651 lines
16 KiB
JSON
651 lines
16 KiB
JSON
{
|
|
"description": "Event contains one or more entries of known security providers/vendors blog domain with an IDS flag set",
|
|
"list": [
|
|
"0x1338.blogspot.be",
|
|
"2014.hack.lu",
|
|
"2014.zeronights.ru",
|
|
"about-threats.trendmicro.com",
|
|
"access.redhat.com",
|
|
"alienvault-labs-garage.googlecode.com",
|
|
"app.any.run",
|
|
"app.response.ncr.com",
|
|
"app.threatconnect.com",
|
|
"arstechnica.co.uk",
|
|
"arstechnica.com",
|
|
"artemonsecurity.com",
|
|
"asert.arbornetworks.com",
|
|
"assets.documentcloud.org",
|
|
"attack.mitre.org",
|
|
"autofocus.paloaltonetworks.com",
|
|
"aviatrix25.rssing.com",
|
|
"b0n1.blogspot.fr",
|
|
"b161268c3bf5a87bc67309e7c870820f5f39f672.googledrive.com",
|
|
"badcyber.com",
|
|
"baesystemsai.blogspot.com",
|
|
"baesystemsai.blogspot.fr",
|
|
"baesystemsai.blogspot.lu",
|
|
"bartblaze.blogspot.be",
|
|
"bartblaze.blogspot.com",
|
|
"bartblaze.blogspot.lu",
|
|
"benkowlab.blogspot.fr",
|
|
"bgpmon.net",
|
|
"bgpranking.circl.lu",
|
|
"bitninja.io",
|
|
"bizlive.vn",
|
|
"blockchain.info",
|
|
"blog.0day.jp",
|
|
"blog.0x3a.com",
|
|
"blog.9bplus.com",
|
|
"blog.airbuscybersecurity.com",
|
|
"blog.anomali.com",
|
|
"blog.appriver.com",
|
|
"blog.avast.com",
|
|
"blog.barracuda.com",
|
|
"blog.bit9.com",
|
|
"blog.cari.net",
|
|
"blog.cassidiancybersecurity.com",
|
|
"blog.cert.societegenerale.com",
|
|
"blog.checkpoint.com",
|
|
"blog.crowdstrike.com",
|
|
"blog.crysys.hu",
|
|
"blog.cyber4sight.com",
|
|
"blog.cylance.com",
|
|
"blog.deniable.org",
|
|
"blog.didierstevens.com",
|
|
"blog.domaintools.com",
|
|
"blog.dragonthreatlabs.com",
|
|
"blog.dynamoo.com",
|
|
"blog.emsisoft.com",
|
|
"blog.erratasec.com",
|
|
"blog.eset.ie",
|
|
"blog.fireeye.com",
|
|
"blog.fortinet.com",
|
|
"blog.fox-it.com",
|
|
"blog.gdatasoftware.com",
|
|
"blog.idiom.ca",
|
|
"blog.ioactive.com",
|
|
"blog.jpcert.or.jp",
|
|
"blog.kaspersky.com",
|
|
"blog.kleissner.org",
|
|
"blog.knownsec.com",
|
|
"blog.linuxmint.com",
|
|
"blog.lookout.com",
|
|
"blog.macnica.net",
|
|
"blog.malwarebytes.com",
|
|
"blog.malwarebytes.org",
|
|
"blog.malwareclipboard.com",
|
|
"blog.malwaremustdie.org",
|
|
"blog.malwaretracker.com",
|
|
"blog.morphisec.com",
|
|
"blog.mxlab.eu",
|
|
"blog.netlab.360.com",
|
|
"blog.newskysecurity.com",
|
|
"blog.opendns.com",
|
|
"blog.pagefair.com",
|
|
"blog.passivetotal.org",
|
|
"blog.rootshell.be",
|
|
"blog.ropchain.com",
|
|
"blog.safebit.mn",
|
|
"blog.secdo.com",
|
|
"blog.sensecy.com",
|
|
"blog.shadowserver.org",
|
|
"blog.sucuri.net",
|
|
"blog.talosintel.com",
|
|
"blog.talosintelligence.com",
|
|
"blog.team-cymru.org",
|
|
"blog.threatstop.com",
|
|
"blog.trendmicro.com",
|
|
"blog.trendmicro.de",
|
|
"blog.xanda.org",
|
|
"blog.zimperium.com",
|
|
"blogs.bromium.com",
|
|
"blogs.cisco.com",
|
|
"blogs.forcepoint.com",
|
|
"blogs.mcafee.com",
|
|
"blogs.norman.com",
|
|
"blogs.quickheal.com",
|
|
"blogs.rsa.com",
|
|
"blogs.securiteam.com",
|
|
"blogs.sophos.com",
|
|
"blogs.technet.com",
|
|
"blogs.technet.microsoft.com",
|
|
"boomstick.emergingthreats.net",
|
|
"breakingmalware.com",
|
|
"business.kaspersky.com",
|
|
"camas.comodo.com",
|
|
"cdn.securelist.com",
|
|
"cdn2.hubspot.net",
|
|
"censys.io",
|
|
"cert.gov.ua",
|
|
"christophe.rieunier.name",
|
|
"citizenlab.ca",
|
|
"citizenlab.org",
|
|
"code4hk.hackpad.com",
|
|
"comgenjournal.blogspot.be",
|
|
"community.blueliv.com",
|
|
"community.qualys.com",
|
|
"community.rapid7.com",
|
|
"community.riskiq.com",
|
|
"community.rsa.com",
|
|
"community.saas.hpe.com",
|
|
"community.ubnt.com",
|
|
"community.websense.com",
|
|
"contagiodump.blogspot.be",
|
|
"contagiodump.blogspot.com",
|
|
"contagiodump.blogspot.com.es",
|
|
"contagiodump.blogspot.de",
|
|
"contagiodump.blogspot.lu",
|
|
"cryptam.com",
|
|
"cryptome.org",
|
|
"csecybsec.com",
|
|
"cve.circl.lu",
|
|
"cyb3rsleuth.blogspot.be",
|
|
"cyb3rsleuth.blogspot.co.uk",
|
|
"cyber-peace.org",
|
|
"cyber.wtf",
|
|
"cybersecurity.att.com",
|
|
"cyberx-labs.com",
|
|
"cymon.io",
|
|
"cys-centrum.com",
|
|
"cysinfo.com",
|
|
"ddanchev.blogspot.com",
|
|
"ddecode.com",
|
|
"ddos.arbornetworks.com",
|
|
"dea.gov.ge",
|
|
"detux.org",
|
|
"devcentral.f5.com",
|
|
"didierstevens.com",
|
|
"digital-forensics.sans.org",
|
|
"digitasecurity.com",
|
|
"dirtycow.ninja",
|
|
"dns.robtex.com",
|
|
"dnsdb.isc.org",
|
|
"doc.emergingthreats.net",
|
|
"documents.trendmicro.com",
|
|
"download.bitdefender.com",
|
|
"download.microsoft.com",
|
|
"download01.norman.no",
|
|
"dragos.com",
|
|
"drops.wooyun.org",
|
|
"e.gov.vn",
|
|
"easyviruskilling.com",
|
|
"edu.arabsgate.com",
|
|
"en.community.dell.com",
|
|
"en.wikipedia.org",
|
|
"enigma0x3.net",
|
|
"enterprise.norman.com",
|
|
"eromang.zataz.com",
|
|
"eternal-todo.com",
|
|
"events.ccc.de",
|
|
"exchange.xforce.ibmcloud.com",
|
|
"extraexploit.blogspot.com",
|
|
"f5.com",
|
|
"fe-ddis.dk",
|
|
"feodotracker.abuse.ch",
|
|
"file.gdatasoftware.com",
|
|
"firstlook.org",
|
|
"forum.computerbetrug.de",
|
|
"forum.nginx.org",
|
|
"forums.malwarebytes.com",
|
|
"foxglovesecurity.com",
|
|
"freebeacon.com",
|
|
"garwarner.blogspot.lu",
|
|
"ghostbin.com",
|
|
"gist.github.com",
|
|
"gist.githubusercontent.com",
|
|
"github.com",
|
|
"gizmodo.com",
|
|
"go.recordedfuture.com",
|
|
"groups.google.com",
|
|
"gtrack.h3x.eu",
|
|
"hazmalware.wordpress.com",
|
|
"heimdalsecurity.com",
|
|
"helpx.adobe.com",
|
|
"henrybasset.blogspot.be",
|
|
"holisticinfosec.org",
|
|
"home.mcafee.com",
|
|
"hybrid-analysis.com",
|
|
"ics-cert.kaspersky.com",
|
|
"ics-cert.us-cert.gov",
|
|
"ics.sans.org",
|
|
"info.baesystemsdetica.com",
|
|
"info.isightpartners.com",
|
|
"info.lookout.com",
|
|
"info.phishlabs.com",
|
|
"info.publicintelligence.net",
|
|
"infoarmor.com",
|
|
"informationonsecurity.blogspot.be",
|
|
"infotomb.com",
|
|
"insider.domaintools.com",
|
|
"intelcrawler.com",
|
|
"ioc.forensicartifacts.com",
|
|
"iocbucket.com",
|
|
"iranthreats.github.i",
|
|
"iranthreats.github.io",
|
|
"isc.sans.edu",
|
|
"itsicherheitsblog.de",
|
|
"joedd.joesecurity.org",
|
|
"joesecurity.org",
|
|
"journeyintoir.blogspot.de",
|
|
"kas.pr",
|
|
"kasperskycontenthub.com",
|
|
"kc.mcafee.com",
|
|
"kernelmode.info",
|
|
"krebsonsecurity.com",
|
|
"kyuutaro.wordpress.com",
|
|
"kz-cert.kz",
|
|
"la.trendmicro.com",
|
|
"lab.anchiva.com",
|
|
"labs.alienvault.com",
|
|
"labs.bitdefender.com",
|
|
"labs.lastline.com",
|
|
"labs.m86security.com",
|
|
"labs.opendns.com",
|
|
"labs.snort.org",
|
|
"labs.sucuri.net",
|
|
"labs.umbrella.com",
|
|
"labsblog.f-secure.com",
|
|
"lavasoft.com",
|
|
"lists.clean-mx.com",
|
|
"live.paloaltonetworks.com",
|
|
"lockboxx.blogspot.com.es",
|
|
"luminosity.link",
|
|
"malware-research.org",
|
|
"malware-traffic-analysis.net",
|
|
"malware.dontneedcoffee.com",
|
|
"malware.prevenity.com",
|
|
"malware.sekoia.fr",
|
|
"malwarebreakdown.com",
|
|
"malwareconfig.com",
|
|
"malwaredb.malekal.com",
|
|
"malwarefor.me",
|
|
"malwarejake.blogspot.fr",
|
|
"malwarelab.zendesk.com",
|
|
"malwr.com",
|
|
"malwrpost.wordpress.com",
|
|
"marcmaiffret.com",
|
|
"marcoramilli.blogspot.dk",
|
|
"marcoramilli.blogspot.it",
|
|
"marcoramilli.blogspot.nl",
|
|
"medium.com",
|
|
"middleeastmalware.blogspot.com",
|
|
"missatsamtal.se",
|
|
"mjolnirsecurity.com",
|
|
"mlwre.github.io",
|
|
"mobile.reuters.com",
|
|
"mobile.twitter.com",
|
|
"money.cnn.com",
|
|
"morphians.wordpress.com",
|
|
"morphick.net",
|
|
"morris.guru",
|
|
"motherboard.vice.com",
|
|
"my.opera.com",
|
|
"myonlinesecurity.co.uk",
|
|
"nakedsecurity.sophos.com",
|
|
"netzpolitik.org",
|
|
"news.drweb.com",
|
|
"news.netcraft.com",
|
|
"newsroom.trendmicro.com",
|
|
"niebezpiecznik.pl",
|
|
"normanshark.com",
|
|
"noticeofpleadings.com",
|
|
"novetta.com",
|
|
"now.avg.com",
|
|
"nvd.nist.gov",
|
|
"nyxbone.com",
|
|
"objective-see.com",
|
|
"ocelot.li",
|
|
"ossectools.blogspot.be",
|
|
"otx.alienvault.com",
|
|
"pages.arbornetworks.com",
|
|
"paloaltonetworks.com",
|
|
"panacea.threatgrid.com",
|
|
"paper.seebug.org",
|
|
"passivedns.mnemonic.no",
|
|
"passivetotal.org",
|
|
"pastebin.lu",
|
|
"permalink.gmane.org",
|
|
"persaxac.blogspot.be",
|
|
"phishing-mails.blogspot.de",
|
|
"phishme.com",
|
|
"podcasts.mcafee.com",
|
|
"portal.sec.ibm.com",
|
|
"productforums.google.com",
|
|
"proofpoint.com",
|
|
"public.gdatasoftware.com",
|
|
"publicintelligence.net",
|
|
"puluka.com",
|
|
"pwc.blogs.com",
|
|
"pytosquatting.org",
|
|
"r.virscan.org",
|
|
"raw.github.com",
|
|
"raw.githubusercontent.com",
|
|
"reaqta.com",
|
|
"recon.cx",
|
|
"rednaga.io",
|
|
"remchp.com",
|
|
"reqrypt.org",
|
|
"research.riskiq.net",
|
|
"research.zscaler.com",
|
|
"researchcenter.paloaltonetworks.com",
|
|
"resources.infosecinstitute.com",
|
|
"resources.netskope.com",
|
|
"resources.sei.cmu.edu",
|
|
"reverse.put.as",
|
|
"reversewhois.domaintools.com",
|
|
"s3-eu-west-1.amazonaws.com",
|
|
"s3-us-west-2.amazonaws.com",
|
|
"sandbox.deepviz.com",
|
|
"sec.sexy",
|
|
"seclists.org",
|
|
"securelist.com",
|
|
"securelist.ru",
|
|
"securingtomorrow.mcafee.com",
|
|
"security-is-just-an-illusion.blogspot.nl",
|
|
"security.googleblog.com",
|
|
"security.web.cern.ch",
|
|
"securityaffairs.co",
|
|
"securityblog.s21sec.com",
|
|
"securityblog.switch.ch",
|
|
"securitydaily.org",
|
|
"securityfactory.tistory.com",
|
|
"securityintelligence.com",
|
|
"securityledger.com",
|
|
"securitymadein.lu",
|
|
"sensorstechforum.com",
|
|
"sentinelone.com",
|
|
"serveradmin.ru",
|
|
"sf.riskiq.net",
|
|
"shoplift.byte.nl",
|
|
"sitecheck.sucuri.net",
|
|
"sites.google.com",
|
|
"sjc1-te-ftp.trendmicro.com",
|
|
"soc.tdc.dk",
|
|
"sophosnews.files.wordpress.com",
|
|
"sslbl.abuse.ch",
|
|
"stackoverflow.com",
|
|
"stopmalvertising.com",
|
|
"sub0day.com",
|
|
"support.microsoft.com",
|
|
"sync.me",
|
|
"t.co",
|
|
"takahiroharuyama.github.io",
|
|
"talosintel.com",
|
|
"targetedthreats.net",
|
|
"techanarchy.net",
|
|
"techcrunch.com",
|
|
"techhelplist.com",
|
|
"technet.microsoft.com",
|
|
"telussecuritylabs.com",
|
|
"thehackernews.com",
|
|
"theintercept.com",
|
|
"thisissecurity.net",
|
|
"threatbook.cn",
|
|
"threatconnect.com",
|
|
"threatgeek.typepad.com",
|
|
"threatintel.proofpoint.com",
|
|
"threatpost.com",
|
|
"tif.mcafee.com",
|
|
"tools.cisco.com",
|
|
"totalhash.com",
|
|
"twitter.com",
|
|
"ubuntuforums.org",
|
|
"urlquery.net",
|
|
"urlscan.io",
|
|
"usa.kaspersky.com",
|
|
"v2ex.com",
|
|
"vb.vip600.com",
|
|
"virusguides.com",
|
|
"virusradar.com",
|
|
"virustotal.com",
|
|
"vms.drweb.com",
|
|
"vms.drweb.ru",
|
|
"vrt-blog.snort.org",
|
|
"web.archive.org",
|
|
"webcache.googleusercontent.com",
|
|
"wepawet.iseclab.org",
|
|
"whoisology.com",
|
|
"wiki.egi.eu",
|
|
"williamshowalter.com",
|
|
"www.419scam.org",
|
|
"www.4armed.com",
|
|
"www.abuse.ch",
|
|
"www.ad.nl",
|
|
"www.agi.it",
|
|
"www.alienvault.com",
|
|
"www.antiy.net",
|
|
"www.aptgroups.com",
|
|
"www.aqniu.com",
|
|
"www.arbornetworks.com",
|
|
"www.baesystems.com",
|
|
"www.bangkokpost.com",
|
|
"www.bbc.co.uk",
|
|
"www.bellingcat.com",
|
|
"www.blackhat.com",
|
|
"www.blacknurse.dk",
|
|
"www.bleepingcomputer.com",
|
|
"www.bloomberg.com",
|
|
"www.bluecoat.com",
|
|
"www.blueliv.com",
|
|
"www.broadanalysis.com",
|
|
"www.bsk-consulting.de",
|
|
"www.ca.com",
|
|
"www.carbonblack.com",
|
|
"www.cert.pl",
|
|
"www.cert.ssi.gouv.fr",
|
|
"www.certego.net",
|
|
"www.checkpoint.com",
|
|
"www.circl.lu",
|
|
"www.clearskysec.com",
|
|
"www.cloudsek.com",
|
|
"www.cmcm.com",
|
|
"www.cobaltstrike.com",
|
|
"www.codeandsec.com",
|
|
"www.commandfive.com",
|
|
"www.coresecurity.com",
|
|
"www.crowdstrike.com",
|
|
"www.crysys.hu",
|
|
"www.csis.dk",
|
|
"www.csoonline.com",
|
|
"www.cve.mitre.org",
|
|
"www.cybereason.com",
|
|
"www.cyberengineeringservices.com",
|
|
"www.cyberesi.com",
|
|
"www.cybermerchantsofdeath.com",
|
|
"www.cyberoam.com",
|
|
"www.cyberscoop.com",
|
|
"www.cybersixgill.com",
|
|
"www.cybersquared.com",
|
|
"www.cyintanalysis.com",
|
|
"www.cylance.com",
|
|
"www.cymmetria.com",
|
|
"www.cyphort.com",
|
|
"www.damballa.com",
|
|
"www.daniweb.com",
|
|
"www.darkreading.com",
|
|
"www.deependresearch.org",
|
|
"www.defcon.org",
|
|
"www.devttys0.com",
|
|
"www.dfn-cert.de",
|
|
"www.digitalbond.com",
|
|
"www.digitalshadows.com",
|
|
"www.drchaos.com",
|
|
"www.dropbox.com",
|
|
"www.dshield.org",
|
|
"www.eff.org",
|
|
"www.eldo.lu",
|
|
"www.emc.com",
|
|
"www.endgame.com",
|
|
"www.ewon.be",
|
|
"www.exploit-db.com",
|
|
"www.f-secure.com",
|
|
"www.facebook.com",
|
|
"www.fidelissecurity.com",
|
|
"www.fireeye.com",
|
|
"www.flashpoint-intel.com",
|
|
"www.fortinet.com",
|
|
"www.fox-it.com",
|
|
"www.gdata.fr",
|
|
"www.gdatasoftware.com",
|
|
"www.govcert.admin.ch",
|
|
"www.group-ib.com",
|
|
"www.guardicore.com",
|
|
"www.hauri.co.kr",
|
|
"www.heise.de",
|
|
"www.helpnetsecurity.com",
|
|
"www.hotforsecurity.com",
|
|
"www.hybrid-analysis.com",
|
|
"www.ibpt.be",
|
|
"www.icebrg.io",
|
|
"www.ilspy.net",
|
|
"www.infosecdailynews.com",
|
|
"www.infosecurity-magazine.com",
|
|
"www.intego.com",
|
|
"www.intezer.com",
|
|
"www.invincea.com",
|
|
"www.isightpartners.com",
|
|
"www.itnews.com.au",
|
|
"www.joesandbox.com",
|
|
"www.kahusecurity.com",
|
|
"www.kam.lt",
|
|
"www.kaspersky.com",
|
|
"www.kernelmode.info",
|
|
"www.kpmg.com",
|
|
"www.krcert.or.kr",
|
|
"www.kudelskisecurity.com",
|
|
"www.lac.co.jp",
|
|
"www.lacoon.com",
|
|
"www.lancope.com",
|
|
"www.lexsi.com",
|
|
"www.link11.de",
|
|
"www.listaspam.com",
|
|
"www.liveleak.com",
|
|
"www.macrumors.com",
|
|
"www.macworld.com",
|
|
"www.malware-reversing.com",
|
|
"www.malware-traffic-analysis.net",
|
|
"www.malware.lu",
|
|
"www.malware.unam.mx",
|
|
"www.malwaredigger.com",
|
|
"www.malwaretech.com",
|
|
"www.malwaretracker.com",
|
|
"www.mandiant.com",
|
|
"www.marc.info",
|
|
"www.mcafee.com",
|
|
"www.mediafire.com",
|
|
"www.melani.admin.ch",
|
|
"www.microsoft.com",
|
|
"www.mysonicwall.com",
|
|
"www.nbu.gov.sk",
|
|
"www.nccgroup.com",
|
|
"www.ncsc.gov.uk",
|
|
"www.netresec.com",
|
|
"www.netsarang.com",
|
|
"www.netskope.com",
|
|
"www.norse-corp.com",
|
|
"www.noticeofpleadings.com",
|
|
"www.novetta.com",
|
|
"www.nsslabs.com",
|
|
"www.nttsecurity.com",
|
|
"www.nytimes.com",
|
|
"www.nyxbone.com",
|
|
"www.operationblockbuster.com",
|
|
"www.oracle.com",
|
|
"www.packetmail.net",
|
|
"www.paloaltonetworks.com",
|
|
"www.pandasecurity.com",
|
|
"www.passivetotal.org",
|
|
"www.pcmag.com",
|
|
"www.phishtank.com",
|
|
"www.polizei-praevention.de",
|
|
"www.prensa.com",
|
|
"www.prnewswire.com",
|
|
"www.proofpoint.com",
|
|
"www.pwc.co.uk",
|
|
"www.rackspace.com",
|
|
"www.recordedfuture.com",
|
|
"www.reddit.com",
|
|
"www.reuters.com",
|
|
"www.reverse.it",
|
|
"www.reversinglabs.com",
|
|
"www.riskiq.com",
|
|
"www.robtex.com",
|
|
"www.rooksecurity.com",
|
|
"www.root9b.com",
|
|
"www.rsa.com",
|
|
"www.rsaconference.com",
|
|
"www.rtl.lu",
|
|
"www.scam.cz",
|
|
"www.scmagazine.com",
|
|
"www.seculert.com",
|
|
"www.securelist.com",
|
|
"www.securemac.com",
|
|
"www.secureworks.com",
|
|
"www.securityartwork.es",
|
|
"www.securityweek.com",
|
|
"www.sekoia.fr",
|
|
"www.sentinelone.com",
|
|
"www.serkey.com",
|
|
"www.shodanhq.com",
|
|
"www.skycure.com",
|
|
"www.slideshare.net",
|
|
"www.sophos.com",
|
|
"www.spiegel.de",
|
|
"www.symantec.com",
|
|
"www.talosintel.com",
|
|
"www.technologyreview.com",
|
|
"www.theregister.co.uk",
|
|
"www.thesafemac.com",
|
|
"www.threatconnect.com",
|
|
"www.threatexpert.com",
|
|
"www.threatgeek.com",
|
|
"www.threatminer.org",
|
|
"www.threatstop.com",
|
|
"www.threatstream.com",
|
|
"www.threattracksecurity.com",
|
|
"www.tigersecurity.pro",
|
|
"www.trendmicro.com",
|
|
"www.trustwave.com",
|
|
"www.us-cert.gov",
|
|
"www.verfassungsschutz.de",
|
|
"www.virusbtn.com",
|
|
"www.virusbulletin.com",
|
|
"www.virusradar.com",
|
|
"www.virustotal.com",
|
|
"www.vkremez.com",
|
|
"www.volexity.com",
|
|
"www.votiro.com",
|
|
"www.vxsecurity.sg",
|
|
"www.washingtontimes.com",
|
|
"www.welivesecurity.com",
|
|
"www.whoismind.com",
|
|
"www.windowscentral.com",
|
|
"www.wipo.int",
|
|
"www.wired.com",
|
|
"www.wirtschaftsschutz.info",
|
|
"www.wordfence.com",
|
|
"www.xylibox.com",
|
|
"www.youtube.com",
|
|
"www.zdnet.com",
|
|
"www.zscaler.com",
|
|
"www2.fireeye.com",
|
|
"yararules.com",
|
|
"zairon.wordpress.com",
|
|
"zaufanatrzeciastrona.pl",
|
|
"zerophagemalware.com",
|
|
"zeustracker.abuse.ch",
|
|
"zulu.zscaler.com"
|
|
],
|
|
"matching_attributes": [
|
|
"domain",
|
|
"domain|ip",
|
|
"hostname",
|
|
"url",
|
|
"uri",
|
|
"link"
|
|
],
|
|
"name": "List of known security providers/vendors blog domain",
|
|
"type": "hostname",
|
|
"version": 4
|
|
}
|