Sponsored by..

Monday 1 October 2012

Something evil on 82.165.38.206

There's something evil on 82.165.38.206 (1&1, Germany).. Zbot, basically. The WHOIS details are refreshingly honest about the intent of the evil domains on the server. There are some legitimate domains as well, so it looks like a hacked server.

Probably NOT EVIL:
athentours.de
beachhandball-camp.com
beachhandball-camp.de
beachhandball-camps.com
beachhandball-camps.de
beachhandballcamp.com
beachhandballcamp.de
beachhandballcamps.com
beachhandballcamps.de
ferienwerk-muenchen.com
ferienwerk-muenchen.de
gosurfcamps.de
h2o-beachhandballcamp.com
h2o-beachhandballcamp.de
h2o-beachhandballcamps.com
h2o-beachhandballcamps.de
h2o-camp.com
h2o-camp.de
h2o-camps.com
h2o-camps.de
h2obeachhandballcamp.com
h2obeachhandballcamp.de
h2obeachhandballcamps.com
h2obeachhandballcamps.de
h2ocamp.com
h2ocamp.de
h2ocamps.com
h2ocamps.de
jugendferienwerk-muenchen.com
jugendferienwerk-muenchen.de
jugendreisenbadenwuerttemberg.de
jugendreisenmuenchen.de
jugendreisenstuttgart.de
senior-surfcamp.com
senior-surfcamp.de
seniorsurfcamp.com
seniorsurfcamp.de
xn--ferienwerk-mnchen-e3b.com
xn--ferienwerk-mnchen-e3b.de
xn--jugendferienwerk-mnchen-tpc.com
xn--jugendferienwerk-mnchen-tpc.de
xn--jugendreisenmnchen-y6b.de

Probably EVIL:
coolgeneration31.org
hjdfhjpqhf52vzskdjui1231232.org
hjdfhjpqhf45vzskdjui123123.org
hjdfhjpqhf47vzskdjui123123.org
hjdfhjpqhf48vzskdjui123123.org
hjdfhjpqhf49vzskdjui123123.org
fd12fg333333.org
working-bhh555.org
ker234hdfa88a8.org
askd232ddsda.org
goldfishinsea.org
d34245f3d.org
d5bb8ae4ec63cf.org
kirvlingshoping.org
donalldakcll.org
freesalebigban.org
bigamadillo.org
analiz-pro.org
kunbengober.org
ddosmanager.org
mislimsip0tir.org
goyerbyhsjanhxas.org
frostbeulekommts.org
trinnitti-soft.org
frostbeulekommt.org
intelentbot.org
45a5ge5aert.org
matonyok-trust.org
bergfileorderingserv.org
mailforw.org
shcool2010.com
vikingwer10.com
vatind0.com
d3f78j9h8h321312nf0.com
revers1001.com
update-java01.com
zapas2011.com
frerestreetsw111.com
reserve14443211.com
vikingwer11.com
testforus7771.com
generaladvertising191.com
chicoracquetclub1.com
vmeste-mi-fruktoviy-sad1.com
hft2bnmkoedfsdfgfg5o1.com
slaviki-res1.com
blachervers-2.com
frerestreetsw112.com
for-advanced-cfg12.com
vxuservx222.com
zeppbrannigan22.com
verasertys22.com
kemebrremewrewroi6d3b3jb3b332.com
narawertyopsanzaol7632.com
ognenaiaduga2.com
doo1deivahn2.com
worldfierro2.com
trytokickmewhenimoneywwww2.com
domain510003.com
frerestreetsw113.com
34k5jh4kjh324h123.com
hhhhujnja23.com
vvverdasentarycoolnew12233.com
jrykj233.com
fhb7654568768877dhfdbdjdeek677567433.com
znakizodiakapinger33.com
kilovattmegatonnsdor33.com
5qsx-v-b-f-r-we-4543-7767-4443.com
mjsdkflkblsdfbllalsdf777793.com
kemebrremewernrewroi43b3b3b3.com
kemebrremewrewroi43b3b3b3.com
kemebrmewernrewroi6nn3b3b3b3.com
kemebrmewernrewroi4367b3b3b3.com
sourtel3.com
hft2bnmkosdfgfg5o3.com
ffhsdf4747282e734723878784234.com
ipfff3444.com
bersiuzhuf0d9g8ghddee44.com
offirstactivityna4.com
ghgng43fgjl82309dfg8df4.com
just1tto2005.com
domain460015.com
kateserv29115.com
apre-delfud1-225.com
domain445725.com
lsazzzx45.com
2344292985375634367124i2443455.com
kateserv29175.com
234k23j4h3g5.com
mailwbg5.com
bejhjhbejr77eh5.com
mnn-gff-65-33-22-22-22-bve-6.com
mnn-gff-66nn-33-22-22-22-bve-6.com
freeroom66.com
xn3yy2uroomfdnew91c2v6.com
photox15serv257.com
matenixserv257.com
dtdtdtdouble6677.com
allbe777.com
testforus777.com
pxcallcentercareers77.com
galox29serv77.com
natenixserv77.com
for-advanced-cfg7.com
domain460018.com
ptichkaleti88.com
bngh77tutjt88.com
gssghgkio7erasdotaser8.com
679iss8.com
formul89.com
solnishko999.com
for-advanced-cfg9.com
switzern9.com
vikingwer9.com
jghrt9frgtr9.com
google-1aa.com
peuhiuyca.com
berkamifa.com
sjaprotecasga.com
iesiuzeiphae4xuoch1ahgha.com
mega-kreslo-suka.com
hahamanhanla.com
ywhzwhcnjmkj28888kljsdkkccnvma.com
abortinghomethinkanormall2116tv2dnvma.com
ywhzwhcnjmzmfdhd6em16tv2dnvma.com
islaantillana.com
leboj1ra.com
hahahayahooousa.com
pddonlinedata.com
reepta.com
teughoojaeghaopuegeudeeb.com
remainresetservweb.com
qsbj356jlkb33trhbj44dklasbkb.com
jsbjlsdjlkb234jblkba8899sjkb.com
srvpvrb.com
adobesystemcorporatecodec.com
icereserv-sec.com
minisystemic.com
meteosystemic.com
qlcombrasilmusic.com
ghsmaristic.com
celeron-mypc.com
krrhazvrjma8d.com
samecomandnetad.com
ommso99dd.com
freelinceradanced.com
hostedllinked.com
muiredised.com
336nnfbvdsfuoibvc6nn78fdhdffdgffd.com
kffkdmsdn3438nfd.com
nbguiewjmznejjcuaije2hd.com
dkjs8000sjdshd.com
oepjvondifnnkskfcxzvjiefrkd.com
nextcomesonlservbuild.com
bntuyahqpcmd.com
8hrhhhtt63639serd.com
eorjroijdojrd.com
goldharbord.com
vhklideomailasd.com
cerutedwestedltd.com
pokemonnertt345e.com
mylitlebusinessplace.com
ufoksuudservice.com
serokolservice.com
someadverdownservice.com
dst1-finance.com
mbnfinance.com
recruitadyfinance.com
zswealthlastsource.com
45gvvrfr665gbffbdtrtee.com
keticussorke.com
crewboddylifestyle.com
tuvnahdmcjrueifhgne.com
palecvzhope.com
sampeladvertisingbase.com
java-00update.com
direct-gate.com
quintaavenue.com
versnoteinluserve.com
mikrobnjnru7f.com
hgng44fgjl82509dfg83df.com
ywhzwskdjfgh3lkjhtkjsdfghu9w845tgdf.com
asdff23fsafasdfsdf.com
scvsmmdiocuhsdf.com
jdhfjksdhyurw89yurhksff.com
bedegiudmakkshhf.com
h88dfsdfrefmkf.com
ufhwf8093hrdsf.com
gsdfgd536fdg.com
entcrgmd3kvc2r6nwhfom215m22eg.com
aimsfg.com
y25qwrmzv6z3nwem5mnry21smg.com
eg4zxkydxjvsd21mzgldhzkxyz2ng.com
bdg8b70dgbng.com
nqpftydjfgbbbdlspyfng.com
justcheckping.com
ponibong.com
ualol3e3ejdh98hjd893h.com
aa9798ajgjghu87h.com
cocteil-malevich.com

No comments: