forked from stamparm/maltrail
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapt_coldwastrel.txt
149 lines (127 loc) · 4.28 KB
/
apt_coldwastrel.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission
# Reference: https://citizenlab.ca/2024/08/sophisticated-phishing-targets-russias-perceived-enemies-around-the-globe/
# Reference: https://www.virustotal.com/gui/file/4a9a2c2926b7b8e388984d38cb9e259fb4060cccc2d291c7910be030ae5301a3/detection
protondrive.me
protondrive.online
protondrive.services
service-proton.me
# Reference: https://x.com/MichalKoczwara/status/1823848259686949313
# Reference: https://app.validin.com/detail?find=38.180.18.59&type=ip4&ref_id=3160b1058e5#tab=resolutions
protondrive.cloud
account.protondrive.cloud
# Reference: https://x.com/MichalKoczwara/status/1825616253844861051
# Reference: https://app.validin.com/detail?type=ip&find=38.180.87.136#tab=resolutions
decryptor.me
proton.decryptor.me
# Reference: https://x.com/TLP_R3D/status/1825846559738626438
# Reference: https://www.virustotal.com/gui/ip-address/38.180.86.87/relations
driveproton.me
# Reference: https://www.virustotal.com/gui/ip-address/38.180.86.201/relations
driveshare.me
# Reference: https://www.virustotal.com/gui/ip-address/38.180.18.236/relations
document-decryption.me
proton.document-decryption.me
# Reference: https://x.com/TLP_R3D/status/1828824260778885517
# Reference: https://x.com/felixaime/status/1828811264354897956
# Reference: https://x.com/felixaime/status/1828811266703393232
# Reference: https://www.virustotal.com/gui/ip-address/45.133.195.117/relations
accounts-proton.me
drive-proton.com
filestorage.me
proton-drive.me
proton-verify.me
service-proton.com
services-proton.me
verify-proton.me
account.proton-verify.me
drive.proton-verify.me
# Reference: https://x.com/Cyberteam008/status/1828989730840621365
# Reference: https://en.fofa.info/result?qbase64=aGVhZGVyX2hhc2g9Ii0xNjkyOTY3NzM4IiAmJiBzZXJ2ZXI9PSJuZ2lueC8xLjE4LjAiICYmIGFzbj0iMjA2ODA0Ig%3D%3D
account.protondrive.services
account.service-proton.com
account.services-proton.me
# Reference: https://x.com/Cyberteam008/status/1829352207562481811
# Reference: https://en.fofa.info/result?qbase64=aGVhZGVyX2hhc2g9IjY1ODMyNjkwMSIgJiYgamFybT0iMjdkNDBkNDBkMDAwNDBkMDAwNDJkNDNkMDAwMDAwNGFjMjRlNzdkNzY2NDY4NjdmMGY2YTBjNmQ5YjliYjAiICYmIHNlcnZlcj09Im5naW54LzEuMTguMCIgJiYgaXA9IjM4LjE4MC44Ni44Ny8xNiI%3D
drive.proton.decryptor.me
drive.proton.filestorage.me
proton.driveshare.me
proton.filestorage.me
# Reference: https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/coldwastrel-space.html
account-api.cloudstorageservice.online
account-api.onlinestorageroute.space
account-api.protondrive.online
account.email-pm.me
account.onlinestorageroute.space
account.open-button.com
account.proton-drive.me
account.proton-service.services
account.protondrive.online
account.protondrive.onlinestorageroute.space
account.secure-pm.me
account.service-pm.me
account.service-proton.me
accounts.support-ukr.net
center-facebook.com
civic-synergy.online
cloudstorageservice.online
desktop-facebook.com
drive.link-pm.me
drive.secure-pm.me
drive.service-pm.me
drive.service-proton.me
edisk.support-ukr.net
email-pm.me
email-ukr.net
email.support-ukr.net
en-us.center-facebook.com
en-us.desktop-facebook.com
fb-me.com
fidh.tech
fr-fr.center-facebook.com
h.maiils.com
link-pm.me
livecloudaccount.com
login.livecloudaccount.com
login.security-gm.com
login.support-gm.com
m.h.maiils.com
mail-ukr.net
maiils.com
mail-api.onlinestorageroute.space
mail-api.protondrive.online
mail.civic-synergy.online
mail.fidh.tech
mail.onetimeopportunity.store
mail.onlinestorageroute.space
mail.protondrive.online
mail.support-ukr.net
n.maiils.com
na.maiils.com
old.onlinestorageroute.space
old.protondrive.online
onetimeopportunity.store
online-facebook.com
onlinestorageroute.space
open-button.com
proton-service.services
protondrive.onlinestorageroute.space
reports.onlinestorageroute.space
reports.protondrive.online
ru-ru.center-facebook.com
ru-ru.desktop-facebook.com
secure-pm.me
secure.onlinestorageroute.space
secure.protondrive.online
security-gm.com
service-pm.me
service.link-pm.me
support-gm.com
support-ukr.net
view-menu.site
webmail.civic-synergy.online
# Reference: https://search.censys.io/certificates/d15350021f0ecc2faf863db6c41dbc415b4c85bf17d5d0f94785ea890fda3cc0
shared-urls.me
proton.shared-urls.me
account.proton.shared-urls.me
drive.proton.shared-urls.me