misp-circl-feed/feeds/circl/misp/58ad5d57-3058-48b8-8c08-553602de0b81.json

{
  "Event": {
    "analysis": "2",
    "date": "2017-02-22",
    "extends_uuid": "",
    "info": "Sinkholes servers with http header Server: malware-sinkhole",
    "publish_timestamp": "1487760601",
    "published": true,
    "threat_level_id": "4",
    "timestamp": "1487756912",
    "uuid": "58ad5d57-3058-48b8-8c08-553602de0b81",
    "Orgc": {
      "name": "CthulhuSPRL.be",
      "uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
    },
    "Tag": [
      {
        "colour": "#ffffff",
        "local": false,
        "name": "tlp:white",
        "relationship_type": ""
      }
    ],
    "Attribute": [
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1487756736",
        "to_ids": false,
        "type": "link",
        "uuid": "58ad5dc0-9790-45f4-840b-cf0402de0b81",
        "value": "https://censys.io/ipv4?q=80.http.get.headers.server%3Amalware-sinkhole"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1487756799",
        "to_ids": true,
        "type": "domain",
        "uuid": "58ad5dff-4d9c-4558-b06f-553702de0b81",
        "value": "oraclesoft.net"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1487756825",
        "to_ids": true,
        "type": "ip-dst",
        "uuid": "58ad5e19-6128-4ca4-9f54-2cec02de0b81",
        "value": "209.249.180.243"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1487756861",
        "to_ids": true,
        "type": "ip-dst",
        "uuid": "58ad5e3d-fad0-4b82-a0f9-2ced02de0b81",
        "value": "67.205.153.100"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1487756862",
        "to_ids": true,
        "type": "ip-dst",
        "uuid": "58ad5e3e-ae64-4c3b-8057-2ced02de0b81",
        "value": "209.249.180.246"
      },
      {
        "category": "Network activity",
        "comment": "Resolving to 67.205.153.100",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1487756912",
        "to_ids": true,
        "type": "domain",
        "uuid": "58ad5e70-201c-44ab-bba3-2cf002de0b81",
        "value": "nicklockluckydog.org"
      }
    ]
  }
}