Overflowing Web Honeypot Logs - SANS Internet Storm Center
Tags
| attack-pattern: | Data Dns - T1071.004 Dns - T1590.002 Ip Addresses - T1590.005 Python - T1059.006 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | 8f981486-9f6c-460d-bd3f-9458dc53f6d8 |
| Fingerprint | 3412e873ff2644f2 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 20, 2023, midnight |
| Added to db | Nov. 20, 2023, 2:24 a.m. |
| Last updated | Nov. 17, 2024, 12:59 p.m. |
| Headline | Internet Storm Center |
| Title | Overflowing Web Honeypot Logs - SANS Internet Storm Center |
| Detected Hints/Tags/Attributes | 26/1/56 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://isc.sans.edu/diary/rss/30416 |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 142 | ✔ | SANS Internet Storm Center, InfoCON: green | https://isc.sans.edu/rssfeed_full.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 3 | cowrie.json |
|
| Details | File | 1 | webhoneypot-2023-08-29.json |
|
| Details | File | 1 | webhoneypot-2023-09-26.json |
|
| Details | File | 1 | webhoneypot-2023-09-27.json |
|
| Details | File | 1 | webhoneypot-2023-10-31.json |
|
| Details | File | 1 | webhoneypot-2023-11-01.json |
|
| Details | File | 674 | node.js |
|
| Details | IPv4 | 1 | 80.243.171.172 |
|
| Details | IPv4 | 1 | 43.163.232.152 |
|
| Details | IPv4 | 1 | 185.44.82.40 |
|
| Details | IPv4 | 1 | 205.169.39.71 |
|
| Details | IPv4 | 1 | 205.169.39.211 |
|
| Details | IPv4 | 1 | 45.128.232.183 |
|
| Details | IPv4 | 1 | 65.49.1.93 |
|
| Details | IPv4 | 1 | 205.169.39.154 |
|
| Details | IPv4 | 1 | 64.62.197.148 |
|
| Details | IPv4 | 1 | 205.169.39.114 |
|
| Details | IPv4 | 1 | 65.154.226.167 |
|
| Details | IPv4 | 1 | 65.154.226.170 |
|
| Details | IPv4 | 2 | 65.154.226.171 |
|
| Details | IPv4 | 1 | 65.154.226.168 |
|
| Details | IPv4 | 1 | 65.154.226.166 |
|
| Details | IPv4 | 1 | 65.154.226.169 |
|
| Details | IPv4 | 1 | 209.159.153.74 |
|
| Details | IPv4 | 1 | 141.98.7.19 |
|
| Details | IPv4 | 1 | 205.169.39.124 |
|
| Details | IPv4 | 1 | 205.169.39.241 |
|
| Details | IPv4 | 1 | 205.169.39.139 |
|
| Details | IPv4 | 1 | 205.169.39.83 |
|
| Details | IPv4 | 1 | 43.134.109.119 |
|
| Details | IPv4 | 1 | 80.94.95.226 |
|
| Details | IPv4 | 1 | 152.32.143.233 |
|
| Details | IPv4 | 2 | 83.97.73.87 |
|
| Details | IPv4 | 1 | 167.94.138.52 |
|
| Details | IPv4 | 1 | 80.82.77.202 |
|
| Details | IPv4 | 1 | 134.122.106.248 |
|
| Details | IPv4 | 1 | 84.54.51.190 |
|
| Details | IPv4 | 1 | 47.89.134.184 |
|
| Details | IPv4 | 1 | 104.199.31.214 |
|
| Details | IPv4 | 1 | 159.223.4.194 |
|
| Details | IPv4 | 1 | 43.135.86.121 |
|
| Details | IPv4 | 1 | 193.35.18.33 |
|
| Details | IPv4 | 1 | 205.210.31.227 |
|
| Details | IPv4 | 1 | 35.203.210.129 |
|
| Details | IPv4 | 1 | 109.237.97.180 |
|
| Details | IPv4 | 1 | 45.128.232.125 |
|
| Details | IPv4 | 1 | 162.243.151.30 |
|
| Details | IPv4 | 1 | 1.9.0.18 |
|
| Details | IPv4 | 3 | 1.8.1.14 |
|
| Details | IPv4 | 2 | 1.9.2.16 |
|
| Details | IPv4 | 1 | 10.10.11.42 |
|
| Details | Url | 1 | http://10.10.11.42:38541/qualystest |
|
| Details | Url | 1 | http://10.10.11.42:40385/qualystest |
|
| Details | Url | 1 | http://10.10.11.42:43708/qualystest |
|
| Details | Url | 1 | http://10.10.11.42:40149/qualystest |
|
| Details | Url | 1 | http://10.10.11.42:32940/qualystest |