": false, "type": "datetime", "uuid": "13e96470-36bc-4e44-9e24-e504cb03f4d7", "value": "2024-01-01T18:02:49+00:00" } ] }, { "comment": "35.177.103.239: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1704277195", "uuid": "468b94dc-d2b4-48e2-a2bf-1bb77863e773", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1704277195", "to_ids": false, "type": "counter", "uuid": "e81c1924-81c6-4ca4-87bd-e06bc5617c65", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1704277195", "to_ids": false, "type": "text", "uuid": "c9e520ff-ff92-4880-b395-d6788a1f2c81", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1704277195", "to_ids": false, "type": "datetime", "uuid": "8909aa7c-8a3a-4641-87fc-fa3aabbe5f62", "value": "2024-01-02T13:42:31+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1704277195", "to_ids": false, "type": "text", "uuid": "75ba58f6-ab5e-4670-9c37-eb6ce559f237", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1704277195", "to_ids": false, "type": "text", "uuid": "643158de-c088-427e-9770-60b7dbfad24f", "value": "35.177.103.239" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1704277195", "to_ids": true, "type": "text", "uuid": "9343ca6c-7257-42d4-b5dd-9dc637e8cc86", "value": "luxtrust.co" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1704277195", "to_ids": false, "type": "datetime", "uuid": "bc070efa-b8de-45d0-ad1b-51a90ea11711", "value": "2024-01-02T13:42:31+00:00" } ] }, { "comment": "3.71.1.255: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1705419143", "uuid": "c8cd96b5-f93e-4b43-8e8e-e35243364255", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1705419143", "to_ids": false, "type": "counter", "uuid": "ae4e75c9-4024-46fc-863c-da695f75ee78", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1705419143", "to_ids": false, "type": "text", "uuid": "1a778571-5f3c-4bb0-a8c9-552babc45788", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1705419143", "to_ids": false, "type": "datetime", "uuid": "af06309d-3071-4495-8a0c-6292b7712e08", "value": "2024-01-10T14:00:09+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1705419143", "to_ids": false, "type": "text", "uuid": "6a610550-c8f2-4c55-b1dc-689bde02382d", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1705419143", "to_ids": false, "type": "text", "uuid": "81bb9318-a2fb-4ee3-9af6-81f8bc37698e", "value": "3.71.1.255" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1705419143", "to_ids": false, "type": "text", "uuid": "070d4658-2a32-4efc-aa57-f12616d29278", "value": "cns-public.eu" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1705419143", "to_ids": false, "type": "datetime", "uuid": "f6c67e82-a313-4bd4-a089-7bb72b9a379f", "value": "2024-01-10T14:00:09+00:00" } ] }, { "comment": "3.71.1.255: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1705419143", "uuid": "421ecb18-c199-4437-ace3-af08b2d449d6", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1705419143", "to_ids": false, "type": "counter", "uuid": "ae4aa47c-fbd4-4ab0-835d-248470f48268", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1705419143", "to_ids": false, "type": "text", "uuid": "f6054b7d-c4f9-4a2c-8c14-5ef2e566c1d8", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1705419143", "to_ids": false, "type": "datetime", "uuid": "999ca7be-55f5-44bd-af61-a2214d2ed6a3", "value": "2024-01-11T09:15:56+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1705419143", "to_ids": false, "type": "text", "uuid": "baef23e5-1e12-4d5d-8744-15d7ec70c89c", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1705419143", "to_ids": false, "type": "text", "uuid": "549f1080-0882-4f89-9608-c5fa5a5fa44c", "value": "3.71.1.255" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1705419143", "to_ids": false, "type": "text", "uuid": "8656c082-a654-4976-98da-b839a48f5e64", "value": "ccss-lu.eu" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1705419143", "to_ids": false, "type": "datetime", "uuid": "f9f22b67-731b-4240-a355-8e540fdda11d", "value": "2024-01-11T09:15:56+00:00" } ] }, { "comment": "3.71.1.255: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1705419143", "uuid": "f330f661-1ba2-4bdc-bcf9-2ec3d6f39f1e", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1705419143", "to_ids": false, "type": "counter", "uuid": "3448adeb-1587-41e8-afd8-641d3516e118", "value": "3" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1705419143", "to_ids": false, "type": "text", "uuid": "0fb1b542-a89b-47b1-9624-fccb716b4dd1", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1705419143", "to_ids": false, "type": "datetime", "uuid": "15617b1a-b2e7-441e-9018-1cd52d9f08a8", "value": "2024-01-09T07:44:24+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1705419143", "to_ids": false, "type": "text", "uuid": "103ba7fc-0bbf-4f56-89bb-ac81d1f2e9a5", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1705419143", "to_ids": false, "type": "text", "uuid": "ecc6e36e-9710-47f8-a207-7d453839ccf6", "value": "3.71.1.255" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1705419143", "to_ids": false, "type": "text", "uuid": "1c8cf0c4-0635-4006-b30d-bc4475979536", "value": "www-cns-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1705419143", "to_ids": false, "type": "datetime", "uuid": "ef0af5b9-e85e-4c09-a5da-cd502c6477fb", "value": "2024-01-16T15:18:05+00:00" } ] }, { "comment": "", "deleted": false, "description": "An IP address (or domain or hostname) and a port seen as a tuple (or as a triple) in a specific time frame.", "meta-category": "network", "name": "ip-port", "template_uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6", "template_version": "9", "timestamp": "1706173410", "uuid": "759c5813-7ac8-44e3-a4d3-fb22f05bb0e9", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1706173410", "to_ids": true, "type": "domain", "uuid": "7d354d19-0aae-41b0-bd60-d76d5aa357ee", "value": "ccss.support" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1706173410", "to_ids": true, "type": "domain", "uuid": "adf5bab5-4de5-485b-b02c-11039c6e1ceb", "value": "cfl-lu.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "dst-port", "timestamp": "1706173410", "to_ids": false, "type": "port", "uuid": "8ecd7819-e131-4022-a25d-253c14e2f3ce", "value": "443" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1706173410", "to_ids": true, "type": "hostname", "uuid": "5779cd5f-ff71-4305-859c-0ef57839f042", "value": "ccss.support" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1706173410", "to_ids": true, "type": "hostname", "uuid": "06a57ad2-ff6c-4cc5-aa84-e386054025c1", "value": "cfl-lu.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1706173410", "to_ids": true, "type": "hostname", "uuid": "25688f5e-06e1-4013-8b4a-ae7e6b7c3992", "value": "3-71-1-255.plesk.page" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1706173410", "to_ids": true, "type": "hostname", "uuid": "601670e7-ccb3-460e-a9c5-d6cacd3e3aae", "value": "quizzical-feistel.3-71-1-255.plesk.page" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1706173410", "to_ids": true, "type": "hostname", "uuid": "0455a2ba-6657-4dcc-b13d-810128843c2d", "value": "ec2-3-71-1-255.eu-central-1.compute.amazonaws.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1706173410", "to_ids": true, "type": "ip-dst", "uuid": "365f44f9-2d1b-4e9e-9378-2cf131686a9a", "value": "3.71.1.255" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip-dst", "timestamp": "1706173410", "to_ids": true, "type": "ip-dst", "uuid": "e649d306-abc6-4868-bf21-8d3ed3ca7bc0", "value": "3.71.1.255" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "AS", "timestamp": "1706173410", "to_ids": false, "type": "AS", "uuid": "f0acd92d-3ced-40c3-be52-6c5fb15a8ede", "value": "16509" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "protocol", "timestamp": "1706173410", "to_ids": false, "type": "text", "uuid": "d369f66f-2149-41e1-8fad-d0b9b08e467b", "value": "HTTPS" } ] }, { "comment": "luxtrust-cancel.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1706516551", "uuid": "332102a3-0278-40b9-a6a2-55115bb59baf", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1706516551", "to_ids": false, "type": "counter", "uuid": "7eb12077-311b-4588-8961-9af1bb011bf1", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1706516551", "to_ids": false, "type": "text", "uuid": "0a1c2154-73fc-4a04-bf9f-713bba0efcb6", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1706516551", "to_ids": false, "type": "datetime", "uuid": "aa2b1386-e0ec-4721-a371-e26e067f0e6c", "value": "2024-01-29T08:16:34+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1706516551", "to_ids": false, "type": "text", "uuid": "52416693-ad80-46d8-92cf-acb0daee6fe0", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1706516551", "to_ids": false, "type": "text", "uuid": "0acb84a5-d945-4ce3-b9fe-71f9141ed819", "value": "13.48.203.238" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1706516551", "to_ids": false, "type": "text", "uuid": "753c40cb-3849-4be4-8236-19fb06c31aa7", "value": "luxtrust-cancel.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1706516551", "to_ids": false, "type": "datetime", "uuid": "ecdd8d2d-e0de-4901-a12b-f4ab2e5a6aa1", "value": "2024-01-29T08:16:34+00:00" } ] }, { "comment": "www-cns.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1706516581", "uuid": "3ebf35da-eb90-4ccd-a7a8-b6526a774196", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1706516581", "to_ids": false, "type": "counter", "uuid": "8917feb1-41de-46ea-82c1-d797334d5a32", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1706516581", "to_ids": false, "type": "text", "uuid": "9c562886-8fe0-4dc7-82aa-6bd8904e0ebc", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1706516581", "to_ids": false, "type": "datetime", "uuid": "19979ecc-bb09-4526-9bda-29337a302015", "value": "2024-01-26T22:38:10+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1706516581", "to_ids": false, "type": "text", "uuid": "9c03e659-2720-48b7-ac4e-aecc8da12002", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1706516581", "to_ids": false, "type": "text", "uuid": "b39acf4c-6737-48a1-a200-84a3edc3a7f3", "value": "ns-1194.awsdns-21.org" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1706516581", "to_ids": false, "type": "text", "uuid": "c0cfa478-e883-4ee4-be29-dc7585c74bce", "value": "www-cns.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1706516581", "to_ids": false, "type": "datetime", "uuid": "967992e4-ebd4-4c1b-9433-03e6d0f0a0d5", "value": "2024-01-26T22:38:10+00:00" } ] }, { "comment": "www-cns.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1706516581", "uuid": "96ba33c3-3872-4070-95cc-e1d8d6154028", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1706516581", "to_ids": false, "type": "counter", "uuid": "62bfd97e-79c5-4476-92f6-d9d830203b2d", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1706516581", "to_ids": false, "type": "text", "uuid": "7eb074cd-a67b-4f94-af2e-f3a13b85e898", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1706516581", "to_ids": false, "type": "datetime", "uuid": "a6228abd-38e8-4459-9dcd-551e15977837", "value": "2024-01-26T22:38:10+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1706516581", "to_ids": false, "type": "text", "uuid": "6f648092-6c92-4910-8c48-5f3baedf1b10", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1706516581", "to_ids": false, "type": "text", "uuid": "869f1df5-2426-4958-90dc-27f983bcf9d7", "value": "ns-1016.awsdns-63.net" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1706516581", "to_ids": false, "type": "text", "uuid": "750a1a25-7896-43e4-9489-629e23ff0183", "value": "www-cns.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1706516581", "to_ids": false, "type": "datetime", "uuid": "ef5d2b2e-b617-4d43-a609-3371651a0671", "value": "2024-01-26T22:38:10+00:00" } ] }, { "comment": "www-cns.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1706516581", "uuid": "b63220f5-d1b3-4d2d-9b87-b43321c9a009", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1706516581", "to_ids": false, "type": "counter", "uuid": "cbc0da47-ec2a-4abd-b6f2-4bb82b1a183d", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "d83f47a0-a9be-4fbb-9b7c-494f067f6c8f", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1706516582", "to_ids": false, "type": "datetime", "uuid": "dda7051d-c841-44db-8103-0bd0b0e436d8", "value": "2024-01-26T22:38:10+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "068e79ee-0388-4f26-8877-eaa202bb545c", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "eba98f26-f691-4fec-827c-8d5a23859604", "value": "ns-356.awsdns-44.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "94fc8a64-12cc-4979-abf8-8e74b8964f91", "value": "www-cns.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1706516582", "to_ids": false, "type": "datetime", "uuid": "51873096-0961-447e-b77c-26a7db3587db", "value": "2024-01-26T22:38:10+00:00" } ] }, { "comment": "www-cns.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1706516582", "uuid": "36ab853d-f0b8-41e3-9536-12f611f2ec2a", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1706516582", "to_ids": false, "type": "counter", "uuid": "a3417b40-1752-4430-9729-e9d444625e11", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "09909903-82f5-4891-a580-2ebe8bf00fc0", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1706516582", "to_ids": false, "type": "datetime", "uuid": "57825328-2752-45da-8dee-1b14d3e5de77", "value": "2024-01-26T22:38:10+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "f80ab4b2-75f8-4734-be60-ff800f8055c6", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "090800ee-377f-49ec-9b42-47356822b4ee", "value": "ns-2013.awsdns-59.co.uk" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "fdd05c96-fcc6-4d1a-a3bd-58b9560a68d8", "value": "www-cns.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1706516582", "to_ids": false, "type": "datetime", "uuid": "02ebd2fe-bab7-479b-a761-3088801b3b8c", "value": "2024-01-26T22:38:10+00:00" } ] }, { "comment": "www-cns.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1706516582", "uuid": "83798e92-c141-4bc8-98cb-27de4a0e8bdb", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1706516582", "to_ids": false, "type": "counter", "uuid": "f6b471ef-f538-4822-89fe-98d204daf5db", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "8e3a5d46-745a-4d9c-97a5-de21a39e5d4c", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1706516582", "to_ids": false, "type": "datetime", "uuid": "e83ae7d8-a068-4a83-aeae-26f65b7ee358", "value": "2024-01-27T06:43:33+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "c4caf0a8-90d3-4a21-af49-e6c2ad27c44e", "value": "SOA" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "dd6dc2a0-7974-471f-a221-a4bf3480e50e", "value": "ns-356.awsdns-44.com awsdns-hostmaster.amazon.com 1 7200 900 1209600 86400" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "dc34ecfd-a200-45e3-b17d-648ae0bf8eb5", "value": "www-cns.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1706516582", "to_ids": false, "type": "datetime", "uuid": "ddebc4c0-bd35-4ee0-840a-a23bb897a661", "value": "2024-01-27T06:43:33+00:00" } ] }, { "comment": "www-cns.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1706516582", "uuid": "b24f9876-fc01-4011-9e1a-f5756419d8c0", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1706516582", "to_ids": false, "type": "counter", "uuid": "93ba356f-2dea-4c38-ae3d-dd17cb790fb9", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "ecdd1c05-0bfb-4e1f-a939-e5c8e0fe48ab", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1706516582", "to_ids": false, "type": "datetime", "uuid": "8bb743f0-c14b-4cb5-bdba-c8b1f65a03a3", "value": "2024-01-26T21:02:34+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "579fbf95-c328-472a-9f60-e941363c42f1", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "1513895e-41cc-4d51-8606-607a990620d7", "value": "13.48.203.238" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1706516582", "to_ids": false, "type": "text", "uuid": "a251cd7a-c408-4076-9a2a-341860af4124", "value": "www-cns.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1706516582", "to_ids": false, "type": "datetime", "uuid": "d01ed8af-8cf7-43bd-9ca0-f561e732c411", "value": "2024-01-29T08:14:18+00:00" } ] }, { "comment": "", "deleted": false, "description": "Phishing template to describe a phishing website and its analysis.", "meta-category": "network", "name": "phishing", "template_uuid": "2dad6f9d-d425-4217-8fda-0b0a2d815307", "template_version": "6", "timestamp": "1706711211", "uuid": "410ad9a6-d51e-4b73-8514-06941ed97084", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1706711211", "to_ids": true, "type": "hostname", "uuid": "a268e631-8535-4538-8759-3feec164d4b2", "value": "sante-lu.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1706711211", "to_ids": true, "type": "hostname", "uuid": "e3bbcc37-3764-484a-ab2c-1baa6460d1f7", "value": "13.48.203.238" }, { "category": "Internal reference", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "internal-reference", "timestamp": "1706711211", "to_ids": false, "type": "text", "uuid": "97c102f0-b0c3-4d55-af1b-018cf185ffbf", "value": "3705060" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1706711211", "to_ids": true, "type": "url", "uuid": "041cf948-f69c-4dca-aff0-6f73b1e717b0", "value": "https://sante-lu.com/index.php" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url-redirect", "timestamp": "1706711211", "to_ids": true, "type": "url", "uuid": "3b0cfa3f-fad3-4413-aad9-7e235b2ad9e1", "value": "https://sante-lu.com/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "online", "timestamp": "1706711211", "to_ids": false, "type": "text", "uuid": "542b0b6f-e3e5-426e-a0cf-e57e6563c8e9", "value": "Yes" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "target", "timestamp": "1706711211", "to_ids": false, "type": "text", "uuid": "3a32935e-48e5-43f0-b7d0-8133a9dc8fe5", "value": "CCSS" } ] }, { "comment": "", "deleted": false, "description": "A domain/hostname and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "11", "timestamp": "1706866347", "uuid": "e0c62f70-371f-48e1-ba56-c02f808de743", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1706866347", "to_ids": true, "type": "domain", "uuid": "f8673f1f-4fff-4253-be4e-c3a0fd6f7b13", "value": "luxtrust-help.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1706866347", "to_ids": true, "type": "hostname", "uuid": "5276c4de-50bf-40d7-a6c9-69bf70c0974f", "value": "luxtrust-help.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1706866347", "to_ids": true, "type": "ip-dst", "uuid": "24188d06-cd2f-4e14-955e-71c4f33549b2", "value": "54.170.251.238" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "port", "timestamp": "1706866347", "to_ids": false, "type": "port", "uuid": "51727ff1-8d05-476a-991e-b35bbb924969", "value": "443" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1706866347", "to_ids": false, "type": "text", "uuid": "99d4f5ee-bfb9-4a4d-8ebb-ef7cd7f99c47", "value": "Amazon Technologies Inc." } ] }, { "comment": "luxtrust-unlock.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1707383751", "uuid": "291651ff-e199-4079-b392-645b0b1291e3", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1707383751", "to_ids": false, "type": "counter", "uuid": "ad422661-3dfb-46d5-b950-b6e477f755d5", "value": "2" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "b6d6e361-2aed-485d-b1b9-0de522aa0626", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1707383751", "to_ids": false, "type": "datetime", "uuid": "3907d152-228e-4054-ac67-9f535f962945", "value": "2024-02-08T08:49:51+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "f63b1368-bc65-4e1f-a925-dfb6c02b0f61", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "9e9b0b29-85d7-4c48-8375-01f73c57ab3d", "value": "35.180.136.109" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "96e29b50-e620-49b7-922b-487cc9990780", "value": "luxtrust-unlock.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1707383751", "to_ids": false, "type": "datetime", "uuid": "e907519f-fdb3-4dcb-8471-ebc959a6f9c1", "value": "2024-02-08T08:55:26+00:00" } ] }, { "comment": "luxtrust-unlock.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1707383751", "uuid": "62632fd8-27b2-4512-8b15-d1a11dc49746", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1707383751", "to_ids": false, "type": "counter", "uuid": "d9cba789-ecff-4af1-92ab-3dcbd8e6d50a", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "0edd5d06-16a6-4244-9709-bd118b370115", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1707383751", "to_ids": false, "type": "datetime", "uuid": "6bfab71f-3b5d-4d78-bc1e-4c69c42279e7", "value": "2024-02-08T08:55:26+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "9c667da7-b5b8-4f52-8543-13e76228db5d", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "2f328b03-1814-48a9-9cc3-0f67a70f0053", "value": "ns-1769.awsdns-29.co.uk" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "8962e22f-fe06-4448-9317-4998bd34929e", "value": "luxtrust-unlock.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1707383751", "to_ids": false, "type": "datetime", "uuid": "32bb50cc-fdce-4f39-a408-3fcc998bc8c9", "value": "2024-02-08T08:55:26+00:00" } ] }, { "comment": "luxtrust-unlock.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1707383751", "uuid": "10319722-5fb4-46ef-a45f-e447a7f8b172", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1707383751", "to_ids": false, "type": "counter", "uuid": "4ed50a6a-8408-4423-95d0-5b975daff712", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "48ca3a02-4e79-47dd-b45a-eebb1e8a5aab", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1707383751", "to_ids": false, "type": "datetime", "uuid": "5104bca9-e9a1-4c53-ba37-19cfdabd03c4", "value": "2024-02-08T08:55:26+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "d0545ea8-d9cb-438f-8731-faf90633175b", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "eb1958c1-f581-4599-ac30-34382451aad2", "value": "ns-668.awsdns-19.net" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "90ef3fb9-ea21-42dc-9a8e-858a292621be", "value": "luxtrust-unlock.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1707383751", "to_ids": false, "type": "datetime", "uuid": "863405d9-de5c-48d7-a738-aae63fecc916", "value": "2024-02-08T08:55:26+00:00" } ] }, { "comment": "luxtrust-unlock.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1707383751", "uuid": "edf18f0b-f6dd-4375-a09e-723f6addc349", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1707383751", "to_ids": false, "type": "counter", "uuid": "08e89231-dbc4-489e-b046-b538173eb686", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "a79b4b8b-7ef9-4c06-82cb-3a0d31040d4f", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1707383751", "to_ids": false, "type": "datetime", "uuid": "3abc441f-9626-43f4-a448-a5681aa9f38d", "value": "2024-02-08T08:55:26+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "3644cd23-0a15-4f4a-8246-60f932bcf866", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "da1b53cc-6440-4b8f-ac0f-cc53ea75c369", "value": "ns-1148.awsdns-15.org" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "2b086751-40fd-4743-87f7-edbd143830ad", "value": "luxtrust-unlock.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1707383751", "to_ids": false, "type": "datetime", "uuid": "0d2c5bde-8d5a-465a-a07c-af7f20fb2456", "value": "2024-02-08T08:55:26+00:00" } ] }, { "comment": "luxtrust-unlock.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1707383751", "uuid": "35468c54-cc35-4f74-aa93-c1e8cff3d7ef", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1707383751", "to_ids": false, "type": "counter", "uuid": "0d950493-a42d-493d-836d-92b57db2751e", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "8261f06a-baf0-4154-a959-a47b1cb68c5d", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1707383751", "to_ids": false, "type": "datetime", "uuid": "56f37483-5e72-4e45-b59f-74d4f7d5a1f4", "value": "2024-02-08T08:55:26+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "d51ad948-ea9e-444b-948b-0ac8b529564b", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "65f331ed-7b62-4e8f-ae94-3e23097d3912", "value": "ns-508.awsdns-63.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "bda260b2-ba4e-4e6c-b784-644680ff03e7", "value": "luxtrust-unlock.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1707383751", "to_ids": false, "type": "datetime", "uuid": "e3e74565-6ebc-4192-9668-513b78549851", "value": "2024-02-08T08:55:26+00:00" } ] }, { "comment": "luxtrust-unlock.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1707383751", "uuid": "3c19b823-a9c2-40b6-a38d-b54d97b7e8de", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1707383751", "to_ids": false, "type": "counter", "uuid": "b841ef55-630b-4838-85a8-2b12e5802874", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "49ff26cc-34b0-49aa-b54b-04270df18df2", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1707383751", "to_ids": false, "type": "datetime", "uuid": "07777808-4669-4420-8224-44ddb0328323", "value": "2024-02-08T08:55:26+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "e3196592-ed21-48ec-8740-088ab941ca51", "value": "SOA" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "5eb4feb0-d0eb-42e8-8551-f4815d5057ec", "value": "ns-1769.awsdns-29.co.uk awsdns-hostmaster.amazon.com 1 7200 900 1209600 86400" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1707383751", "to_ids": false, "type": "text", "uuid": "c06843b0-222f-4114-b61e-d70b6c6fc87b", "value": "luxtrust-unlock.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1707383751", "to_ids": false, "type": "datetime", "uuid": "8b72a1da-f2e4-4210-9738-cd7c41ce8897", "value": "2024-02-08T08:55:26+00:00" } ] }, { "comment": "ccss-sante-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1707383942", "uuid": "d651ee3a-5e14-4e02-8b22-360cf136e00c", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1707383942", "to_ids": false, "type": "counter", "uuid": "0773ecea-f23e-4d48-9c34-16ee76407e2a", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1707383942", "to_ids": false, "type": "text", "uuid": "ccb3be0f-3772-4e20-95c8-aef034d6817d", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1707383942", "to_ids": false, "type": "datetime", "uuid": "d5b4f9bf-30b3-4bc5-a47a-0b86c6825dc9", "value": "2024-02-08T08:58:25+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1707383942", "to_ids": false, "type": "text", "uuid": "ccdf1cd3-d7a8-4111-acfd-27be9d7d784b", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1707383942", "to_ids": false, "type": "text", "uuid": "8a1302e9-5404-4d3e-b89e-f06066eb3b1f", "value": "ns-296.awsdns-37.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1707383942", "to_ids": false, "type": "text", "uuid": "efb1cad0-3173-470a-8df0-87d89ce682f1", "value": "ccss-sante-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1707383942", "to_ids": false, "type": "datetime", "uuid": "07f8b084-6a6c-4a01-b3a3-da4bad46e020", "value": "2024-02-08T08:58:25+00:00" } ] }, { "comment": "ccss-sante-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1707383943", "uuid": "1ba400b2-d40c-4e16-bfcf-0712d52d67ef", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1707383943", "to_ids": false, "type": "counter", "uuid": "5492301c-669c-4b0b-85e8-c5b0e1325971", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "36e7de93-81ae-4848-8832-7ddb2c1e43ee", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1707383943", "to_ids": false, "type": "datetime", "uuid": "80a1fbc2-98e2-4eba-9bf0-c51a239604bb", "value": "2024-02-08T08:58:25+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "266dfb84-e5a6-4d2a-9c54-4775faa956d8", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "44266da5-ea43-4b03-9c07-0f1791b18297", "value": "ns-920.awsdns-51.net" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "b01481c9-5ab5-4564-a2bf-79628d3fa850", "value": "ccss-sante-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1707383943", "to_ids": false, "type": "datetime", "uuid": "cc58a6d8-f079-4728-8efc-eea846f6f8ff", "value": "2024-02-08T08:58:25+00:00" } ] }, { "comment": "ccss-sante-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1707383943", "uuid": "77910ba0-4117-4ac5-a355-69098503b950", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1707383943", "to_ids": false, "type": "counter", "uuid": "03bd37b6-184a-45fb-bb59-7586afac67d3", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "c866da77-fa2f-499e-b877-4d88910acabe", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1707383943", "to_ids": false, "type": "datetime", "uuid": "f33239fe-247e-446c-a3df-d10388d140c6", "value": "2024-02-08T08:58:25+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "6706c335-3594-4880-b31d-a72f006a7f89", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "957b55bd-19af-4739-94ed-a9e7e66621dd", "value": "ns-1790.awsdns-31.co.uk" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "0506906a-25c9-4b48-953e-083cccc46ed9", "value": "ccss-sante-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1707383943", "to_ids": false, "type": "datetime", "uuid": "9dffd720-e1c0-4674-b335-c019aba1e511", "value": "2024-02-08T08:58:25+00:00" } ] }, { "comment": "ccss-sante-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1707383943", "uuid": "12446191-c1ad-4dcb-bd0a-26b238d73947", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1707383943", "to_ids": false, "type": "counter", "uuid": "13df4cb5-ab8f-4465-a165-fb040af92b64", "value": "1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "6b13b273-867d-4ed9-b333-267230a8d2f6", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1707383943", "to_ids": false, "type": "datetime", "uuid": "200a937e-3374-4b27-b2f7-c0673d6834ad", "value": "2024-02-08T08:58:25+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "33f7332f-9aa6-452a-8c17-92970405031a", "value": "NS" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "274b618c-a4e4-4393-94e0-50a4ba735f2a", "value": "ns-1129.awsdns-13.org" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "9fe664fe-b541-4b22-bf03-7ba6dbfb7383", "value": "ccss-sante-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1707383943", "to_ids": false, "type": "datetime", "uuid": "5fefc123-d66b-4557-a2bf-950bc533b56b", "value": "2024-02-08T08:58:25+00:00" } ] }, { "comment": "ccss-sante-lu.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1707383943", "uuid": "3ae90b6f-daf8-4da2-924c-9a0f518fde4a", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1707383943", "to_ids": false, "type": "counter", "uuid": "ded29b32-987d-4377-98f5-42e06bb42246", "value": "3" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "d99cd7c9-fc26-4688-8a60-377a6af3d0a1", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1707383943", "to_ids": false, "type": "datetime", "uuid": "69465587-73ab-4967-bc61-08914352c1e7", "value": "2024-02-07T07:43:10+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "e6fea342-380e-4184-883d-61c53208620d", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "35d7b892-dff0-476d-9dda-d13139aca2ed", "value": "35.180.136.109" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1707383943", "to_ids": false, "type": "text", "uuid": "849025c8-6214-40cc-abd9-b068ff2eec48", "value": "ccss-sante-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1707383943", "to_ids": false, "type": "datetime", "uuid": "030da0f2-1ffe-47c6-9e90-7072da6f5111", "value": "2024-02-08T09:02:37+00:00" } ] }, { "comment": "Enriched via the url_import module", "deleted": false, "description": "url object describes an url along with its normalized field (like extracted using faup parsing library) and its metadata.", "meta-category": "network", "name": "url", "template_uuid": "60efb77b-40b5-4c46-871b-ed1ed999fce5", "template_version": "9", "timestamp": "1710757060", "uuid": "7417b9cc-5f50-458a-bea0-cf620fc2e8b7", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1710757060", "to_ids": true, "type": "url", "uuid": "477f5021-67dc-4bb0-8dbf-209db186b0e6", "value": "https://public-ccss.com/index.php" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "tld", "timestamp": "1710757060", "to_ids": false, "type": "text", "uuid": "3ccb55ea-4f9e-4f42-a3a7-1761e9bfd179", "value": "com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "resource_path", "timestamp": "1710757060", "to_ids": false, "type": "text", "uuid": "893b75f6-e368-42ce-815f-237c325c739b", "value": "/index.php" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "host", "timestamp": "1710757060", "to_ids": true, "type": "hostname", "uuid": "fba22910-7f59-4850-a68a-ee0909562376", "value": "public-ccss.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain_without_tld", "timestamp": "1710757060", "to_ids": false, "type": "text", "uuid": "76e86a8e-6050-470f-af07-830c1a06fff6", "value": "public-ccss" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1710757060", "to_ids": true, "type": "domain", "uuid": "ad934c01-38cb-4678-a8e7-9dd715db9227", "value": "public-ccss.com" } ] }, { "comment": "public-ccss.com: Enriched via the circl_passivedns module", "deleted": false, "description": "Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html", "meta-category": "network", "name": "passive-dns", "template_uuid": "b77b7b1c-66ab-4a41-8da4-83810f6d2d6c", "template_version": "5", "timestamp": "1710757106", "uuid": "e65bbf37-9221-472c-94a6-90cb59d1d65c", "Attribute": [ { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "count", "timestamp": "1710757106", "to_ids": false, "type": "counter", "uuid": "81d6d5aa-e018-405a-a3ec-df7db7044ff0", "value": "6" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "origin", "timestamp": "1710757106", "to_ids": false, "type": "text", "uuid": "95ac9186-978a-4003-8c67-5f9173c08949", "value": "https://www.circl.lu/pdns/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_first", "timestamp": "1710757106", "to_ids": false, "type": "datetime", "uuid": "04173f64-2ba3-48c5-b1a4-f0f02e115512", "value": "2024-03-07T09:27:05+00:00" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "rrtype", "timestamp": "1710757106", "to_ids": false, "type": "text", "uuid": "28cea02a-e6c0-484e-9349-b77bd100ac58", "value": "A" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rrname", "timestamp": "1710757106", "to_ids": false, "type": "text", "uuid": "eeb6d0c6-f579-4320-862c-749199245607", "value": "51.20.69.186" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "rdata", "timestamp": "1710757106", "to_ids": false, "type": "text", "uuid": "e91bdda4-7c21-461f-9360-198bd3c1fb9f", "value": "public-ccss.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "time_last", "timestamp": "1710757106", "to_ids": false, "type": "datetime", "uuid": "1482b1de-5eb6-4266-81ca-19d6b20142cd", "value": "2024-03-13T10:22:44+00:00" } ] }, { "comment": "Enriched via the url_import module", "deleted": false, "description": "url object describes an url along with its normalized field (like extracted using faup parsing library) and its metadata.", "meta-category": "network", "name": "url", "template_uuid": "60efb77b-40b5-4c46-871b-ed1ed999fce5", "template_version": "9", "timestamp": "1711116349", "uuid": "76e2f57a-b445-4902-a3fa-1f8d8986b166", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1711116349", "to_ids": true, "type": "url", "uuid": "074b8863-f11e-4ff3-ad3c-884a12d95ce0", "value": "https://help-luxtrust.lu/index.php?success=validatedok" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "tld", "timestamp": "1711116349", "to_ids": false, "type": "text", "uuid": "016d948b-b7eb-4d77-b1fb-51de74c732ae", "value": "lu" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "resource_path", "timestamp": "1711116349", "to_ids": false, "type": "text", "uuid": "8d7a6ef6-689a-4871-9d6a-2fce4724b944", "value": "/index.php" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "query_string", "timestamp": "1711116349", "to_ids": false, "type": "text", "uuid": "b920c885-3da6-4bb5-bbef-c23cca86d553", "value": "?success=validatedok" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "host", "timestamp": "1711116349", "to_ids": true, "type": "hostname", "uuid": "82089c02-3a26-4d45-95f5-435d3240e41d", "value": "help-luxtrust.lu" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain_without_tld", "timestamp": "1711116349", "to_ids": false, "type": "text", "uuid": "65f981fc-82c4-47bc-a436-f1939af5b6e4", "value": "help-luxtrust" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1711116349", "to_ids": true, "type": "domain", "uuid": "2304580a-e081-4090-bb1a-abf558ff9cc8", "value": "help-luxtrust.lu" } ] }, { "comment": "", "deleted": false, "description": "Phishing template to describe a phishing website and its analysis.", "meta-category": "network", "name": "phishing", "template_uuid": "2dad6f9d-d425-4217-8fda-0b0a2d815307", "template_version": "6", "timestamp": "1711628075", "uuid": "a8b58223-ba50-4bbb-b9b2-242f944a7395", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1711628075", "to_ids": true, "type": "hostname", "uuid": "0e28357f-1e27-48e3-87bc-f33aca2f06db", "value": "3.82.24.34" }, { "category": "Internal reference", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "internal-reference", "timestamp": "1711628075", "to_ids": false, "type": "text", "uuid": "31d86cb9-bdb2-426a-b1cc-42d4531244a3", "value": "3772453" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "takedown-request-to", "timestamp": "1711628075", "to_ids": false, "type": "text", "uuid": "d1822321-9005-4326-96ba-1f56eaabdc8b", "value": "abuse@amazonaws.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1711628075", "to_ids": true, "type": "url", "uuid": "202859b9-00c2-4667-9c86-81f1a5447d7b", "value": "https://carte-sante-lu.com/index.php?success=validatedok" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url-redirect", "timestamp": "1711628075", "to_ids": true, "type": "url", "uuid": "baccf75c-d0bf-4fb3-8d6b-fde88989ba2d", "value": "https://cns-order.com/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "online", "timestamp": "1711628075", "to_ids": false, "type": "text", "uuid": "18f60446-d4f0-4406-9944-29aff91b297d", "value": "Yes" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "target", "timestamp": "1711628075", "to_ids": false, "type": "text", "uuid": "757775d0-245d-4497-ac62-0040ba03298a", "value": "CCSS" } ] }, { "comment": "", "deleted": false, "description": "url object describes an url along with its normalized field (like extracted using faup parsing library) and its metadata.", "meta-category": "network", "name": "url", "template_uuid": "60efb77b-40b5-4c46-871b-ed1ed999fce5", "template_version": "9", "timestamp": "1711717373", "uuid": "8ed65adc-0692-4295-b3d0-6a4b8816cce5", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1711717373", "to_ids": true, "type": "url", "uuid": "67026583-1f44-4040-9ed1-990ddcaa3202", "value": "https://infoluxtrust.com/steps/luxtrust/" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1711717373", "to_ids": true, "type": "domain", "uuid": "c7d25b15-fa35-4c0b-b857-41ec0175ad49", "value": "infoluxtrust.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain_without_tld", "timestamp": "1711717373", "to_ids": false, "type": "text", "uuid": "681231a6-e135-4bd5-a0dc-b1ddbda07603", "value": "infoluxtrust" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1711717373", "to_ids": true, "type": "ip-dst", "uuid": "fe305bb2-fefc-4c71-bf87-8d6decbcd080", "value": "3.79.236.229" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "port", "timestamp": "1711717373", "to_ids": false, "type": "port", "uuid": "2f882f6d-4bb5-4197-801f-81fc597c4693", "value": "443" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "resource_path", "timestamp": "1711717373", "to_ids": false, "type": "text", "uuid": "f2648595-eb56-46aa-8a65-28e313ee6301", "value": "/steps/luxtrust/" } ] }, { "comment": "", "deleted": false, "description": "url object describes an url along with its normalized field (like extracted using faup parsing library) and its metadata.", "meta-category": "network", "name": "url", "template_uuid": "60efb77b-40b5-4c46-871b-ed1ed999fce5", "template_version": "9", "timestamp": "1712659343", "uuid": "23d99753-21c7-4556-b600-e55f2d45234f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1712659343", "to_ids": true, "type": "url", "uuid": "f66636d9-6b4f-47e4-b9f9-6f1e1a3354bb", "value": "https://luxtrust.help/" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1712659344", "to_ids": true, "type": "domain", "uuid": "a51f6097-a403-4df5-8922-048e98592205", "value": "luxtrust.help" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain_without_tld", "timestamp": "1712659344", "to_ids": false, "type": "text", "uuid": "c675af0e-bbf9-40da-ba5a-1c4a7eb18db9", "value": "luxtrust" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1712659344", "to_ids": true, "type": "ip-dst", "uuid": "9920eac0-1cfb-4112-bd70-694e51b11430", "value": "52.59.212.17" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "port", "timestamp": "1712659344", "to_ids": false, "type": "port", "uuid": "ecad8b36-e11e-4803-af83-6cbe0e8bad70", "value": "443" } ] }, { "comment": "", "deleted": false, "description": "Phishing template to describe a phishing website and its analysis.", "meta-category": "network", "name": "phishing", "template_uuid": "2dad6f9d-d425-4217-8fda-0b0a2d815307", "template_version": "6", "timestamp": "1712909362", "uuid": "2a9a0ff8-0f32-46ee-95f7-c8164698e785", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1712909362", "to_ids": true, "type": "hostname", "uuid": "86bd4ef5-dbab-44c4-bf38-e741a9e7fddc", "value": "3.82.24.34" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1712909362", "to_ids": true, "type": "url", "uuid": "9e55acf3-326e-47fc-b31e-2929ec283272", "value": "https://ccss.digital/" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url-redirect", "timestamp": "1712909362", "to_ids": true, "type": "url", "uuid": "4eb93632-fd80-4aa4-a723-0f1e7ea36d39", "value": "https://etat-public.lu" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "online", "timestamp": "1712909362", "to_ids": false, "type": "text", "uuid": "d4e2ac70-548d-49d1-90a6-15a8a566c02e", "value": "Yes" } ] }, { "comment": "", "deleted": false, "description": "Phishing template to describe a phishing website and its analysis.", "meta-category": "network", "name": "phishing", "template_uuid": "2dad6f9d-d425-4217-8fda-0b0a2d815307", "template_version": "6", "timestamp": "1713774949", "uuid": "0dd6525e-7b82-4a8c-9efd-080735d4243f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1713774949", "to_ids": true, "type": "hostname", "uuid": "249f32e8-4453-408d-8963-e74eb251150e", "value": "3.82.24.34" }, { "category": "Internal reference", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "internal-reference", "timestamp": "1713774949", "to_ids": false, "type": "text", "uuid": "59d6e58f-b853-4d3c-8c53-e8a07f147144", "value": "3801349" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1713774949", "to_ids": true, "type": "url", "uuid": "0dc793e5-18f6-4f46-9ac1-44601d3aefbf", "value": "https://public-order.lu/" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url-redirect", "timestamp": "1713774949", "to_ids": true, "type": "url", "uuid": "4176b462-2771-406e-82ed-1f16749d76db", "value": "https://c0nbrjdy.r.us-east-1.awstrack.me/L0/https:%2F%2Fpublic-order.lu/1/0100018ef98d16dd-9631e726-429b-4ad6-90a9-e25371506197-000000/7x9NDhmFipPjGlHSTAfnvM2JBjw=370" } ] }, { "comment": "", "deleted": false, "description": "url object describes an url along with its normalized field (like extracted using faup parsing library) and its metadata.", "meta-category": "network", "name": "url", "template_uuid": "60efb77b-40b5-4c46-871b-ed1ed999fce5", "template_version": "9", "timestamp": "1713936667", "uuid": "a7d461d3-6b68-457d-a9bf-125cd14040ea", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1713936667", "to_ids": true, "type": "url", "uuid": "a6438b3d-4237-4f87-83ba-2420621da5d6", "value": "https://order-public.com/" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1713936667", "to_ids": true, "type": "domain", "uuid": "d0db6a64-dd18-434b-87ba-88cf1ab15ea7", "value": "order-public.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1713936667", "to_ids": true, "type": "ip-dst", "uuid": "e351d804-2b3d-4c63-b187-05bb7e9213de", "value": "16.171.58.164" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "port", "timestamp": "1713936667", "to_ids": false, "type": "port", "uuid": "35c5178b-c02a-431b-a05f-ce1df88d5475", "value": "443" } ] }, { "comment": "", "deleted": false, "description": "url object describes an url along with its normalized field (like extracted using faup parsing library) and its metadata.", "meta-category": "network", "name": "url", "template_uuid": "60efb77b-40b5-4c46-871b-ed1ed999fce5", "template_version": "9", "timestamp": "1714726317", "uuid": "f8ad423e-a640-4cad-b4cd-53021c9005ec", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1714726317", "to_ids": true, "type": "url", "uuid": "1cb1805c-544d-4251-964e-cd92aee84e2f", "value": "https://support-luxtrust.com/" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1714726317", "to_ids": true, "type": "domain", "uuid": "6239251f-9592-418b-b6d1-1a6ba88beddf", "value": "support-luxtrust.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1714726317", "to_ids": true, "type": "ip-dst", "uuid": "c3dcd7db-d91a-4b6b-85f5-24c813ebc664", "value": "52.58.64.31" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "port", "timestamp": "1714726317", "to_ids": false, "type": "port", "uuid": "b77380ad-f3ed-49a2-a978-d9ba06b143b5", "value": "443" } ] }, { "comment": "", "deleted": false, "description": "url object describes an url along with its normalized field (like extracted using faup parsing library) and its metadata.", "meta-category": "network", "name": "url", "template_uuid": "60efb77b-40b5-4c46-871b-ed1ed999fce5", "template_version": "9", "timestamp": "1714981877", "uuid": "c1a93bb2-b608-4c94-88cf-4a1ab974ef3d", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1714981877", "to_ids": true, "type": "url", "uuid": "82d26f73-7223-483d-b49b-5627071166c0", "value": "https://guichet.me/login_up.php" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1714981877", "to_ids": true, "type": "domain", "uuid": "dbc24c64-c13c-44ac-b3bc-ea2c4f16e5ee", "value": "guichet.me" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain_without_tld", "timestamp": "1714981877", "to_ids": false, "type": "text", "uuid": "c79e0c01-4636-4e84-89e2-1e0afa441d59", "value": "guichet" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1714981877", "to_ids": true, "type": "ip-dst", "uuid": "e19c5f2a-6538-4401-9807-56e149ec510d", "value": "44.200.31.79" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "port", "timestamp": "1714981877", "to_ids": false, "type": "port", "uuid": "8afc975c-1a67-4529-8a76-8470625a283f", "value": "443" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "text", "timestamp": "1714981877", "to_ids": false, "type": "text", "uuid": "605560b2-eb99-4c4a-9410-a21ac4e09f77", "value": "https://t.ly/ROJIS" } ] }, { "comment": "", "deleted": false, "description": "A domain/hostname and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "11", "timestamp": "1715093604", "uuid": "879dac1c-06a4-4481-9b7b-be5c711cea99", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1715093604", "to_ids": true, "type": "domain", "uuid": "56067ad6-4951-4e10-8205-fe2551c1c7d8", "value": "cfl-lu.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1715093604", "to_ids": true, "type": "hostname", "uuid": "dad52d07-a3e5-441d-a00c-ef9dc2453c85", "value": "cfl-lu.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1715093604", "to_ids": true, "type": "ip-dst", "uuid": "7d1185ac-1e3d-4765-bcbc-b6bb6e9b7dbd", "value": "3.71.1.255" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "port", "timestamp": "1715093604", "to_ids": false, "type": "port", "uuid": "073326c9-fae6-41f0-91de-305e9184b349", "value": "443" } ] }, { "comment": "", "deleted": false, "description": "A domain/hostname and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "11", "timestamp": "1715155178", "uuid": "ba98e7b5-44a7-46ce-8904-6c8f4f092390", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1715155178", "to_ids": true, "type": "domain", "uuid": "e56be025-9359-4b03-9ac7-0675953f3206", "value": "card-order.lu" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1715155178", "to_ids": true, "type": "hostname", "uuid": "088014ce-17e1-4a44-84ae-dd372df062c1", "value": "card-order.lu" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1715155178", "to_ids": true, "type": "ip-dst", "uuid": "4f61dd74-cffa-4d2b-a50c-b7ac5e01fa50", "value": "44.200.31.79" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "port", "timestamp": "1715155178", "to_ids": false, "type": "port", "uuid": "dcb8936e-a483-457f-af7f-4be3a590f64e", "value": "443" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1715155178", "to_ids": false, "type": "text", "uuid": "19c5d6a4-e1fa-49a8-98d5-6622ee0f0283", "value": "% WHOIS card-order.lu\r\ndomainname: card-order.lu\r\ndomaintype: ACTIVE\r\nnserver: ns1.eurodns.com\r\nnserver: ns2.eurodns.com\r\nnserver: ns3.eurodns.com\r\nnserver: ns4.eurodns.com\r\nownertype: ORGANISATION\r\nregistered: 03/05/2024\r\norg-name: ORANGE Lyon\r\norg-address: 10 Parc de la T\u00eate d'Or\r\norg-zipcode: 69100\r\norg-city: Lyon - 09\r\norg-country: FR\r\nadm-name: duval nico\r\nadm-address: ORANGE Lyon\r\nadm-address: 10 Parc de la T\u00eate d'Or\r\nadm-zipcode: 69100\r\nadm-city: Lyon - 09\r\nadm-country: FR\r\nadm-email: wailbanaid93500@gmail.com\r\ntec-name: Adlani Anouar\r\ntec-address: EuroDNS S.A\r\ntec-address: 2, rue Leon Laval\r\ntec-zipcode: L-3372\r\ntec-city: Leudelange\r\ntec-country: LU\r\ntec-email: hostmaster@eurodns.com" } ] }, { "comment": "", "deleted": false, "description": "A domain/hostname and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "11", "timestamp": "1718188605", "uuid": "1aff1cf5-bedc-4b67-b546-b9ffd364c100", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1718188605", "to_ids": true, "type": "domain", "uuid": "e9e08351-4d52-4dc7-9a62-b0e975ca15bb", "value": "payconiq.direct" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1718188605", "to_ids": true, "type": "hostname", "uuid": "57a1606f-6703-424b-b21e-b4d66224e2fa", "value": "payconiq.direct" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1718188605", "to_ids": true, "type": "ip-dst", "uuid": "60ad5bed-9782-4f0b-a73c-62345a6b438b", "value": "54.155.71.44" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1718188605", "to_ids": true, "type": "text", "uuid": "6adc122f-7424-4671-970b-2cf7aea2e326", "value": "https://payconiq.direct/index.php" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1718188605", "to_ids": true, "type": "domain", "uuid": "613967a7-5544-43c5-a956-a2b386cf2179", "value": "payconiq.tel" } ] }, { "comment": "", "deleted": false, "description": "Phishing template to describe a phishing website and its analysis.", "meta-category": "network", "name": "phishing", "template_uuid": "2dad6f9d-d425-4217-8fda-0b0a2d815307", "template_version": "6", "timestamp": "1719217388", "uuid": "0124f9e9-24e0-40b0-8e58-5031289cce9b", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1719217388", "to_ids": true, "type": "hostname", "uuid": "558b7bda-c9e3-48b8-a569-237f8e134995", "value": "18.197.141.155" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1719217388", "to_ids": true, "type": "url", "uuid": "05284ecc-895f-4112-a868-72ca0ffaf4b4", "value": "https://support-luxtrust.lu/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "online", "timestamp": "1719217388", "to_ids": false, "type": "text", "uuid": "47080da6-da77-44da-b69c-6da5f6a9df85", "value": "Yes" } ] }, { "comment": "", "deleted": false, "description": "Phishing template to describe a phishing website and its analysis.", "meta-category": "network", "name": "phishing", "template_uuid": "2dad6f9d-d425-4217-8fda-0b0a2d815307", "template_version": "7", "timestamp": "1719300141", "uuid": "692a9341-7260-40f0-8628-81a9cc7c6de8", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1719300141", "to_ids": true, "type": "hostname", "uuid": "cc436fe0-896b-4707-aaa2-f2ba1018e653", "value": "payconiq.support" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1719300141", "to_ids": true, "type": "ip-dst", "uuid": "2f3f1d55-7511-4170-a446-9eb2f408f362", "value": "18.197.141.155" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1719300141", "to_ids": true, "type": "url", "uuid": "b8ae2371-ef85-4d05-8b73-9c0655534aa8", "value": "payconiq.support" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "online", "timestamp": "1719300141", "to_ids": false, "type": "text", "uuid": "cbfdb128-0134-4f86-9d13-28f7325feea5", "value": "Yes" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "verified", "timestamp": "1719300141", "to_ids": false, "type": "text", "uuid": "a7aca731-6aa4-4ad6-bee8-0c2c998a5359", "value": "Yes" } ] }, { "comment": "", "deleted": false, "description": "Phishing template to describe a phishing website and its analysis.", "meta-category": "network", "name": "phishing", "template_uuid": "2dad6f9d-d425-4217-8fda-0b0a2d815307", "template_version": "7", "timestamp": "1720014110", "uuid": "1595bce7-45fc-4fcf-b5b9-5b0d3652be7c", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1720014110", "to_ids": true, "type": "hostname", "uuid": "244f2fd6-7887-4477-af9a-db1de93f7b6a", "value": "app-luxtrust.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1720014110", "to_ids": true, "type": "ip-dst", "uuid": "7220941e-83f3-40dd-9ce9-f20ee1a164c9", "value": "3.64.63.56" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1720014110", "to_ids": true, "type": "url", "uuid": "83a133d0-f36d-465d-8b26-38d3787ec06e", "value": "https://app-luxtrust.com/LUXTRUST/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "online", "timestamp": "1720014110", "to_ids": false, "type": "text", "uuid": "a3464c2d-0b1d-4a18-80eb-34d9739d0fa3", "value": "Yes" } ] }, { "comment": "", "deleted": false, "description": "Phishing template to describe a phishing website and its analysis.", "meta-category": "network", "name": "phishing", "template_uuid": "2dad6f9d-d425-4217-8fda-0b0a2d815307", "template_version": "7", "timestamp": "1720171282", "uuid": "30d1211f-ba79-4f74-a837-bc4d9dde7fea", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1720171282", "to_ids": true, "type": "hostname", "uuid": "bb35c0c6-1403-432a-a76e-93b7eaaeaa2f", "value": "payconiq-blocage.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1720171282", "to_ids": true, "type": "ip-dst", "uuid": "03cf7282-27e0-4783-8f6a-06587b1c11fd", "value": "50.112.61.79" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1720171282", "to_ids": true, "type": "url", "uuid": "5908cad3-da33-4499-a4b4-6051cec9a409", "value": "http://payconiq-blocage.com/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "online", "timestamp": "1720171282", "to_ids": false, "type": "text", "uuid": "f52c0e77-429b-4adb-ab1e-fc7a7aacc17e", "value": "Yes" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1720171282", "to_ids": true, "type": "hostname", "uuid": "690ae80c-10ab-466f-8e8a-6cc2450bd6df", "value": "payconiq-suspension.net" } ] }, { "comment": "", "deleted": false, "description": "Phishing template to describe a phishing website and its analysis.", "meta-category": "network", "name": "phishing", "template_uuid": "2dad6f9d-d425-4217-8fda-0b0a2d815307", "template_version": "7", "timestamp": "1720171518", "uuid": "02622aac-7234-4c48-8c4d-d41687a14202", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1720171518", "to_ids": true, "type": "hostname", "uuid": "f1cad9aa-527b-48e2-b959-457dd6a5abe3", "value": "update-lu.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1720171518", "to_ids": true, "type": "ip-dst", "uuid": "7a3b89a8-157e-48c2-a685-cbd95b5d52f8", "value": "13.60.60.38" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1720171518", "to_ids": true, "type": "url", "uuid": "2becb214-19dc-49c0-95eb-5f98a92c6d73", "value": "http://update-lu.com" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "online", "timestamp": "1720171518", "to_ids": false, "type": "text", "uuid": "8bd39927-a6aa-4347-af73-1796906da520", "value": "Yes" } ] }, { "comment": "", "deleted": false, "description": "Phishing template to describe a phishing website and its analysis.", "meta-category": "network", "name": "phishing", "template_uuid": "2dad6f9d-d425-4217-8fda-0b0a2d815307", "template_version": "7", "timestamp": "1720610464", "uuid": "9453caf0-a816-4eb3-9579-f2de03a020fc", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1720610464", "to_ids": true, "type": "hostname", "uuid": "68a2bff7-3d8d-4730-9c28-fec8b33102ec", "value": "luxtrust-support.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1720610465", "to_ids": true, "type": "ip-dst", "uuid": "8bf0877e-2a7a-4a04-8846-3d7a705aee9b", "value": "13.60.60.3" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1720610465", "to_ids": true, "type": "url", "uuid": "7bd9d6f4-5cc5-4bca-826d-d3d3c0e4e96d", "value": "https://luxtrust-support.com/Luxtrust/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "online", "timestamp": "1720610465", "to_ids": false, "type": "text", "uuid": "cb1033a2-c3de-40cf-a9a4-fab938ffb2a0", "value": "Yes" } ] }, { "comment": "", "deleted": false, "description": "Phishing template to describe a phishing website and its analysis.", "meta-category": "network", "name": "phishing", "template_uuid": "2dad6f9d-d425-4217-8fda-0b0a2d815307", "template_version": "7", "timestamp": "1721049635", "uuid": "e94bb880-052a-4193-b1e1-869d83527467", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "hostname", "timestamp": "1721049635", "to_ids": true, "type": "hostname", "uuid": "8e53ecf4-9723-42c7-85f5-2f388fb3015a", "value": "luxtrust-support.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1721049635", "to_ids": true, "type": "ip-dst", "uuid": "7a99b4f1-a80a-4f06-95a0-8d7b8d9f8c0d", "value": "3.79.3.191" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "url", "timestamp": "1721049635", "to_ids": true, "type": "url", "uuid": "570a1e10-a69c-4d9d-bf68-6496d1b82596", "value": "https://luxtrust-support.com/Luxtrust/" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "online", "timestamp": "1721049635", "to_ids": false, "type": "text", "uuid": "6c631d97-0550-4819-9c39-d20cb31e3529", "value": "Yes" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "verified", "timestamp": "1721049635", "to_ids": false, "type": "text", "uuid": "346a544d-8dbb-40f6-bf45-33d93eb4b6e0", "value": "Yes" } ] } ] } }