Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Traiana Inc and Nokia. #2

Open
tg12 opened this issue Dec 18, 2020 · 2 comments
Open

Traiana Inc and Nokia. #2

tg12 opened this issue Dec 18, 2020 · 2 comments

Comments

@tg12
Copy link

tg12 commented Dec 18, 2020
edited
Loading

I am curious, about ipv4-addresses.txt, What is that and why are so many of the IP's owned by two companies in particular.

Traiana Inc and Nokia.

https://www.cmegroup.com/services/traiana.html

Does this mean that C&C servers were on these networks or they were compromised, Or ignored? It would be more weird if they are explicitly ignored networks.

More details here.

https://github.com/tg12/badrep_report/blob/master/Solarwinds_SUNBURST_Backdoor_hosts.csv
@bambenek
Copy link
Owner

These are the unique IPs that anything under those domains resolved to. Before March-April of this year they were parking IPs. After that unless there was a cname, they were just where domains beaconed to while they were not actively being interacted with.

@tg12
Copy link
Author

tg12 commented Dec 18, 2020

These are the unique IPs that anything under those domains resolved to. Before March-April of this year they were parking IPs. After that unless there was a cname, they were just where domains beaconed to while they were not actively being interacted with.

So that begs the question, Why so many for Traiana Inc and Nokia.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bambenek @tg12