ioc[.]one - OSINT Cyber Threat Intelligence Database

https://twi tter.com/I ntrinsec https://fr.li nkedin.co m/compa ny/intrinse https://ww w.intrinsec .com/blog

Show in Graph

Common Information

Type	Value
UUID	689ca904-8337-477c-a64c-01fa5425b310
Fingerprint	e630a64d1cb4ced3826e064f79f2be9119b8e6c17b0c40b189e7ef44ee5eea44
Analysis status	DONE
Considered CTI value	1
Text language
Published	None
Added to db	Nov. 29, 2024, 5:11 p.m.
Last updated	Nov. 29, 2024, 5:16 p.m.
Headline	https://twi tter.com/I ntrinsec https://fr.li nkedin.co m/compa ny/intrinse https://ww w.intrinsec .com/blog
Title	https://twi tter.com/I ntrinsec https://fr.li nkedin.co m/compa ny/intrinse https://ww w.intrinsec .com/blog
Detected Hints/Tags/Attributes	155/3/224

Source URLs

	Redirection	Url
Details	Source	https://www.intrinsec.com/wp-content/uploads/2024/11/TLP-CLEAR-PROSPERO-Proton66-Uncovering-the-links-between-bulletproof-networks.pdf

URL Provider

Details	Provider	Source level domain
Details	intrinsec.com	www.intrinsec.com

Attributes

Details	Type	#Events	Value
Details	Autonomous System Number	4	AS200593
Details	Autonomous System Number	5	AS198953
Details	Autonomous System Number	1	AS207566
Details	Autonomous System Number	4	AS49943
Details	Autonomous System Number	2	AS3216
Details	Autonomous System Number	2	AS9002
Details	Autonomous System Number	1	AS35000
Details	Autonomous System Number	2	AS210558
Details	Domain	2	tter.com
Details	Domain	1	fr.li
Details	Domain	1	nkedin.co
Details	Domain	1	billing.hostway.ru
Details	Domain	1	www.rusprofile.ru
Details	Domain	1	rentaserv.ru
Details	Domain	1	hostway.ru
Details	Domain	121	yandex.ru
Details	Domain	1	itreshenia.ru
Details	Domain	1	www.hostway.ru
Details	Domain	13	bgp.he.net
Details	Domain	3	bgpranking.circl.lu
Details	Domain	1	cyberpol.net
Details	Domain	1	temporary.fail
Details	Domain	1	setting.cc
Details	Domain	1	na1.net
Details	Domain	1	gootloader.wordpress.com
Details	Domain	77	thedfirreport.com
Details	Domain	515	www.cisa.gov
Details	Domain	2	crome-update-gr.com
Details	Domain	2	avastpx.com
Details	Domain	2	avastpy.com
Details	Domain	1	avastuo.com
Details	Domain	2	avastxo.com
Details	Domain	2	avastop.com
Details	Domain	1	avastme.com
Details	Domain	3	avastsf.com
Details	Domain	3	avastcsw.com
Details	Domain	1	avastxp.com
Details	Domain	1	updatemyacc.com
Details	Domain	1	avastpm.com
Details	Domain	1	avastpn.com
Details	Domain	1	avastax.com
Details	Domain	1	avastcsm.com
Details	Domain	3	avastga.com
Details	Domain	2	avastcv.com
Details	Domain	3	avastsgp.com
Details	Domain	3	avastpst.com
Details	Domain	2	avastnw.com
Details	Domain	3	avastsp.com
Details	Domain	2	avastvx.com
Details	Domain	69	www.cert.ssi.gouv.fr
Details	Domain	2	marvin-occentus.net
Details	Domain	1	www-wpx.net
Details	Domain	2	pluralism.themancav.com
Details	Domain	1	info.spamhaus.com
Details	Domain	64	cloud.google.com
Details	Domain	26	www.intrinsec.com
Details	Domain	1	letmespellmoons.com
Details	Domain	1	doggygangers.com
Details	Domain	34	www.esentire.com
Details	Domain	1	gr.com
Details	Domain	1	mine-495834.xyz
Details	Domain	1	mine-495834.net
Details	Domain	74	symantec-enterprise-blogs.security.com
Details	Domain	419	securelist.com
Details	Domain	256	www.bleepingcomputer.com
Details	Domain	62	blog.sekoia.io
Details	Domain	2	check.spamhaus.org
Details	Domain	1	crypto-qs.com
Details	Domain	1	ledger-hardware-services.com
Details	Domain	1	ledger-service-hardware.com
Details	Domain	1	ledger-portal.com
Details	Domain	1	app-blastl2.com
Details	Domain	2	873911-coinbase.com
Details	Domain	2	29395341-coinbase.com
Details	Domain	2	path-coinbase.com
Details	Domain	2	trust-wallet-service.com
Details	Domain	1	trstwalsecu.com
Details	Domain	1	bestaetigungsverfahren.com
Details	Domain	1	mygovau-service.com
Details	Domain	1	notice-ausreport.com
Details	Domain	1	notice-reportaus.com
Details	Domain	2	redir.com
Details	Domain	1	ausenergyrebate.com
Details	Domain	1	energy-relief-fund.com
Details	Domain	2	ayrebzignar.com
Details	Domain	2	sms-mougin.com
Details	Domain	1	www.energy.vic.gov.au
Details	Domain	1	mougin.com
Details	Domain	1	notice-servicesaus.com
Details	Domain	1	mygovaus-inbox.com
Details	Domain	1	mygov-inboxaus.com
Details	Domain	1	mygov-security.com
Details	Domain	1	notif-bnp.com
Details	Domain	1	8-bnpparibas.com
Details	Domain	1	api-confirmer-bnp.com
Details	Domain	1	confirmer-bnp.com
Details	Domain	1	clien-bnp.com
Details	Domain	1	macledigital-bnp.com
Details	Domain	1	alerte-bnp.com
Details	Domain	1	cledigitales-bnp.com
Details	Domain	1	api.alerte-bnp.com
Details	Domain	1	validation-bnp.com
Details	Domain	1	louvrebanqueprivee-moncompte.com
Details	Domain	2	cert.orange.pl
Details	Domain	1	louvrebanqueprivee-monespace.com
Details	Domain	1	swedbank-help.com
Details	Domain	1	scotiabank-auth.com
Details	Domain	1	scotiaonline-loginscotia.com
Details	Domain	2	snb-olbanking.com
Details	Domain	1	ativar-conta.com
Details	Domain	1	portal-dasfinancas.com
Details	Domain	1	santanderhelppage.com
Details	Domain	1	web-manage-help-secure-support.com
Details	Domain	1	hsbcsecure-mexico.com
Details	Domain	1	cba-support-team.com
Details	Domain	1	device-authorisation.com
Details	Domain	1	borgerindberetning.com
Details	Domain	269	blog.talosintelligence.com
Details	Domain	1	cleanenergycommercial.com
Details	Domain	1	islanderalumni.org
Details	Domain	1	newwesttruck.ca
Details	Domain	1	khirallahboston.com
Details	Domain	1	acist.com
Details	Domain	1	medm.ca
Details	Domain	1	coveragecollege.com
Details	Domain	1	subrogationstrategist.com
Details	Domain	1	hirevalueinc.com
Details	Domain	1	ivgea.org
Details	Domain	1	saratogacasino.com
Details	Domain	1	mdlgroup.com
Details	Domain	2	avast-antivirus.com
Details	Domain	2	tsb-live-chat.com
Details	Domain	2	allphaa-gr.com
Details	Domain	1	account.bitpanda-bestaetigungsverfahren.com
Details	Domain	110	web.archive.org
Details	Domain	1	oliverhough.io
Details	Domain	19	www.hyas.com
Details	Domain	3	www.lemagit.fr
Details	Domain	15	www.silentpush.com
Details	Domain	466	medium.com
Details	Domain	60	www.csoonline.com
Details	Email	1	itresh7811764289@yandex.ru
Details	Email	1	abuse@hostway.ru
Details	Email	1	dl@hostway.ru
Details	File	1	der%20-%20foreign%20intelligence%20service.pdf
Details	File	2	ready.apk
Details	File	1	anydesk.dmg
Details	File	4	avastavv.apk
Details	File	157	www.cer
Details	File	7	stat.js
Details	File	3	core.js
Details	File	1	jan-jun%202024%20botnet%20threat%20update.pdf
Details	File	1	cybercrime-infrastructure-discovery-1.pdf
Details	File	1	oad_file_name.php
Details	File	1	myalpha.apk
Details	File	3	orange.pl
Details	File	1	jun%202024%20botnet%20threat%20update.pdf
Details	File	264	www.cs
Details	File	1	healthcare.html
Details	File	1	emulation-and-cybercrime-infrastructure-discovery-1.pdf
Details	IPv4	2	5.42.199.0
Details	IPv4	2	194.32.236.0
Details	IPv4	2	213.226.123.0
Details	IPv4	1	45.140.17.3
Details	IPv4	1	45.134.26.63
Details	IPv4	1	91.215.85.21
Details	IPv4	1	91.215.85.111
Details	IPv4	1	45.135.232.53
Details	IPv4	2	91.215.85.143
Details	IPv4	3	45.94.31.96
Details	IPv4	1	45.141.58.120
Details	IPv4	2	193.143.1.14
Details	IPv4	1	193.143.1.99
Details	IPv4	3	91.215.85.79
Details	IPv4	1	91.215.85.16
Details	IPv4	1	193.143.1.86
Details	IPv4	2	91.212.166.21
Details	IPv4	1	91.202.233.138
Details	IPv4	1	91.202.233.0
Details	IPv4	3	91.215.85.183
Details	IPv4	2	91.215.85.0
Details	IPv4	2	193.143.1.0
Details	IPv4	2	45.134.26.0
Details	IPv4	2	45.135.232.0
Details	IPv4	2	45.140.17.0
Details	IPv4	2	91.212.166.0
Details	IPv4	1	185.7.214.0
Details	IPv4	1	92.255.57.0
Details	IPv4	1	92.255.85.0
Details	Mandiant Uncategorized Groups	26	UNC2165
Details	Url	1	https://fr.li
Details	Url	1	https://www.rusprofile.ru/id/11936277
Details	Url	1	http://itreshenia.ru
Details	Url	1	http://www.hostway.ru
Details	Url	1	https://bgp.he.net/irr/as-set/as-set-hostway
Details	Url	1	https://bgpranking.circl.lu
Details	Url	5	https://bgp.he.net
Details	Url	1	https://bgp.he.net/exchange/piter-ix%20st.%20petersburg
Details	Url	1	https://5556002.fs1.hubspotusercontent
Details	Url	1	https://gootloader.wordpress.com/2024/09/05/gootloader-c2-sails-to-new-hoster-and-new-url
Details	Url	1	https://thedfirreport.com/2024/02/26/seo-poisoning-to-domain-control-the-gootloader-saga-continues
Details	Url	5	https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-061a
Details	Url	1	https://www.cert.ssi.gouv.fr/alerte/certfr-2024-ale-003
Details	Url	1	https://info.spamhaus.com/hubfs/botnet%20reports/jan-jun%202024%20botnet%20threat%20update.pdf
Details	Url	1	https://cloud.google.com/blog/topics/threat-intelligence/unc2165-shifts-to-evade-sanctions?hl=en
Details	Url	1	https://www.intrinsec.com/wp-content/uploads/2024/04/tlp-clear-matanbuchus-co-code-emulation-and-
Details	Url	2	https://www.esentire.com/blog/fakebat-malware-distributing-via-fake-browser-updates
Details	Url	1	https://symantec-enterprise-blogs.security.com/threat-intelligence/buhti-ransomware
Details	Url	1	https://securelist.com/mallox-ransomware/113529
Details	Url	1	https://www.bleepingcomputer.com/news/security/ursnif-malware-switches-from-bank-account-theft-to-
Details	Url	1	https://blog.sekoia.io/pikabot-a-guide-to-its-deep-secrets-and-operations
Details	Url	1	https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion
Details	Url	1	https://check.spamhaus.org/results/?query=sbl631395
Details	Url	1	https://www.energy.vic.gov.au/households/help-paying-your-energy-bills/energy-bill-relief-fund
Details	Url	1	https://cert.orange.pl/ostrzezenia/oszusci-udaja-revolut
Details	Url	1	https://blog.talosintelligence.com/privateer-groups
Details	Url	1	https://web.archive.org/web/20231018093233/https://oliverhough.io/prospernot-prospero-as-the-
Details	Url	1	https://www.hyas.com/blog/hyas-insight-uncovers-and-mitigates-a-russian-based-cyberattack
Details	Url	1	https://www.lemagit.fr/actualites/252496421/ces-mysterieuses-entreprises-qui-se-font-attribuer-
Details	Url	1	https://www.silentpush.com/blog/anydesk
Details	Url	273	https://medium.com
Details	Url	1	https://info.spamhaus.com/hubfs/botnet%20reports/jan-
Details	Url	1	https://www.csoonline.com/article/3531730/microsoft-warns-of-ransomware-attacks-on-us-
Details	Url	1	https://www.intrinsec.com/wp-content/uploads/2024/04/tlp-clear-matanbuchus-co-code-