1100 lines
No EOL
34 KiB
JSON
1100 lines
No EOL
34 KiB
JSON
{
|
|
"Event": {
|
|
"analysis": "2",
|
|
"date": "2015-04-03",
|
|
"extends_uuid": "",
|
|
"info": "OSINT The Dyre Wolf report from IBM",
|
|
"publish_timestamp": "1428091106",
|
|
"published": true,
|
|
"threat_level_id": "4",
|
|
"timestamp": "1428070986",
|
|
"uuid": "551e8745-ace0-461c-b9eb-ce36950d210b",
|
|
"Orgc": {
|
|
"name": "CthulhuSPRL.be",
|
|
"uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
|
|
},
|
|
"Tag": [
|
|
{
|
|
"colour": "#004646",
|
|
"local": "0",
|
|
"name": "type:OSINT",
|
|
"relationship_type": ""
|
|
},
|
|
{
|
|
"colour": "#ffffff",
|
|
"local": "0",
|
|
"name": "tlp:white",
|
|
"relationship_type": ""
|
|
}
|
|
],
|
|
"Attribute": [
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428064106",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "551e876a-e8dc-4bfe-8397-7455950d210b",
|
|
"value": "http://securityintelligence.com/dyre-wolf/"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428064107",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "551e876b-31e4-4dbe-b9d6-7455950d210b",
|
|
"value": "https://portal.sec.ibm.com/mss/html/en_US/support_resources/pdf/dyre_wolf_4-2-2015.html?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070345",
|
|
"to_ids": false,
|
|
"type": "link",
|
|
"uuid": "551e9fc9-fc8c-4835-bf1b-4aad950d210b",
|
|
"value": "https://portal.sec.ibm.com/mss/html/en_US/support_resources/pdf/Dyre_Wolf_MSS_Threat_Report.pdf"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070382",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "551e9fee-3528-4bab-a204-4e81950d210b",
|
|
"value": "Upatre"
|
|
},
|
|
{
|
|
"category": "External analysis",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070382",
|
|
"to_ids": false,
|
|
"type": "text",
|
|
"uuid": "551e9fee-6190-4c7d-b743-4639950d210b",
|
|
"value": "Dyre"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "External IP check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070626",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea0e2-1e6c-478f-8a40-4c6f950d210b",
|
|
"value": "checkip.dyndns.org"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Connectivity check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070651",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea0fb-b928-454f-a553-ce36950d210b",
|
|
"value": "google.com"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070756",
|
|
"to_ids": true,
|
|
"type": "md5",
|
|
"uuid": "551ea164-a78c-413e-b3aa-7455950d210b",
|
|
"value": "a5c773429e86543747ce8b03314593df"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070756",
|
|
"to_ids": true,
|
|
"type": "sha1",
|
|
"uuid": "551ea164-b32c-4a79-941d-7455950d210b",
|
|
"value": "55065e85ab9723d3b9f8d2b3e2ca0514dae10aae"
|
|
},
|
|
{
|
|
"category": "Artifacts dropped",
|
|
"comment": "",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070756",
|
|
"to_ids": true,
|
|
"type": "sha256",
|
|
"uuid": "551ea164-3728-4b72-accd-7455950d210b",
|
|
"value": "8dbbaec774a42e18f369c2bf947a64d03728749b57fad7f46a80ea1ac396af7f"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070848",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c0-7dc4-464c-9e6a-fb7b950d210b",
|
|
"value": "stun1.voiceeclipse.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070848",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c0-6540-4dae-8f68-fb7b950d210b",
|
|
"value": "stun.callwithus.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070848",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c0-315c-4dab-9d90-fb7b950d210b",
|
|
"value": "stun.sipgate.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070848",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c0-9fe0-4962-96b3-fb7b950d210b",
|
|
"value": "stun.ekiga.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070848",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c0-5de8-4824-8a60-fb7b950d210b",
|
|
"value": "stun.ideasip.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070848",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c0-d674-4cbf-9a1e-fb7b950d210b",
|
|
"value": "stun.internetcalls.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070849",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c1-fca4-4854-91f4-fb7b950d210b",
|
|
"value": "stun.noc.ams-ix.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070849",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c1-4e08-48f9-9273-fb7b950d210b",
|
|
"value": "stun.phonepower.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070849",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c1-400c-4c34-8dd6-fb7b950d210b",
|
|
"value": "stun.voip.aebc.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070849",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c1-20d8-4c11-b158-fb7b950d210b",
|
|
"value": "stun.voipbuster.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070849",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c1-a2c0-4582-9638-fb7b950d210b",
|
|
"value": "stun.voxgratia.org"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070849",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c1-cb48-4b06-889a-fb7b950d210b",
|
|
"value": "stun.ipshka.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070849",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c1-da14-4d3a-a498-fb7b950d210b",
|
|
"value": "stun.faktortel.com.au"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070849",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c1-db20-4af5-84b2-fb7b950d210b",
|
|
"value": "stun.iptel.org"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070850",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c2-210c-4b27-8b9c-fb7b950d210b",
|
|
"value": "stun.voipstunt.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070850",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c2-6c20-4562-bf26-fb7b950d210b",
|
|
"value": "stunserver.org"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070850",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c2-4958-40e8-915d-fb7b950d210b",
|
|
"value": "s1.taraba.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070850",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c2-633c-42cb-bedb-fb7b950d210b",
|
|
"value": "s2.taraba.net"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070850",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c2-605c-4628-8b62-fb7b950d210b",
|
|
"value": "stun.l.google.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070850",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c2-c89c-4bb1-9332-fb7b950d210b",
|
|
"value": "stun1.l.google.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070850",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c2-7394-407b-bb05-fb7b950d210b",
|
|
"value": "stun2.l.google.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070850",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c2-2488-4939-af5f-fb7b950d210b",
|
|
"value": "stun3.l.google.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070850",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c2-c4f8-4906-b4dc-fb7b950d210b",
|
|
"value": "stun4.l.google.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070851",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c3-f780-4277-9492-fb7b950d210b",
|
|
"value": "stun.schlund.de"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070851",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c3-c928-4bf5-b635-fb7b950d210b",
|
|
"value": "stun.rixtelecom.se"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070851",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c3-b6d8-40f4-b443-fb7b950d210b",
|
|
"value": "stun.voiparound.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070851",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c3-44d4-4789-83ce-fb7b950d210b",
|
|
"value": "numb.viagenie.ca"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070851",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c3-f344-4b27-b4f0-fb7b950d210b",
|
|
"value": "stun.stunprotocol.org"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "STUN servers connecvity & NAT check",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070851",
|
|
"to_ids": false,
|
|
"type": "hostname",
|
|
"uuid": "551ea1c3-1ed0-457a-8037-fb7b950d210b",
|
|
"value": "stun.2talk.co.nz"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "CnC",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070879",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea1df-5384-430d-beb3-40e9950d210b",
|
|
"value": "92.240.99.70"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "CnC",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070907",
|
|
"to_ids": true,
|
|
"type": "domain",
|
|
"uuid": "551ea1fb-4eb8-4a26-95e0-4a04950d210b",
|
|
"value": "metflex.uk.com"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070986",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24a-695c-4c5e-ae24-4924950d210b",
|
|
"value": "46.151.48.114"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070986",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24a-9de8-4cd6-bdb5-43fc950d210b",
|
|
"value": "46.63.97.171"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070986",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24a-6770-4a03-b467-4ec6950d210b",
|
|
"value": "46.63.97.224"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070986",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24a-c9a8-43a8-8e62-47d7950d210b",
|
|
"value": "195.32.89.29"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070986",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24a-fd00-453a-9056-4608950d210b",
|
|
"value": "46.151.49.53"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070986",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24a-de84-45eb-827b-4e50950d210b",
|
|
"value": "91.210.148.1"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070986",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24a-cb60-4ccb-b9a8-474e950d210b",
|
|
"value": "109.87.231.180"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070986",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24a-e0c8-4498-b40f-4150950d210b",
|
|
"value": "46.151.48.199"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070987",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24b-1578-4778-918d-466f950d210b",
|
|
"value": "37.115.203.210"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070987",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24b-bbf8-4a1c-a2d5-48ab950d210b",
|
|
"value": "185.31.53.23"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070987",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24b-b1a8-4f11-be97-43d0950d210b",
|
|
"value": "46.63.97.159"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070987",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24b-b50c-43f9-af34-4a30950d210b",
|
|
"value": "85.94.175.236"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070987",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24b-74e0-4f97-a515-4938950d210b",
|
|
"value": "46.63.97.77"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070987",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24b-ea40-4163-9d5b-4359950d210b",
|
|
"value": "188.165.223.61"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070987",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24b-bbc4-4372-8fbc-4def950d210b",
|
|
"value": "46.63.96.198"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070987",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24b-e2b8-4f99-b93d-47b1950d210b",
|
|
"value": "178.253.216.100"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070987",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24b-73c8-4767-96e4-49a8950d210b",
|
|
"value": "188.165.213.146"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070988",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24c-3860-4af5-9862-4c81950d210b",
|
|
"value": "46.63.97.93"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070988",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24c-1f40-4373-bf1f-4e0a950d210b",
|
|
"value": "91.194.239.109"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070988",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24c-3204-4a0c-96a9-4063950d210b",
|
|
"value": "46.63.96.137"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070988",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24c-cd38-4433-b76c-43af950d210b",
|
|
"value": "46.29.0.247"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070988",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24c-0564-448e-a112-40b7950d210b",
|
|
"value": "46.63.97.39"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070988",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24c-1bf0-4db6-accc-4dbc950d210b",
|
|
"value": "194.28.191.218"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070988",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24c-11ac-4fce-9251-4e52950d210b",
|
|
"value": "46.63.96.251"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070988",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24c-18bc-458b-a8e9-46ef950d210b",
|
|
"value": "194.28.191.217"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070988",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24c-2280-4eac-a664-472f950d210b",
|
|
"value": "176.36.160.107"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070988",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24d-2850-435e-891d-4698950d210b",
|
|
"value": "178.212.244.19"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070989",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24d-2e00-4dd6-abfa-40cc950d210b",
|
|
"value": "46.160.125.167"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070989",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24d-91b4-4331-bb89-4513950d210b",
|
|
"value": "31.131.139.42"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070989",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24d-0c2c-4d3d-8af7-4de8950d210b",
|
|
"value": "91.242.55.58"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070989",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24d-b1a8-4ce4-b0f3-4b5b950d210b",
|
|
"value": "62.80.181.148"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070989",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24d-6210-45dd-af86-4a44950d210b",
|
|
"value": "91.225.228.195"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070989",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24d-4ed0-4e60-b7d7-49f2950d210b",
|
|
"value": "178.217.49.162"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070989",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24d-1938-499a-8c54-45f8950d210b",
|
|
"value": "77.85.204.113"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070989",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24d-5acc-416c-9161-43e0950d210b",
|
|
"value": "176.119.175.13"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070990",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24e-0020-40f0-90c2-41d6950d210b",
|
|
"value": "46.151.50.58"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070990",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24e-d2a0-4e33-bd1b-4543950d210b",
|
|
"value": "176.98.141.2"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070990",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24e-4d04-4fb0-90fc-4333950d210b",
|
|
"value": "89.22.207.223"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070990",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24e-95cc-41b6-9d57-41b8950d210b",
|
|
"value": "176.98.133.237"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070990",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24e-1fac-42ac-a186-4a41950d210b",
|
|
"value": "188.165.232.226"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070990",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24e-6644-48a6-ab21-480f950d210b",
|
|
"value": "109.237.0.106"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070990",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24e-9794-40a9-9af5-4f5b950d210b",
|
|
"value": "91.202.197.178"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070990",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24e-6c24-47d6-9a8d-4644950d210b",
|
|
"value": "83.219.158.40"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070990",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24e-d4d0-429a-9419-4b6f950d210b",
|
|
"value": "31.131.142.226"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070990",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24e-93e4-48a2-adc0-4332950d210b",
|
|
"value": "46.151.48.121"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070991",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24f-9100-4ee2-afe3-4fd0950d210b",
|
|
"value": "195.189.19.156"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070991",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24f-a0b8-4b9b-b2de-4a7d950d210b",
|
|
"value": "212.36.236.132"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070991",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24f-8094-425e-b74a-4961950d210b",
|
|
"value": "93.175.224.225"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070991",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24f-9458-4755-bb97-4dca950d210b",
|
|
"value": "212.36.237.45"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070991",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24f-0cc0-4363-a71d-45b6950d210b",
|
|
"value": "93.99.229.60"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070991",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24f-614c-4347-a891-44f9950d210b",
|
|
"value": "212.36.229.141"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070991",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24f-b79c-4259-918e-436e950d210b",
|
|
"value": "85.248.157.88"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070991",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24f-6ea8-4a6a-aaba-466a950d210b",
|
|
"value": "176.197.103.78"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070991",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea24f-4478-4592-9009-447f950d210b",
|
|
"value": "188.231.149.4"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070992",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea250-5bf8-4845-b140-4e9e950d210b",
|
|
"value": "178.253.251.4"
|
|
},
|
|
{
|
|
"category": "Network activity",
|
|
"comment": "Hardcoded I2P nodes in configuration",
|
|
"deleted": false,
|
|
"disable_correlation": false,
|
|
"timestamp": "1428070992",
|
|
"to_ids": true,
|
|
"type": "ip-dst",
|
|
"uuid": "551ea250-934c-4663-a0cd-477b950d210b",
|
|
"value": "194.28.191.70"
|
|
}
|
|
]
|
|
}
|
|
} |