Author Topic: Malicious URLs on port 8080  (Read 20114 times)

0 Members and 1 Guest are viewing this topic.

September 11, 2009, 04:32:50 pm
Reply #15

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
I can export this from my db

others:
Code: [Select]
aaki1963mmiho.mine.nu
abchkhekhem.homelinux.com
afrose.serveirc.com
bartaa.servequake.com
brahimabaloun.serveftp.com
buxnovator.homelinux.com
cn4.office-on-the.net
dbubenin.servehalflife.com
declercqg.serveblog.net
dgonzales.servecounterstrike.com
direccion.myftp.biz
famillegouny.hopto.org
grand277.dyndns.org
imitr.no-ip.biz
iskahakim.kicks-ass.net
joana.servebeer.com
lconsolati.hobby-site.org
legionsv.serveirc.com
lemer.servemp3.com
macrom.servepics.com
matthijsvanoers.servehttp.com
mihailovametiz.servehalflife.com
mllopezsa.myftp.org
natalek.serveftp.com
nidhi.no-ip.info
olevisman.redirectme.net
p21f1405.zapto.org
pedrodelreal.merseine.nu
piotrlysiak.homeunix.net
rpini.hopto.org
shsv85.servebeer.com
sloott2003.blogdns.org
srachek.servegame.com
stadchenko3.homeip.net
svainoras.dnsdojo.com
swat2455.no-ip.org

http://www.bfk.de/bfk_dnslogger.html?query=91.121.95.136
http://www.bfk.de/bfk_dnslogger.html?query=91.121.89.185
http://www.bfk.de/bfk_dnslogger.html?query=85.17.237.5

September 11, 2009, 04:37:44 pm
Reply #16

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Only 20 with *dyndns*

Code: [Select]
aalkhateeb.go.dyndns.org
aalkhayari.dyndns.info
aarab51.go.dyndns.org
abdessamadk.dyndns.info
abeldsg.dyndns.info
av237737.go.dyndns.org
bshaar.dyndns.biz
galochka84.dyndns.org
gavriw.home.dyndns.org
grand277.dyndns.org
huevosgiralda.home.dyndns.org
jaycee11.dyndns.biz
kburmenko.go.dyndns.org
llyublinskaya.go.dyndns.org
maxisfk.home.dyndns.org
meguw7.dyndns.info
oouu.dyndns.biz
ruzzapendola4.dyndns.biz
tomant.dyndns.info
vetsnabservice.dyndns.org

September 11, 2009, 04:40:21 pm
Reply #17

cleanmx

  • Special Members
  • Hero Member

  • Offline
  • *

  • 3405
    • Spam-Filter Anti-Spam Virenschutz - CLEAN MX Managed Anti-Spam Service ist die Lösung für Ihr Spam-Problem

September 11, 2009, 04:56:30 pm
Reply #18

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Can someone assemble a list of all dyndns.com domains ?

dyndns domains or domains attached to the dyndns name servers?

September 11, 2009, 05:19:33 pm
Reply #19

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
here's the list of online domains attached to the dyndns servers

NS are:
ns.dyndns.org - 204.13.248.75
ns2.dyndns.org - 204.13.249.75
ns3.dyndns.org - 208.78.69.75
ns4.dyndns.org - 91.198.22.75
ns5.dyndns.org - 203.62.195.75

September 11, 2009, 05:27:28 pm
Reply #20

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Can someone assemble a list of all dyndns.com domains ?

dyndns domains or domains attached to the dyndns name servers?

Got this message at Twitter:

Quote
chriswidner @_MDL_ Anytime you run across DynDNS.com hostnames being used, please email us and let us know [abuse(at)dyndns.com]
Ruining the bad guy's day

September 11, 2009, 05:50:49 pm
Reply #21

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Code: [Select]
ravag.home.dyndns.org:8080/ts/in.cgi?open3
maxisfk.home.dyndns.org:8080/ts/in.cgi?open3
lucianoder.go.dyndns.org:8080/ts/in.cgi?open3
andrewspeers869.selfip.info:8080/index.php
rudenko.serveirc.com:8080/index.php
Ruining the bad guy's day

September 11, 2009, 06:48:44 pm
Reply #22

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Do you just want the .com's, or all dyndns.* ones?

/edit

These are the ones currently in hpHosts (haven't had time to process those from here yet);

Code: [Select]
aalkhateeb.go.dyndns.org
aalkhayari.dyndns.info
aarab51.go.dyndns.org
abdessamadk.dyndns.info
abeldsg.dyndns.info
alkingalwafy.dyndns.org
av237737.go.dyndns.org
bshaar.dyndns.biz
carlo20.dyndns.org
cxoadfarm.dyndns.info
galochka84.dyndns.org
gavriw.home.dyndns.org
golpemix.dyndns.org
grand277.dyndns.org
jaycee11.dyndns.biz
kburmenko.go.dyndns.org
llyublinskaya.go.dyndns.org
mandymaes.dyndns.tv
maxisfk.home.dyndns.org
meguw7.dyndns.info
oouu.dyndns.biz
ruzzapendola4.dyndns.biz
tomant.dyndns.info
vetsnabservice.dyndns.org
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

September 12, 2009, 02:26:15 pm
Reply #23

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL

Code: [Select]
abanimishra1976.is-a-chef.com
abbperesvet.is-a-geek.net
abdkrm.serveftp.com
abidine522.dyndns.info
acctcaro.servegame.com
adaou.myphotos.cc
aetrenin.game-host.org
ahswest.isa-geek.org
asolon.dnsalias.net
bettinaonal.ftpaccess.cc
bilnpl20.dyndns.org
briz.myftp.org
carloscabral.zapto.org
cherniy.homeunix.net
cimbor.redirectme.net
dalmaa.com
danutawronska.doesntexist.org
deepmo.hopto.org
denismpx220.zapto.org
devlieger.selfip.info
digifero.com
dvir99.is-a-chef.com
ekrivoruk.isa-geek.org
el.3utilities.com
emv1970.is-a-chef.net
fedik.webhop.org
fredcaro.selfip.org
grlombardo.myftp.biz
guy1972.isa-geek.org
hemchandk.serveftp.com
iletisim.hopto.org
ilion.zapto.org
interelectro.scrapping.cc
ismailimhamed.doesntexist.org
janinazawislak.game-server.cc
jjerinija1.getmyip.com
joopr56.dnsdojo.net
juceli.hopto.org
kalimi.homeip.net
kalinina.isa-geek.net
kazushi09051983.scrapping.cc
komsomol06.webhop.biz
kyoung001.no-ip.org
landabc.homelinux.net
lembellie.hopto.org
lysov.serveblog.net
maandtink.blogsite.org
marialzanotti.dyndns.biz
maricelgiardini.blogdns.org
markkunikunen.homelinux.com
mehmetg.webhop.org
myy.servehttp.com
naturismtomsk.servebeer.com
operations.serveftp.com
otsnp.office-on-the.net
ouchanima.blogsite.org
partridgeaccounts.hobby-site.org
press72.is-a-geek.net
protocontrol.doesntexist.com
ptsyplenkov.selfip.biz
saadiaboukarn.doesntexist.com
sakshi.ftpaccess.cc
slavikru92.dnsdojo.net
spbclean.scrapping.cc
srejbrova.dvrdns.org
stephenchesterman1.webhop.org
totoshka.homeunix.net
tprakash.no-ip.org

September 13, 2009, 02:58:44 am
Reply #24

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Code: [Select]
174.143.25.37
174-143-25-37.slicehost.net
188.40.36.211
206.123.115.194
209.248.147.110
212.174.200.117
217.15.81.8
67.213.213.158
78.40.224.155
79.143.129.17
80.93.49.223
81.209.164.65
8-81-15-217.reverse.alphalink.fr
91.121.167.41
91.121.24.139
91.121.97.186
92.48.110.155
93.186.178.76
94.75.216.155
administracion.myftp.biz
agipa.game-server.cc
alexahjk.servegame.org
amkowladek.merseine.nu
aquaplast2006.dontexist.net
askari010.webhop.org
askohli.selfip.org
avtogarant.myvnc.com
aysenuryilmaz.isa-geek.org
banchristophe.servegame.com
blpatrick.hobby-site.com
borodin20051.is-a-geek.com
bouslimlahoucine.scrapper-site.net
bstokes1.servegame.com
cdgmru.game-server.cc
christophevanassche.office-on-the.net
claeserwin.isa-geek.net
colovidal.shacknet.nu
csilva.dyn-o-saur.com
demoka.game-server.cc
denitek.homedns.org
dirtomsk.homelinux.com
eyatsko.dnsalias.com
farshing.isa-geek.org
fidvrn.serveftp.org
galvira.selfip.net
graco4.blogdns.com
histos.hopto.org
ibrahimalpaslan.is-a-chef.org
janahutarova.ath.cx
jigago.doesntexist.com
krymskyilya.getmyip.com
ks24667.kimsufi.com
ks353659.kimsufi.com
ks357690.kimsufi.com
ks361128.kimsufi.com
kuluyumba.dynalias.net
lmishagina.myftp.org
logicblast5.dca2.superbservers.com
malabo.thruhere.net
mamert13.dnsdojo.com
marcelbiondi.merseine.nu
mikhailvolosevich.isa-geek.org
misterdewhit.homeftp.net
nickelalloys.homedns.org
novosibirskgragdanproekt.servebbs.com
otanosl.redirectme.net
pavlychenko.dontexist.net
penatnik.servegame.org
pickup87.dynalias.com
piratebill32.selfip.net
poligontbo.dontexist.com
popovichhm.webhop.biz
rahnette.isa-geek.com
recursoshumanos.is-a-geek.net
renrobe.endofinternet.org
rimma64.homelinux.net
rinopi.thruhere.net
sacropol.endofinternet.org
salihtepe.is-a-chef.org
sklepkatowice.homelinux.com
slava333.dynalias.com
svetazh1.podzone.org
sweetk.gotdns.com
tekin.servehalflife.com
teky.redirectme.net
tjumen.homelinux.net
urist1.mine.nu
vaidasstumb.homeunix.net
vstepanov.3utilities.com

Code: [Select]
futur-immobilier.com
atiscar.com
extensys-solutions.com
extensys.ma
hekc.com
goldenwaycar.com
javacar.com
massipublicaffairs.com
qualityassistance.net
reso-education.com
residencesdugolf.com
saydalimaroc.com