Created
August 4, 2014 12:02
-
-
Save wesyoung/9947fac75b86e2dc2b90 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| remote:p5-cif-sdk wes$ perl -Ilib bin/cif -R http://localhost:5000/v2 --tags hijacked,scanner | |
| provider |tlp |group |observable |confidence|firsttime |lasttime |reporttime |altid |altid_tlp|tags | |
| dragonresearchgroup.org|amber|everyone|2.108.1.0 |85 |2014-07-28T19:07:13Z|2014-07-28T19:07:13Z|2014-07-28T19:07:13Z|http://dragonresearchgroup.org/insight/sshpwauth.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|116.10.191.175 |85 |2014-07-28T19:07:13Z|2014-07-28T19:07:13Z|2014-07-28T19:07:13Z|http://dragonresearchgroup.org/insight/sshpwauth.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|193.107.16.206 |85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|68.236.173.233 |85 |2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|82.127.196.209 |85 |2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|80.15.207.182 |85 |2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|80.11.101.76 |85 |2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|61.78.62.167 |85 |2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|81.7.93.36 |85 |2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|114.202.2.175 |85 |2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|74.69.246.123 |85 |2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|74.72.10.214 |85 |2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|76.74.236.29 |85 |2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|23.23.162.145 |85 |2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|185.56.80.104 |85 |2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|220.225.205.7 |85 |2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|187.75.185.216 |85 |2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|80.82.78.170 |85 |2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|31.193.132.10 |85 |2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|207.7.135.228 |85 |2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|91.220.131.79 |85 |2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| dragonresearchgroup.org|amber|everyone|91.212.60.238 |85 |2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|https://dragonresearchgroup.org/insight/vncprobe.txt |green |scanner | |
| spamhaus.org |green|everyone|31.13.252.0/22 |95 |2014-07-28T19:09:55Z|2014-07-28T19:09:55Z|2014-07-28T19:09:55Z|http://www.spamhaus.org/sbl/sbl.lasso?query=SBL198433|green |suspicious,hijacked | |
| spamhaus.org |green|everyone|91.226.78.0/24 |95 |2014-07-28T19:09:55Z|2014-07-28T19:09:55Z|2014-07-28T19:09:55Z|http://www.spamhaus.org/sbl/sbl.lasso?query=SBL113609|green |suspicious,hijacked | |
| spamhaus.org |green|everyone|175.44.59.0/24 |95 |2014-07-28T19:09:55Z|2014-07-28T19:09:55Z|2014-07-28T19:09:55Z|http://www.spamhaus.org/sbl/sbl.lasso?query=SBL224238|green |suspicious,hijacked | |
| spamhaus.org |green|everyone|204.8.87.0/24 |95 |2014-07-28T19:09:55Z|2014-07-28T19:09:55Z|2014-07-28T19:09:55Z|http://www.spamhaus.org/sbl/sbl.lasso?query=SBL155924|green |suspicious,hijacked | |
| spamhaus.org |green|everyone|208.38.135.0/24 |95 |2014-07-28T19:09:55Z|2014-07-28T19:09:55Z|2014-07-28T19:09:55Z|http://www.spamhaus.org/sbl/sbl.lasso?query=SBL178295|green |suspicious,hijacked | |
| spamhaus.org |green|everyone|14.4.0.0/14 |95 |2014-07-28T19:14:35Z|2014-07-28T19:14:35Z|2014-07-28T19:14:35Z|http://www.spamhaus.org/sbl/sbl.lasso?query=SBL187947|green |suspicious,hijacked | |
| spamhaus.org |green|everyone|37.139.49.0/24 |95 |2014-07-28T19:14:35Z|2014-07-28T19:14:35Z|2014-07-28T19:14:35Z|http://www.spamhaus.org/sbl/sbl.lasso?query=SBL169644|green |suspicious,hijacked | |
| spamhaus.org |green|everyone|62.182.152.0/21 |95 |2014-07-28T19:14:35Z|2014-07-28T19:14:35Z|2014-07-28T19:14:35Z|http://www.spamhaus.org/sbl/sbl.lasso?query=SBL83337 |green |suspicious,hijacked | |
| spamhaus.org |green|everyone|64.112.0.0/17 |95 |2014-07-28T19:14:35Z|2014-07-28T19:14:35Z|2014-07-28T19:14:35Z|http://www.spamhaus.org/sbl/sbl.lasso?query=SBL90972 |green |suspicious,hijacked | |
| spamhaus.org |green|everyone|67.218.208.0/20 |95 |2014-07-28T19:14:35Z|2014-07-28T19:14:35Z|2014-07-28T19:14:35Z|http://www.spamhaus.org/sbl/sbl.lasso?query=SBL79149 |green |suspicious,hijacked | |
| spamhaus.org |green|everyone|79.173.104.0/21 |95 |2014-07-28T19:14:35Z|2014-07-28T19:14:35Z|2014-07-28T19:14:35Z|http://www.spamhaus.org/sbl/sbl.lasso?query=SBL201519|green |suspicious,hijacked | |
| spamhaus.org |green|everyone|85.202.160.0/20 |95 |2014-07-28T19:14:35Z|2014-07-28T19:14:35Z|2014-07-28T19:14:35Z|http://www.spamhaus.org/sbl/sbl.lasso?query=SBL95006 |green |suspicious,hijacked | |
| remote:p5-cif-sdk wes$ perl -Ilib bin/cif -R http://localhost:5000/v2 -d --tags hijacked,scanner --cc ru --app vnc | |
| [2014-08-04T08:00:29,752Z][INFO][main:150]: starting up client... | |
| [2014-08-04T08:00:29,753Z][INFO][main:161]: running search... | |
| [2014-08-04T08:00:29,753Z][DEBUG][CIF::SDK::Client:171]: uri created: http://localhost:5000/v2/observables?token=123444444&limit=500&applications=vnc&cc=ru&tags=hijacked,scanner | |
| [2014-08-04T08:00:29,753Z][DEBUG][CIF::SDK::Client:172]: making request... | |
| [2014-08-04T08:00:30,221Z][DEBUG][CIF::SDK::Client:177]: success, decoding... | |
| [2014-08-04T08:00:30,222Z][INFO][main:173]: search returned, formatting.. | |
| provider |tlp |group |observable |confidence|firsttime |lasttime |reporttime |altid |altid_tlp|tags | |
| dragonresearchgroup.org|amber|everyone|91.220.131.79|85 |2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|https://dragonresearchgroup.org/insight/vncprobe.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|91.212.60.238|85 |2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|2014-07-28T19:08:11Z|https://dragonresearchgroup.org/insight/vncprobe.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|62.5.146.83 |85 |2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|2014-07-28T19:08:10Z|https://dragonresearchgroup.org/insight/vncprobe.txt|green |scanner | |
| [2014-08-04T08:00:30,233Z][INFO][main:198]: done... | |
| remote:p5-cif-sdk wes$ perl -Ilib bin/cif -R http://localhost:5000/v2 -d --tags hijacked,scanner --cc ru --app ssh | |
| [2014-08-04T08:00:32,688Z][INFO][main:150]: starting up client... | |
| [2014-08-04T08:00:32,688Z][INFO][main:161]: running search... | |
| [2014-08-04T08:00:32,688Z][DEBUG][CIF::SDK::Client:171]: uri created: http://localhost:5000/v2/observables?token=123444444&tags=hijacked,scanner&cc=ru&limit=500&applications=ssh | |
| [2014-08-04T08:00:32,689Z][DEBUG][CIF::SDK::Client:172]: making request... | |
| [2014-08-04T08:00:32,881Z][DEBUG][CIF::SDK::Client:177]: success, decoding... | |
| [2014-08-04T08:00:32,882Z][INFO][main:173]: search returned, formatting.. | |
| provider |tlp |group |observable |confidence|firsttime |lasttime |reporttime |altid |altid_tlp|tags | |
| dragonresearchgroup.org|amber|everyone|89.189.104.13 |85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|188.32.157.152|85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|193.107.17.72 |85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|193.107.16.206|85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|145.255.28.228|85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|212.248.49.42 |85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|37.204.119.224|85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|194.186.106.87|85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|188.32.43.214 |85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|109.173.104.55|85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|188.32.209.77 |85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|5.228.28.220 |85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|109.173.14.8 |85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|85.143.166.160|85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| dragonresearchgroup.org|amber|everyone|195.28.182.39 |85 |2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|2014-07-28T19:07:15Z|http://dragonresearchgroup.org/insight/sshpwauth.txt|green |scanner | |
| openbl.org |green|everyone|193.107.16.206|85 |2014-07-28T19:17:24Z|2014-07-28T19:17:24Z|2014-07-28T19:17:24Z|http://www.openbl.org/lists/date_all.txt | |scanner | |
| [2014-08-04T08:00:32,923Z][INFO][main:198]: done... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2014-08-04T08:00:32,688Z ->
2014-08-04T08:00:32,923Z
nice.. :-)