research icon indicating copy to clipboard operation
research copied to clipboard

Published 20 hours ago verified publisher icon bambenek

Traiana Inc and Nokia.

Open tg12 opened this issue 4 years ago • 2 comments

I am curious, about ipv4-addresses.txt, What is that and why are so many of the IP's owned by two companies in particular.

Traiana Inc and Nokia.

https://www.cmegroup.com/services/traiana.html

Does this mean that C&C servers were on these networks or they were compromised, Or ignored? It would be more weird if they are explicitly ignored networks.

More details here.

https://github.com/tg12/badrep_report/blob/master/Solarwinds_SUNBURST_Backdoor_hosts.csv

tg12 avatar Dec 18 '20 19:12 tg12

These are the unique IPs that anything under those domains resolved to. Before March-April of this year they were parking IPs. After that unless there was a cname, they were just where domains beaconed to while they were not actively being interacted with.

bambenek avatar Dec 18 '20 19:12 bambenek

These are the unique IPs that anything under those domains resolved to. Before March-April of this year they were parking IPs. After that unless there was a cname, they were just where domains beaconed to while they were not actively being interacted with.

So that begs the question, Why so many for Traiana Inc and Nokia.

tg12 avatar Dec 18 '20 19:12 tg12