Malware Domain List

Malware Related => Malicious Domains => Topic started by: Seedler on October 05, 2011, 04:10:01 pm

Title: Google IP, 74.125.47.191, comunidade1000.blogspot.com/feeds/posts/default/
Post by: Seedler on October 05, 2011, 04:10:01 pm
The site comunidade1000.blogspot.com/feeds/posts/default/ appears to be suspended and the IP 74.125.47.191 re-purposed by Google (surfing just to that IP on port 80 returns the Google search page).  The domain comunidade1000.blogspot.com does not resolve to 74.125.47.191 as well.  I propose we remove this entry from the MDL.

Thanks.

Seedler

---

murdock@a-team:/home/murdock/temp# wget comunidade1000.blogspot.com/feeds/posts/default/
--2011-10-05 10:00:00--  http://comunidade1000.blogspot.com/feeds/posts/default/
Resolving comunidade1000.blogspot.com... 74.125.47.132
Connecting to comunidade1000.blogspot.com|74.125.47.132|:80... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: http://produtoalemao.freehostia.com [following]
--2011-10-05 10:00:00--  http://produtoalemao.freehostia.com/
Resolving produtoalemao.freehostia.com... 66.40.52.181
Connecting to produtoalemao.freehostia.com|66.40.52.181|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 999 [text/html]
Saving to: `index.html.4'

100%[===================================================================================================================================================================================================>] 999         --.-K/s   in 0s     

2011-10-05 10:00:01 (94.7 MB/s) - `index.html.4' saved [999/999]

murdock@a-team:/home/murdock/temp# cat index.html.4
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Your website has been suspended!</title>
<link href="styles.css" rel="stylesheet" type="text/css" />
</head>

<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0" style="background:url(images/bg.png) top repeat-x;">
  <tr>
    <td width="331" valign="top"><img src="images/img.png" width="331" height="407" /></td>
    <td valign="top" style="padding-top:44px;">
   <h1>Your website has been suspended!</h1><br />
   <div>The web hosting account that hosts this website has expired!<br /><br />
   If you are the owner of this website, please login to your hosting Control Panel and renew your account. <br /><br />
   If you are a visitor to this website, please access this page later.
  </div></td>
  </tr>
</table>
</body>
</html>
murdock@a-team:/home/murdock/temp# nslookup comunidade1000.blogspot.com
Server:      <internal_DNS>
Address:   <internal_DNS>#53

Non-authoritative answer:
comunidade1000.blogspot.com   canonical name = blogspot.l.google.com.
Name:   blogspot.l.google.com
Address: 74.125.47.132

Title: Re: Google IP, 74.125.47.191, comunidade1000.blogspot.com/feeds/posts/default/
Post by: SysAdMini on October 05, 2011, 05:39:10 pm
Ok, done.

Is there any reason for your request ?

I hope you won't send a message for each inactive url.  ;D