-
-
Save jedisct1/c7548d814de2dd661f033d9cb18a0006 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "origin": "Nathan Fowler <nathan@packetmail.net>, https://www.packetmail.net/iprep.php/142.4.213.25", | |
| "disclaimer": "By using this system in any capacity or capability, you release all claims of damages and shall not hold or perceive any liability against the publisher for: damage, unexpected events or results, decision, or reputation damage, even those resulting from wilful or intentional neglect. No claims made against this data shall be honored; no assertions have been made about the quality, accuracy, usability, actionability, reputation, merit, or hostility of the returned findings. Use the returned results at your own risk. In no event will the publisher be liable for any damages whatsoever arising out of or related to this output, any website or service or output operated by a third party or any information contained in this output or any other medium, including, but not limited to, direct, indirect, incidental, special, consequential or punitive damages, including, but not limited to, lost data, lost revenue, or lost profits, under any theory, whether under a contract, tort (including negligence) or any other theory of liability, even if the publisher is aware of the possibility of such damages. By using this service, you agree to pursue no legal action in any form for any reason. You may not use this data to source information about a competing party for leverage or competitive advantage.", | |
| "IPs_in_collection": "1,068,118,393", | |
| "IP_Lookup_History": "https://www.packetmail.net/iprep_history.php/142.4.213.25?apikey=", | |
| "Query_Time": "0.184534 seconds", | |
| "Unique_Lookups": "5", | |
| "query_result": "Success", | |
| "MaxMind_Free_GeoIP": [{"continent_code":"NA","country_code":"CA","country_code3":"CAN","country_name":"Canada","region":"QC","city":null,"postal_code":"H3A","latitude":45.5040016174,"longitude":-73.5746994019,"dma_code":0,"area_code":0}], | |
| "_id": "142.4.213.25", | |
| "created_on": "2014-09-08 10:25:12", | |
| "greensnow_attackers": { | |
| "source": "http://blocklist.greensnow.co/greensnow.txt", | |
| "context": "142.4.213.25 GreenSnow is comparable with SpamHaus.org for attacks of any kind except for spam", | |
| "last_seen": "2016-04-03 08:56:03", | |
| "refreshed": "2016-04-03 08:56:03" | |
| }, | |
| "maxmind_anonproxies": { | |
| "source": "https://www.maxmind.com/en/anonymous_proxies", | |
| "context": "142.4.213.25 IP addresses that are anonymous proxies. If an IP address is on this list it may indicate that activity from that IP is malicious or fraudulent", | |
| "last_seen": "2016-04-08 22:39:07", | |
| "refreshed": "2016-04-08 22:39:07" | |
| }, | |
| "openbl_base_1days": { | |
| "source": "http://www.openbl.org/lists/base_1days.txt", | |
| "context": "142.4.213.25 OpenBL scanners and attackers, ports 21, 22, 23, 25, 110, 143, 587, 993, and 995 for brute force and 80 and 443 for web application attacks", | |
| "last_seen": "2016-01-12 00:28:56", | |
| "refreshed": "2016-01-12 00:28:56" | |
| }, | |
| "et_tor": { | |
| "source": "http://rules.emergingthreats.net/open/snort-2.9.0/rules/emerging-tor.rules", | |
| "context": "Known Tor nodes", | |
| "last_seen": "2016-04-08 20:20:52", | |
| "refreshed": "2016-04-08 20:20:52" | |
| }, | |
| "dshield_sources": { | |
| "source": "https://isc.sans.edu/api/sources/attacks/10000/2014-10-11", | |
| "context": "Attacks 1463, Count 1840", | |
| "last_seen": "2014-10-09 00:00:00", | |
| "refreshed": "2014-10-11 20:03:19" | |
| }, | |
| "dshield_top": { | |
| "source": "https://isc.sans.edu/api/topips/records/1000/2014-09-08", | |
| "context": "TOP ISC IPs", | |
| "last_seen": "2014-09-08 19:53:09", | |
| "refreshed": "2014-09-08 19:53:09" | |
| }, | |
| "packetmail_honeypot": { | |
| "source": "206.82.85.196/30 honeypot", | |
| "context": "Honeypot hits in 3600 hash-collection seconds: 2", | |
| "last_seen": "2014-09-08 10:25:12", | |
| "cumulative": "Cumulative honeypot hits for IP over all days: 2", | |
| "refreshed": "2014-09-08 10:25:12" | |
| }, | |
| "slbam_blacklist": { | |
| "source": "http://sblam.com/blacklist.txt", | |
| "context": "142.4.213.25 This is a list of HTML form (comment) spammers--not for blocking e-mail spam", | |
| "last_seen": "2016-04-08 21:26:31", | |
| "refreshed": "2016-04-08 21:26:31" | |
| }, | |
| "torstatus_allnodes": { | |
| "source": "http://torstatus.blutmagie.de/ip_list_all.php/Tor_ip_list_ALL.csv", | |
| "context": "142.4.213.25 CSV List of All Current Tor Server IP Addresses", | |
| "last_seen": "2016-04-08 20:55:43", | |
| "refreshed": "2016-04-08 20:55:43" | |
| }, | |
| "torstatus_exitnodes": { | |
| "source": "http://torstatus.blutmagie.de/ip_list_exit.php/Tor_ip_list_EXIT.csv", | |
| "context": "142.4.213.25 CSV List of All Current Tor Server Exit Node IP Addresses", | |
| "last_seen": "2016-04-08 20:55:40", | |
| "refreshed": "2016-04-08 20:55:40" | |
| }, | |
| "turris_greylist": { | |
| "source": "https://www.turris.cz/greylist-data/greylist-latest.csv", | |
| "context": "142.4.213.25,CA,http_scan,ssh,16276 bad reputation", | |
| "last_seen": "2016-03-21 00:37:32", | |
| "refreshed": "2016-03-21 00:37:32" | |
| }, | |
| "torproject_exitaddr": { | |
| "source": "https://check.torproject.org/exit-addresses", | |
| "context": "ExitAddress 142.4.213.25 2016-04-10 05:04:18 Current list of exit addresses outputted by TorDNSEL", | |
| "last_seen": "2016-04-10 04:33:42", | |
| "refreshed": "2016-04-10 04:33:42" | |
| }, | |
| "stopforumspam_24h": { | |
| "source": "http://www.stopforumspam.com/downloads/listed_ip_1_all.zip", | |
| "context": "3 attempts, Last 24 hours, limited to 24 downloads per IP per day", | |
| "last_seen": "2016-04-10 20:23:09", | |
| "refreshed": "2016-04-10 20:18:31" | |
| }, | |
| "dragonresearch_ssh": { | |
| "source": "http://dragonresearchgroup.org/insight/sshpwauth.txt", | |
| "context": "16276 | OVH OVH SAS,FR | 142.4.213.25 | 2016-01-17 19:06:00 | sshpwauth SSH password authentication brute force attacks", | |
| "last_seen": "2016-01-23 12:39:16", | |
| "refreshed": "2016-01-23 12:39:16" | |
| }, | |
| "snort_labs": { | |
| "source": "http://talosintel.com/feeds/ip-filter.blf", | |
| "context": "142.4.213.25 IP Addresses Talos Intel has identified as malicious", | |
| "last_seen": "2016-04-11 04:35:02", | |
| "refreshed": "2016-04-11 04:35:02" | |
| }, | |
| "packetmail_ramnode_honeypot": { | |
| "source": "https://www.packetmail.net/iprep_ramnode.txt", | |
| "context": "Honeypot hits in 3600 hash-collection seconds: 1; Cumulative honeypot hits for IP over all days: 3045", | |
| "last_seen": "2016-04-10 11:26:50", | |
| "refreshed": "2016-04-10 12:30:40" | |
| }, | |
| "danger_bruteforce_ips": { | |
| "source": "http://danger.rulez.sk/projects/bruteforceblocker/blist.php", | |
| "context": "Count: ", | |
| "last_seen": "2015-06-24 08:00:13", | |
| "refreshed": "2015-07-22 20:35:31" | |
| }, | |
| "bad_ips_cms": { | |
| "source": "https://www.badips.com/get/list/cms/0?age=12h", | |
| "context": "badips.com listed in cms list with a score threshold of zero", | |
| "last_seen": "2016-01-29 16:57:09", | |
| "refreshed": "2016-01-29 16:57:09" | |
| }, | |
| "bad_ips_http": { | |
| "source": "https://www.badips.com/get/list/http/0?age=12h", | |
| "context": "badips.com listed in http list with a score threshold of zero", | |
| "last_seen": "2016-03-05 08:32:53", | |
| "refreshed": "2016-03-05 08:32:53" | |
| }, | |
| "bad_ips_apache": { | |
| "source": "https://www.badips.com/get/list/apache/0?age=12h", | |
| "context": "badips.com listed in apache list with a score threshold of zero", | |
| "last_seen": "2016-03-05 08:28:26", | |
| "refreshed": "2016-03-05 08:28:26" | |
| }, | |
| "anand_sastry_megahoneypotowin": { | |
| "source": "REDACTED_PRIVATE_SOURCE", | |
| "context": [ | |
| { | |
| "protocol": "TCP", | |
| "_id": "563f04d6421aa90ca6314626", | |
| "destination_port": { | |
| "value": "80" | |
| }, | |
| "source_port": { | |
| "value": "41496" | |
| }, | |
| "source_ip": "142.4.213.25", | |
| "honeypot": "snort", | |
| "destination_ip": "172.31.25.202", | |
| "identifier": "13741312-616f-11e5-a655-f23c913bb605", | |
| "timestamp": "2015-11-08T08:16:21.541000" | |
| } | |
| ], | |
| "last_seen": "2015-11-08 08:16:21", | |
| "refreshed": "2015-11-09 00:41:26" | |
| }, | |
| "FI_firewall": { | |
| "source": "https://punchplusplus.miscreantpunchers.net/feeds.php?apikey=REDACTED&feed=iprep.txt", | |
| "context": "IPs blocked by an automated processes at a financial institution for performing unwanted activity", | |
| "last_seen": "2016-03-16 16:56:43 UTC", | |
| "refreshed": "2016-03-16 16:22:21" | |
| }, | |
| "alienvault_reputation": { | |
| "source": "https://reputation.alienvault.com/reputation.generic", | |
| "context": "142.4.213.25 # Scanning Host ,,52.3666992188,4.90000009537", | |
| "last_seen": "2016-04-08 21:44:18", | |
| "refreshed": "2016-04-08 21:44:18" | |
| }, | |
| "bad_ips_ssh": { | |
| "source": "https://www.badips.com/get/list/ssh/0?age=12h", | |
| "context": "badips.com listed in ssh list with a score threshold of zero", | |
| "last_seen": "2016-03-05 12:30:24", | |
| "refreshed": "2016-03-05 12:30:24" | |
| }, | |
| "bad_ips_wordpress": { | |
| "source": "https://www.badips.com/get/list/wordpress/0?age=12h", | |
| "context": "badips.com listed in wordpress list with a score threshold of zero", | |
| "last_seen": "2016-01-29 16:57:11", | |
| "refreshed": "2016-01-29 16:57:11" | |
| }, | |
| "dan_tor": { | |
| "source": "https://www.dan.me.uk/torlist/", | |
| "context": "142.4.213.25 A full tor node list (not more than one hour old) in script-readable format.", | |
| "last_seen": "2016-04-11 04:34:27", | |
| "refreshed": "2016-04-11 04:34:27" | |
| }, | |
| "FI_DDoS": { | |
| "source": "One-Time Load", | |
| "context": "142.4.213.25 IPs observed to have engaged in a brute force attack against a financial institution", | |
| "last_seen": "2015-07-24 00:00:00", | |
| "refreshed": "2015-07-27 11:31:04" | |
| }, | |
| "cleantalk_updated": { | |
| "source": "https://cleantalk.org/blacklists/updated_today", | |
| "context": "142.4.213.25 Website spam activity", | |
| "last_seen": "2016-04-06 20:53:27", | |
| "refreshed": "2016-04-06 20:53:27" | |
| }, | |
| "cleanmx_virus": { | |
| "source": "http://lists.clean-mx.com/pipermail/viruswatch/20160311.txt", | |
| "context": "meow://kr4zy41d5.ddns.net/", | |
| "last_seen": "2016-03-11 16:19:21", | |
| "refreshed": "2016-03-11 16:19:21" | |
| }, | |
| "blocklist-net-ua_hostile_ips": { | |
| "source": "https://blocklist.net.ua/blocklist.csv", | |
| "context": "142.4.213.25;1460231523;1460836324;u041fu0430u0440u0430u0437u0438u0442u043du044bu0439 u0442u0440u0430u0444u0438u043a u043du0430 u0441u0430u0439u0442 popup.waterfilter.in.ua / Parasite traffic on site popup.waterfilter.in.ua The BlockList project was created to become protection against negative influence of the harmful and potentially dangerous events on the Internet. First of all this service will help internet and hosting providers to protect subscribers sites from being hacked. BlockList will help to stop receiving a large amount of spam from dubious SMTP relays or from attempts of brute force passwords to servers and network equipment", | |
| "last_seen": "2016-04-09 16:21:42", | |
| "refreshed": "2016-04-09 16:21:42" | |
| }, | |
| "botscout_lastcaught": { | |
| "source": "http://botscout.com/last_caught_cache.htm", | |
| "context": "142.4.213.25 Automated scripts/bots used for registration, forum spam, and abuse", | |
| "last_seen": "2016-04-07 18:33:57", | |
| "refreshed": "2016-04-07 18:33:57" | |
| }, | |
| "dragonresearch_http_bots": { | |
| "source": "http://dragonresearchgroup.org/insight/http-report.txt", | |
| "context": "16276 | OVH OVH SAS,FR | 142.4.213.0/24 | 2016-02-14 23:43:32 | http IP address that has been seen sending HTTP requests to Dragon Research Pods", | |
| "last_seen": "2016-02-17 04:46:39", | |
| "refreshed": "2016-02-17 04:46:39" | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment