http ://noadware.com
http: //noadware.net
http: //antivirus-doktor.com
http: //anti-virus-professional.com
Wednesday, May 27, 2009
Bogus Antivirus Availables 27-May-09
Hi Dude, below are the few fake security company that potentially harmful on your systems. Downloaded executable files were sent to VirusTotal for analysis.
http ://noadware.com
http: //noadware.net
http: //antivirus-doktor.com
http: //anti-virus-professional.com
http ://noadware.com
http: //noadware.net
http: //antivirus-doktor.com
http: //anti-virus-professional.com
Tuesday, May 26, 2009
Analysis Exploit Adobe PDF util.printf and getIcon
Exploit Adobe PDF
-Adobe util.printf overflow CVE-2008-2992
-Adobe getIcon CVE-2009-0927
http://silzefos.cn/s/in.cgi?10
->http://bikpakoc.cn/nuc/index.php
->http://bikpakoc.cn/nuc/exe.php Virustotal result
->http://bikpakoc.cn/nuc/spl/pdf.pdf
Credit to Didier Stevens for create such a good tool to analysis the malicous pdf file. His pdf-parser.py can be download from http://blog.didierstevens.com/programs/pdf-tools/
Figure1: Search for javascript
Figure 2: Javascript within object was identified
Figure 3: Detect for decoder
Figure 4: Decode using FlateDecode
Figure 5: Copy the javascript and paste in Malzilla Decoder
Figure 6: util.printf function was detected
Figure 7: getIcon function was detected
Note:If you think the information benefit to you, click on advertisement to support me for domain fees.
-Adobe util.printf overflow CVE-2008-2992
-Adobe getIcon CVE-2009-0927
http://silzefos.cn/s/in.cgi?10
->http://bikpakoc.cn/nuc/index.php
->http://bikpakoc.cn/nuc/exe.php Virustotal result
->http://bikpakoc.cn/nuc/spl/pdf.pdf
Credit to Didier Stevens for create such a good tool to analysis the malicous pdf file. His pdf-parser.py can be download from http://blog.didierstevens.com/programs/pdf-tools/
Figure1: Search for javascript
Figure 2: Javascript within object was identified
Figure 3: Detect for decoder
Figure 4: Decode using FlateDecode
Figure 5: Copy the javascript and paste in Malzilla Decoder
Figure 6: util.printf function was detected
Figure 7: getIcon function was detected
Note:If you think the information benefit to you, click on advertisement to support me for domain fees.
Saturday, May 23, 2009
Slim Spamming 23-May-09
Slim website spamming again...
Hosted IP Address: 70.131.48.34
atomreal.com
www.agereal.com
Note:If you think the information benefit to you, click on advertisement to support me for domain fees.
Hosted IP Address: 70.131.48.34
atomreal.com
www.agereal.com
Note:If you think the information benefit to you, click on advertisement to support me for domain fees.
Suspicious domain lists 23-May-09
Hosted IP address: 203.93.208.86
Domain Lists:
alexandra.zikmigob.cn
qdrrfk.nabpulef.cn
cwwzrnodtd.rechasas.cn
rdwdsaf.vunsiqey.cn
www.ciqkoray.cn
www.qiqwejay.cn
www.sugyuwig.cn
www.virreqim.cn
www.wepwoloj.cn
www.wickiron.cn
www.wofroxip.cn
www.yiqfatir.cn
www.gudosac.ru
ysevoxy.barinetko.ru/?yoboesj=dyj&tyritus=qcol
mjxjou.barinetko.ru/?moyhag=xqhaysa&doqwe=gqogee
Hosted IP address: 58.17.3.44
Domain Lists:
jodmuveh.cn
37-37.com
99-99.org
auqomj.yevzuhin.cn
axdvaiehj.bevhizuh.cn
botgoviw.cn
brieffree.com
byhqjp.raytajav.cn
cabbtbhq.raytajav.cn
ceqjunuw.cn
cyhagas.haymuruc.cn
dnkqfq.cesgewoq.cn
fahxuyaq.cn
fumqoluj.cn
fumriraj.cn
futjasid.cn
game.100xk.com
gffmdec.yevzuhin.cn
gifxosih.cn
hexyecum.cn
hezbiqer.cn
hoznopak.cn
hskfw.qagligid.cn
igls.letvasol.cn
jodmuveh.cn
kaszozoj.cn
kudqedig.cn
mardevux.cn
mehdgaql.qagligid.cn
mjbbyh.liswohox.cn
ncjip.qagligid.cn
ncqzkc.hotpotuj.cn
newpharmacynice.com
nidvexik.cn
nxwjqit.liswohox.cn
pehrakam.cn
pgzjb.liswohox.cn
qiwlipuw.cn
qmoohwcwj.forfapas.cn
rildahiv.cn
roblipiy.cn
rovqovin.cn
ryaqjrsw.focwudim.cn
sazhakoh.cn
sntpyilvb.letvasol.cn
tautg.yaxdacuv.cn
ttxzyw.forfapas.cn
tujpaloq.cn
udnpqong.hotpotuj.cn
vamld.qoblupor.cn
vkxelu.qoblupor.cn
widbejex.cn
wihhequg.cn
wimpomat.cn
wiwqiset.cn
www.bloomingdales.com
www.fohnabay.cn
www.fumbetip.cn
www.kahjiqud.cn
www.mesyatep.cn
www.mivjajah.cn
www.nazhivet.cn
www.quick-n-easy-websites.com
www.raxnajer.cn
xcpgo.bevhizuh.cn
xynehdt.xunxijej.cn
zorpaqor.cn
Hosted IP Address: 60.191.239.189
Fake Pharmacy Online Store:
Domain lists:
www.bbongflower.net
www.huaxiauto.com
www.szbcbg.cn
adelaide.sunluxag.cn
adrienne.sunluxag.cn
mjxjou.barinetko.ru/?moyhag=xqhaysa&doqwe=gqogee
phone.addresses.com
phone.intelius.com
phone.theyellowpages.com
www.2500ty.com
www.bbongflower.net
www.huaxiauto.com
www.szbcbg.cn
zxosy.yasdegax.cn --redirect to comfyideal.com
Hosted IP Address: 119.39.238.2
Domain lists:
comfyideal.com
drugsonlineright.com
newpharmshappy.com
Hosted IP Address: 159.226.7.162
Domain lists:
aidexvqo.cn
bbs.fzlkj.cn
dp-dtudio.cn
gddltj.cn
golck.cn
gussmanntech.co.cn
qssh.cn
www.101-shop.cn
www.1x5x.cn
www.cdk1718.cn
www.cngudao.cn
www.feisui168.cn
www.foyal.cn
www.huaibb.cn
www.huatl.cn
www.jnjiayi.cn
www.k555.cn
www.onecf.cn
www.pingxiwaimao.cn
www.qeyoob.cn
www.zangh.cn
Note:If you think the information benefit to you, click on advertisement to support me for domain fees.
Domain Lists:
alexandra.zikmigob.cn
qdrrfk.nabpulef.cn
cwwzrnodtd.rechasas.cn
rdwdsaf.vunsiqey.cn
www.ciqkoray.cn
www.qiqwejay.cn
www.sugyuwig.cn
www.virreqim.cn
www.wepwoloj.cn
www.wickiron.cn
www.wofroxip.cn
www.yiqfatir.cn
www.gudosac.ru
ysevoxy.barinetko.ru/?yoboesj=dyj&tyritus=qcol
mjxjou.barinetko.ru/?moyhag=xqhaysa&doqwe=gqogee
Hosted IP address: 58.17.3.44
Domain Lists:
jodmuveh.cn
37-37.com
99-99.org
auqomj.yevzuhin.cn
axdvaiehj.bevhizuh.cn
botgoviw.cn
brieffree.com
byhqjp.raytajav.cn
cabbtbhq.raytajav.cn
ceqjunuw.cn
cyhagas.haymuruc.cn
dnkqfq.cesgewoq.cn
fahxuyaq.cn
fumqoluj.cn
fumriraj.cn
futjasid.cn
game.100xk.com
gffmdec.yevzuhin.cn
gifxosih.cn
hexyecum.cn
hezbiqer.cn
hoznopak.cn
hskfw.qagligid.cn
igls.letvasol.cn
jodmuveh.cn
kaszozoj.cn
kudqedig.cn
mardevux.cn
mehdgaql.qagligid.cn
mjbbyh.liswohox.cn
ncjip.qagligid.cn
ncqzkc.hotpotuj.cn
newpharmacynice.com
nidvexik.cn
nxwjqit.liswohox.cn
pehrakam.cn
pgzjb.liswohox.cn
qiwlipuw.cn
qmoohwcwj.forfapas.cn
rildahiv.cn
roblipiy.cn
rovqovin.cn
ryaqjrsw.focwudim.cn
sazhakoh.cn
sntpyilvb.letvasol.cn
tautg.yaxdacuv.cn
ttxzyw.forfapas.cn
tujpaloq.cn
udnpqong.hotpotuj.cn
vamld.qoblupor.cn
vkxelu.qoblupor.cn
widbejex.cn
wihhequg.cn
wimpomat.cn
wiwqiset.cn
www.bloomingdales.com
www.fohnabay.cn
www.fumbetip.cn
www.kahjiqud.cn
www.mesyatep.cn
www.mivjajah.cn
www.nazhivet.cn
www.quick-n-easy-websites.com
www.raxnajer.cn
xcpgo.bevhizuh.cn
xynehdt.xunxijej.cn
zorpaqor.cn
Hosted IP Address: 60.191.239.189
Fake Pharmacy Online Store:
Domain lists:
www.bbongflower.net
www.huaxiauto.com
www.szbcbg.cn
adelaide.sunluxag.cn
adrienne.sunluxag.cn
mjxjou.barinetko.ru/?moyhag=xqhaysa&doqwe=gqogee
phone.addresses.com
phone.intelius.com
phone.theyellowpages.com
www.2500ty.com
www.bbongflower.net
www.huaxiauto.com
www.szbcbg.cn
zxosy.yasdegax.cn --redirect to comfyideal.com
Hosted IP Address: 119.39.238.2
Domain lists:
comfyideal.com
drugsonlineright.com
newpharmshappy.com
Hosted IP Address: 159.226.7.162
Domain lists:
aidexvqo.cn
bbs.fzlkj.cn
dp-dtudio.cn
gddltj.cn
golck.cn
gussmanntech.co.cn
qssh.cn
www.101-shop.cn
www.1x5x.cn
www.cdk1718.cn
www.cngudao.cn
www.feisui168.cn
www.foyal.cn
www.huaibb.cn
www.huatl.cn
www.jnjiayi.cn
www.k555.cn
www.onecf.cn
www.pingxiwaimao.cn
www.qeyoob.cn
www.zangh.cn
Note:If you think the information benefit to you, click on advertisement to support me for domain fees.
Friday, May 22, 2009
Suspicious Viagra Pills Domain Lists 22-May-09
IP Address: 220.248.184.7
Domains:
callnices.com
cxvjpiet.cn
fmdwyhygh.boqaqaroy.cn
idyogtri.cn
joinmake.com
litefort.com
makeflat.com
nafaxunap.cn
okomptfh.lufecumul.cn
phone.addresses.com
phone.theyellowpages.com
qomawuciv.cn
quincy.doyslho.cn
ricadigox.cn
rushpact.com
tafibahav.cn
wadeship.com
widewarm.com
www.bjopifde.cn
www.daqemumaw.cn
www.fhbpiii.cn
www.iorodl.cn
www.iyljoq.cn
www.iylkjoo.cn
www.mortgagemodifications247.com
www.muluqemuw.cn
www.ocaofca.cn
www.odlorid.cn
www.vppoiwrt.cn
www.wazadixih.cn
www.yaoaoe.cn
www.nafaxunap.cn
IP Address: 125.181.106.181
Domain lists:
amudrear.com
divecalm.com
dreardrear.com
fusemane.com
kindkell.com
kitemust.com
muchwell.com
prevson.com
Domains:
callnices.com
cxvjpiet.cn
fmdwyhygh.boqaqaroy.cn
idyogtri.cn
joinmake.com
litefort.com
makeflat.com
nafaxunap.cn
okomptfh.lufecumul.cn
phone.addresses.com
phone.theyellowpages.com
qomawuciv.cn
quincy.doyslho.cn
ricadigox.cn
rushpact.com
tafibahav.cn
wadeship.com
widewarm.com
www.bjopifde.cn
www.daqemumaw.cn
www.fhbpiii.cn
www.iorodl.cn
www.iyljoq.cn
www.iylkjoo.cn
www.mortgagemodifications247.com
www.muluqemuw.cn
www.ocaofca.cn
www.odlorid.cn
www.vppoiwrt.cn
www.wazadixih.cn
www.yaoaoe.cn
www.nafaxunap.cn
IP Address: 125.181.106.181
Domain lists:
amudrear.com
divecalm.com
dreardrear.com
fusemane.com
kindkell.com
kitemust.com
muchwell.com
prevson.com
Wednesday, May 20, 2009
Prevent terminal from get garbled
What you going to do if your accidentally open binary file in terminal? The character in terminal might be garbled.
Few things that you can prevent this.
1. Use command less or more, use command cat will garble your terminal
2. Use command reset to get back terminal
Few things that you can prevent this.
1. Use command less or more, use command cat will garble your terminal
2. Use command reset to get back terminal
Monday, May 18, 2009
Bogue Viagra , Credit Card and Suspicious domain lists on 18-May-09
Below is the suspicious domain list for the Bogue Viagra
Domain with IP address (125.181.106.181)
amudrear.com
divecalm.com
fusemane.com
kindkell.com
kitemust.com
muchwell.com
Domain with IP address (69.85.197.200)
best-pickupline.com
cute-names.com
jtcentral.com
readycashnetwork.com
s1.fast-files.com
www.applyonline-creditcard.com
www.best-pickupline.com
www.cute-names.com
www.fast-files.com
www.gofilez.com
www.jasonsmith.net
www.jtcentral.com
www.krinkler.com
www.phpbb-host.org
Domain with IP address (24.158.105.172)
tightbeautiful.im
Domain with IP address (125.181.106.181)
amudrear.com
divecalm.com
fusemane.com
kindkell.com
kitemust.com
muchwell.com
Domain with IP address (69.85.197.200)
best-pickupline.com
cute-names.com
jtcentral.com
readycashnetwork.com
s1.fast-files.com
www.applyonline-creditcard.com
www.best-pickupline.com
www.cute-names.com
www.fast-files.com
www.gofilez.com
www.jasonsmith.net
www.jtcentral.com
www.krinkler.com
www.phpbb-host.org
Domain with IP address (24.158.105.172)
tightbeautiful.im
Thursday, May 14, 2009
Suspicious domain lists 15-May-09
Below are the suspicious domain lists for 15-May-09
Domain lists (210.51.15.88):
0539room.com
0574-pc.com
08zs.com
126.sh
2009jy.com
4pwap.net
92mk.com
adfdw.com
air800.com
arestechchina.com
ax55.com
baoxianzixun.com.cn
bbs.92mk.com
bbs.cntca.com
bbs.yutun.net
ccclinux.com
cccps.com
cckl365.com
cf899.com
chaixiaoping.com
chinapower114.com
cnwine916.com
crackpal.com
czsljz.com
daigou518.com
dalianrrr.com
dianliwang.com
diyanat.cn
ekesw.com
eyi88.com
flcard.net
ge-thea9.com
gyccxx.com
hanjon.net
haotingli.com
hbjlhy.com
hongxiangyeya.com
hqgg.com
hxin123.com
ilovebj.net
kaixuansy.com
kexin58.com
kexinfuwu.com
langfangtx.com
lavendertex.com
leon520.com
lnkk.net
luokaiming.com
mgjzd.com
mortom.com
moyanlin.com
muhlis.com
munazira.com
nowpaper.net
nyxxzx.com
phone.addresses.com
qhxhdw.cn
qq10nian.com
qqtyx.com
qqztx.com
rqfyrdx.com
rqhyjx.com
sdhuawei.com
sex7878.com
solidlawyer.com
syldyy.com
topmpm.com
topmpm.net
tqzz.com
vpsms.cn
wapml.org
winebond.org
www.037168.com
www.08zs.com
www.126.sh
www.2wazi.cn
www.568pk.com
www.82900580.com
www.880817.com
www.92mk.com
www.999yyy.com
www.axik.biz
www.beyu168.com
www.bolos.cn
www.btdahua.cn
www.cdhainuo.com
www.cf899.com
www.chaixiaoping.com
www.clgcsq.cn
www.cnwine916.com
www.crackpal.com
www.dfhj.cn
www.diyanat.cn
www.emgog.com
www.flcard.net
www.haotingli.com
www.hqgg.com
www.h-s.com.cn
www.huashui.org
www.jiasu168.com
www.jlsykj.com
www.jokevod.cn
www.koyear.com
www.linjinghai.com
www.lixudan.com.cn
www.lxjcnaf.com
www.mo1jian.com
www.onlycake.com
www.opm520.cn
www.pyjhay.com
www.qlx.org.cn
www.qqyeah.com
www.quick-n-easy-websites.com
www.qxzn.com
www.rocvan.com
www.rqfyrdx.com
www.rzlvhua.com
www.sendafeiye.com.cn
www.shw98.cn
www.simuwu.com
www.sinorrr.com
www.skypeb.com
www.sol-hs.com
www.solidlawyer.com
www.stdcpj.cn
www.sy130.cn
www.szwhf.com
www.tctbw.com
www.tqzz.com
www.tyccs.com
www.uyanqi.cn
www.v6sj.cn
www.vivalife.com.cn
www.vvweb.cn
www.wqjmc.com
www.yfl.net.cn
www.yfzxxx.org
www.zhucheng.cc
www.zhucheng-window.com
www.zhyztbj.cn
wwwtaoba0.com
wyzytt.com
xiangzhigu.com
xinmiaoyama.com
xjyouku.com
xunsn.com
xz.xtstmf.com
zhu-le.com
ziyoudao.com
zka8.com
Domain lists(61.152.160.175)
Phishing domains: qq.com.qqck.net.cn
029xwn.com
175.jv.com.cn
3dsvr.com
61.152.160.175
76920.com
986x.com
9ups.com
anguolaw.com
beidouyang.com
bjpbj.com
boda-zy.com
cb-comp.com
cztec.com
dadabird.com
ets100.com
euro-cuvee.com
fjfzwlqp.com
gj-bj.com
gzhfq.com
hafochina.com
hndz88.com
hnut-d.com
hz-diamond.com
lan-qing.com
njwatech.com
njybz.com
pachemical.com
pinyi.org
qm-hg.com
qq.com.qqck.net.cn
rymj.com
s37049.w23.21pages.com
sbjszs.com
seaglemarine.com
sh-boying.com
sh-finesun.com
shhwzg.com
sh-liuxing.com
sh-longcheng.com
shwinsys.com
shwxmy.com
shyuqing.com
shzxfw.com
sj.zhit88.com
suchlife.com
szbunker.com
szgup.com
sztttj.com
the6688.com
tsshuangtao.com
uphobby.com
vokona.com
www.021xb.net
www.1maps.com
www.575xx.com
www.635636.com
www.9ups.com
www.alidream.com.cn
www.anguolaw.com
www.ayjcj.cn
www.baidu-k.com
www.chengzhang.com
www.chinamerchandise.com.cn
www.chinaprinting.net
www.china-stamp.net
www.dj1111.com
www.edu9151.com
www.e-guo.net
www.eso007.com
www.fujian.hk
www.gdjjtf.com
www.gdtechnologies.com
www.gold1818.com
www.gold1818.com.cn
www.gzdongzheng.cn
www.gzyanghe.com.cn
www.haha5.cn
www.headhunter.net.cn
www.hmtang.com
www.honda-econopower.com.cn
www.hutkjxy.com
www.jhyxx.com
www.jiaoan8.com
www.koushao.cn
www.lan-qing.com
www.lg.sh.cn
www.mybus-sh.com.cn
www.nbxf.cn
www.neiyiw.com
www.ninibaby.cn
www.pachemical.com
www.qqcate.cn
www.qzbys.com
www.sanhefj.com
www.sbjszs.com
www.sh-chengfeng.com
www.shcqjj.com
www.sh-finesun.com
www.sh-hlcbsb.net
www.shhwzg.com
www.shjinchuang.cn
www.sh-lefen.com
www.shodjs.com
www.shpengben.com
www.sh-qsbz.com
www.shuyufang.com
www.sh-yuli.com
www.sh-yxkj.com
www.starchgroup.com
www.star-island.net
www.suchlife.com
www.supore.com
www.taojiang21.cn
www.taoyuancun.com
www.un-plus.cn
www.uphobby.com
www.vividea.cn
www.xcflowers.com
www.xmfj.com
www.xmxiaonei.com
www.xuchun.net
www.xypump.com
www.yanyizh.com
www.yongyixf.com
www.youyou369.cn
www.zhengrui831.com
www.zhit88.com
www.zspx.net.cn
wxbc.net
wxjak.com
wxptlk.com
xmxiaonei.com
xuchun.net
xypump.com
yangminsheng.com
yanyizh.com
yanyizh.net
yw-sh.com
zhengda-bigi.com
zhit88.com
zsjcw.net
zxwsh.com
Domain lists (121.10.107.16)
94rx.com
kweilai.cn
mysf17173.com
tudoumoyu.com
u169.com
www.2009my.com
www.haomyc.com
Note:If you think the information benefit to you, click on advertisement to support me for domain fees.
Domain lists (210.51.15.88):
0539room.com
0574-pc.com
08zs.com
126.sh
2009jy.com
4pwap.net
92mk.com
adfdw.com
air800.com
arestechchina.com
ax55.com
baoxianzixun.com.cn
bbs.92mk.com
bbs.cntca.com
bbs.yutun.net
ccclinux.com
cccps.com
cckl365.com
cf899.com
chaixiaoping.com
chinapower114.com
cnwine916.com
crackpal.com
czsljz.com
daigou518.com
dalianrrr.com
dianliwang.com
diyanat.cn
ekesw.com
eyi88.com
flcard.net
ge-thea9.com
gyccxx.com
hanjon.net
haotingli.com
hbjlhy.com
hongxiangyeya.com
hqgg.com
hxin123.com
ilovebj.net
kaixuansy.com
kexin58.com
kexinfuwu.com
langfangtx.com
lavendertex.com
leon520.com
lnkk.net
luokaiming.com
mgjzd.com
mortom.com
moyanlin.com
muhlis.com
munazira.com
nowpaper.net
nyxxzx.com
phone.addresses.com
qhxhdw.cn
qq10nian.com
qqtyx.com
qqztx.com
rqfyrdx.com
rqhyjx.com
sdhuawei.com
sex7878.com
solidlawyer.com
syldyy.com
topmpm.com
topmpm.net
tqzz.com
vpsms.cn
wapml.org
winebond.org
www.037168.com
www.08zs.com
www.126.sh
www.2wazi.cn
www.568pk.com
www.82900580.com
www.880817.com
www.92mk.com
www.999yyy.com
www.axik.biz
www.beyu168.com
www.bolos.cn
www.btdahua.cn
www.cdhainuo.com
www.cf899.com
www.chaixiaoping.com
www.clgcsq.cn
www.cnwine916.com
www.crackpal.com
www.dfhj.cn
www.diyanat.cn
www.emgog.com
www.flcard.net
www.haotingli.com
www.hqgg.com
www.h-s.com.cn
www.huashui.org
www.jiasu168.com
www.jlsykj.com
www.jokevod.cn
www.koyear.com
www.linjinghai.com
www.lixudan.com.cn
www.lxjcnaf.com
www.mo1jian.com
www.onlycake.com
www.opm520.cn
www.pyjhay.com
www.qlx.org.cn
www.qqyeah.com
www.quick-n-easy-websites.com
www.qxzn.com
www.rocvan.com
www.rqfyrdx.com
www.rzlvhua.com
www.sendafeiye.com.cn
www.shw98.cn
www.simuwu.com
www.sinorrr.com
www.skypeb.com
www.sol-hs.com
www.solidlawyer.com
www.stdcpj.cn
www.sy130.cn
www.szwhf.com
www.tctbw.com
www.tqzz.com
www.tyccs.com
www.uyanqi.cn
www.v6sj.cn
www.vivalife.com.cn
www.vvweb.cn
www.wqjmc.com
www.yfl.net.cn
www.yfzxxx.org
www.zhucheng.cc
www.zhucheng-window.com
www.zhyztbj.cn
wwwtaoba0.com
wyzytt.com
xiangzhigu.com
xinmiaoyama.com
xjyouku.com
xunsn.com
xz.xtstmf.com
zhu-le.com
ziyoudao.com
zka8.com
Domain lists(61.152.160.175)
Phishing domains: qq.com.qqck.net.cn
029xwn.com
175.jv.com.cn
3dsvr.com
61.152.160.175
76920.com
986x.com
9ups.com
anguolaw.com
beidouyang.com
bjpbj.com
boda-zy.com
cb-comp.com
cztec.com
dadabird.com
ets100.com
euro-cuvee.com
fjfzwlqp.com
gj-bj.com
gzhfq.com
hafochina.com
hndz88.com
hnut-d.com
hz-diamond.com
lan-qing.com
njwatech.com
njybz.com
pachemical.com
pinyi.org
qm-hg.com
qq.com.qqck.net.cn
rymj.com
s37049.w23.21pages.com
sbjszs.com
seaglemarine.com
sh-boying.com
sh-finesun.com
shhwzg.com
sh-liuxing.com
sh-longcheng.com
shwinsys.com
shwxmy.com
shyuqing.com
shzxfw.com
sj.zhit88.com
suchlife.com
szbunker.com
szgup.com
sztttj.com
the6688.com
tsshuangtao.com
uphobby.com
vokona.com
www.021xb.net
www.1maps.com
www.575xx.com
www.635636.com
www.9ups.com
www.alidream.com.cn
www.anguolaw.com
www.ayjcj.cn
www.baidu-k.com
www.chengzhang.com
www.chinamerchandise.com.cn
www.chinaprinting.net
www.china-stamp.net
www.dj1111.com
www.edu9151.com
www.e-guo.net
www.eso007.com
www.fujian.hk
www.gdjjtf.com
www.gdtechnologies.com
www.gold1818.com
www.gold1818.com.cn
www.gzdongzheng.cn
www.gzyanghe.com.cn
www.haha5.cn
www.headhunter.net.cn
www.hmtang.com
www.honda-econopower.com.cn
www.hutkjxy.com
www.jhyxx.com
www.jiaoan8.com
www.koushao.cn
www.lan-qing.com
www.lg.sh.cn
www.mybus-sh.com.cn
www.nbxf.cn
www.neiyiw.com
www.ninibaby.cn
www.pachemical.com
www.qqcate.cn
www.qzbys.com
www.sanhefj.com
www.sbjszs.com
www.sh-chengfeng.com
www.shcqjj.com
www.sh-finesun.com
www.sh-hlcbsb.net
www.shhwzg.com
www.shjinchuang.cn
www.sh-lefen.com
www.shodjs.com
www.shpengben.com
www.sh-qsbz.com
www.shuyufang.com
www.sh-yuli.com
www.sh-yxkj.com
www.starchgroup.com
www.star-island.net
www.suchlife.com
www.supore.com
www.taojiang21.cn
www.taoyuancun.com
www.un-plus.cn
www.uphobby.com
www.vividea.cn
www.xcflowers.com
www.xmfj.com
www.xmxiaonei.com
www.xuchun.net
www.xypump.com
www.yanyizh.com
www.yongyixf.com
www.youyou369.cn
www.zhengrui831.com
www.zhit88.com
www.zspx.net.cn
wxbc.net
wxjak.com
wxptlk.com
xmxiaonei.com
xuchun.net
xypump.com
yangminsheng.com
yanyizh.com
yanyizh.net
yw-sh.com
zhengda-bigi.com
zhit88.com
zsjcw.net
zxwsh.com
Domain lists (121.10.107.16)
94rx.com
kweilai.cn
mysf17173.com
tudoumoyu.com
u169.com
www.2009my.com
www.haomyc.com
Note:If you think the information benefit to you, click on advertisement to support me for domain fees.
Bogus Pharmaceutic 14-May-09
Canadian Pharmacy IP address: 58.17.3.44
Other Domains list:
http://auqomj.yevzuhin.cn
http://axdvaiehj.bevhizuh.cn
http://botgoviw.cn
http://brieffree.com
http://byhqjp.raytajav.cn
http://cabbtbhq.raytajav.cn
http://ceqjunuw.cn
http://cyhagas.haymuruc.cn
http://fahxuyaq.cn
http://fumqoluj.cn
http://fumriraj.cn
http://futjasid.cn
http://game.100xk.com
http://gffmdec.yevzuhin.cn
http://gifxosih.cn
http://hexyecum.cn
http://hezbiqer.cn
http://hoznopak.cn
http://hskfw.qagligid.cn
http://igls.letvasol.cn
http://kaszozoj.cn
http://kudqedig.cn
http://mardevux.cn
http://mehdgaql.qagligid.cn
http://mjbbyh.liswohox.cn
http://ncjip.qagligid.cn
http://ncqzkc.hotpotuj.cn
http://nidvexik.cn
http://nxwjqit.liswohox.cn
http://pehrakam.cn
http://pgzjb.liswohox.cn
http://qiwlipuw.cn
http://qmoohwcwj.forfapas.cn
http://rildahiv.cn
http://roblipiy.cn
http://rovqovin.cn
http://ryaqjrsw.focwudim.cn
http://sazhakoh.cn
http://sntpyilvb.letvasol.cn
http://tautg.yaxdacuv.cn
http://ttxzyw.forfapas.cn
http://tujpaloq.cn
http://udnpqong.hotpotuj.cn
http://vamld.qoblupor.cn
http://vkxelu.qoblupor.cn
http://widbejex.cn
http://wihhequg.cn
http://wimpomat.cn
http://wiwqiset.cn
http://www.bloomingdales.com
http://www.fohnabay.cn
http://www.fumbetip.cn
http://www.kahjiqud.cn
http://www.mesyatep.cn
http://www.mivjajah.cn
http://www.nazhivet.cn
http://www.quick-n-easy-websites.com
http://www.raxnajer.cn
http://xcpgo.bevhizuh.cn
http://xynehdt.xunxijej.cn
http://zorpaqor.cn
US HealthCare Pharmacy IP address: 89.46.63.4
Domain List:
http://www.mastpool.com/
Note:If you think the information benefit to you, click on advertisement to support me for domain fees.
Other Domains list:
http://auqomj.yevzuhin.cn
http://axdvaiehj.bevhizuh.cn
http://botgoviw.cn
http://brieffree.com
http://byhqjp.raytajav.cn
http://cabbtbhq.raytajav.cn
http://ceqjunuw.cn
http://cyhagas.haymuruc.cn
http://fahxuyaq.cn
http://fumqoluj.cn
http://fumriraj.cn
http://futjasid.cn
http://game.100xk.com
http://gffmdec.yevzuhin.cn
http://gifxosih.cn
http://hexyecum.cn
http://hezbiqer.cn
http://hoznopak.cn
http://hskfw.qagligid.cn
http://igls.letvasol.cn
http://kaszozoj.cn
http://kudqedig.cn
http://mardevux.cn
http://mehdgaql.qagligid.cn
http://mjbbyh.liswohox.cn
http://ncjip.qagligid.cn
http://ncqzkc.hotpotuj.cn
http://nidvexik.cn
http://nxwjqit.liswohox.cn
http://pehrakam.cn
http://pgzjb.liswohox.cn
http://qiwlipuw.cn
http://qmoohwcwj.forfapas.cn
http://rildahiv.cn
http://roblipiy.cn
http://rovqovin.cn
http://ryaqjrsw.focwudim.cn
http://sazhakoh.cn
http://sntpyilvb.letvasol.cn
http://tautg.yaxdacuv.cn
http://ttxzyw.forfapas.cn
http://tujpaloq.cn
http://udnpqong.hotpotuj.cn
http://vamld.qoblupor.cn
http://vkxelu.qoblupor.cn
http://widbejex.cn
http://wihhequg.cn
http://wimpomat.cn
http://wiwqiset.cn
http://www.bloomingdales.com
http://www.fohnabay.cn
http://www.fumbetip.cn
http://www.kahjiqud.cn
http://www.mesyatep.cn
http://www.mivjajah.cn
http://www.nazhivet.cn
http://www.quick-n-easy-websites.com
http://www.raxnajer.cn
http://xcpgo.bevhizuh.cn
http://xynehdt.xunxijej.cn
http://zorpaqor.cn
US HealthCare Pharmacy IP address: 89.46.63.4
Domain List:
http://www.mastpool.com/
Note:If you think the information benefit to you, click on advertisement to support me for domain fees.
Monday, May 11, 2009
Phishing / Rouge High Reputation Antivirus Security Vendors
Wow...not sure other security vendor aware about the phishing website that claimed sell few high profile Antivirus Vendor such as Symantec, McAfee, Bitdefender, AVG and etc. You may easily find out this fake site by resolve their domain name.
Example:
C:\>nslookup -qt=ns www.norton.outlet.com
Server: xxx.xxx.xxx.xxx
Address: 2xx.1xx.xxx.2xx
outlet.com
primary name server = dns1.name-services.com
responsible mail addr = info.name-services.com
serial = 2002050701
refresh = 10001 (2 hours 46 mins 41 secs)
retry = 1801 (30 mins 1 sec)
expire = 604801 (7 days 1 sec)
default TTL = 181 (3 mins 1 sec)
C:\>nslookup -qt=ns symantec.com
Server: xxx.xxx.xxx.xxx
Address: 2xx.1xx.xxx.2xx
Non-authoritative answer:
symantec.com nameserver = ns2.symantec.com
symantec.com nameserver = ns4.symantec.com
symantec.com nameserver = ns1.symantec.com
Site:
http://new-antivirus-download.com/
http://www.bitdefendersecurity2009.com/
http://www.norton-outlet.com/B/norton-all-products.asp?
http://www.free-download-place.net/kaspersky/index.php?ovid=OVIZA&source=CCN-CD33-YAH0065-kaspersky-01&OVRAW=Kaspersky%20Anti%20Virus&OVKEY=kaspersky%20anti%20virus&OVMTC=standard&OVADID=52033425011&OVKWID=328989753511
It will entice users buy through online by displaying some advertise PC Magazine Editor's Choice Image. Don't ever disclosing any credit card info or personal information to this website.
Note:If you think the information benefit to you, click on advertisement to support me for domain fees.
Example:
C:\>nslookup -qt=ns www.norton.outlet.com
Server: xxx.xxx.xxx.xxx
Address: 2xx.1xx.xxx.2xx
outlet.com
primary name server = dns1.name-services.com
responsible mail addr = info.name-services.com
serial = 2002050701
refresh = 10001 (2 hours 46 mins 41 secs)
retry = 1801 (30 mins 1 sec)
expire = 604801 (7 days 1 sec)
default TTL = 181 (3 mins 1 sec)
C:\>nslookup -qt=ns symantec.com
Server: xxx.xxx.xxx.xxx
Address: 2xx.1xx.xxx.2xx
Non-authoritative answer:
symantec.com nameserver = ns2.symantec.com
symantec.com nameserver = ns4.symantec.com
symantec.com nameserver = ns1.symantec.com
Site:
http://new-antivirus-download.com/
http://www.bitdefendersecurity2009.com/
http://www.norton-outlet.com/B/norton-all-products.asp?
http://www.free-download-place.net/kaspersky/index.php?ovid=OVIZA&source=CCN-CD33-YAH0065-kaspersky-01&OVRAW=Kaspersky%20Anti%20Virus&OVKEY=kaspersky%20anti%20virus&OVMTC=standard&OVADID=52033425011&OVKWID=328989753511
It will entice users buy through online by displaying some advertise PC Magazine Editor's Choice Image. Don't ever disclosing any credit card info or personal information to this website.
Note:If you think the information benefit to you, click on advertisement to support me for domain fees.
Suspicious domain list 11-May-09
Domain list
IP address :59.39.71.23
http://www.ttwd.net
http://www.azm8.com
http://www.klyx8.com
http://www.kkwyx.com
http://www.wswl.net
http://www.feidk.cn
http://www.baikzs.cn
http://dw1.azm8.com
http://jx.kkwyx.com
http://www.feidk.cn
http://www.baikzs.cn
http://www.wswl.net
http://cncinet.com
http://zocd.com
http://www.wotomi.cn
IP address:
118.102.24.109
124.42.34.168
001a1.510168.net
0431lb.com
165.chicas.dexor.net.cn
38health.net
44545.com
9126.8128.cn
bbs.01cp.com
bbs.espam.org.cn
bbs.heatmovie.com
bbs.popxuexi.com
bbs.snowfoxstd.com
blog.ok975.com
bncf121.510168.net
china-bicycle.net.cn
djyly.510168.net
easycao.blogger.cn
falesgrand.com
flash.edpj.cn
free9.space163.com
game68.com
gogogu.com
icelens.xkwm.cn
ka8.cn
leteas.com
life.czsky.net
mail.fjbm.cn
openhj.com
qwwang.cn
raozou.cn
sex-sohu.com
shop.hc500.cn
sqas.und.net.cn
taixuef.17sf.com.cn
wap.8848.net
willieobst.cn
www.acchome.net
www.av258.com
www.aweng.cn
www.bjfxs.com.cn
www.bjmama.net.cn
www.blogool.org
www.bnt.com.cn
www.china01hr.cn
www.cnstage.com
www.craftwork-trade.com
www.cynn.com.cn
www.dysp.cn
www.eastvsoft.com
www.ecsmarket.net.cn
www.espam.org.cn
www.hiphop18.cn
www.ip10w.cn
www.jnydl.com
www.longtengphoto.cn
www.loos.com.cn
www.lovebak.com
www.makegamegold.com
www.mrdodo.cn
www.novr.net
www.onlinecn.com.cn
www.oomov.cn
www.seocaogen.cn
www.shanying.cn
www.shplaycenter.cn
www.sjbook.cn
www.sms95.com
www.sw911.com
www.tzxl.cn
www.wotomi.cn
www.xianhc.com
www.xinicn.com
www.yilinet.com.cn
www.yunna.cn
www.zzyqr.com
x.jpopbbs.net
xwzi.com
zhibo26al.22la.com
IP address :59.39.71.23
http://www.ttwd.net
http://www.azm8.com
http://www.klyx8.com
http://www.kkwyx.com
http://www.wswl.net
http://www.feidk.cn
http://www.baikzs.cn
http://dw1.azm8.com
http://jx.kkwyx.com
http://www.feidk.cn
http://www.baikzs.cn
http://www.wswl.net
http://cncinet.com
http://zocd.com
http://www.wotomi.cn
IP address:
118.102.24.109
124.42.34.168
001a1.510168.net
0431lb.com
165.chicas.dexor.net.cn
38health.net
44545.com
9126.8128.cn
bbs.01cp.com
bbs.espam.org.cn
bbs.heatmovie.com
bbs.popxuexi.com
bbs.snowfoxstd.com
blog.ok975.com
bncf121.510168.net
china-bicycle.net.cn
djyly.510168.net
easycao.blogger.cn
falesgrand.com
flash.edpj.cn
free9.space163.com
game68.com
gogogu.com
icelens.xkwm.cn
ka8.cn
leteas.com
life.czsky.net
mail.fjbm.cn
openhj.com
qwwang.cn
raozou.cn
sex-sohu.com
shop.hc500.cn
sqas.und.net.cn
taixuef.17sf.com.cn
wap.8848.net
willieobst.cn
www.acchome.net
www.av258.com
www.aweng.cn
www.bjfxs.com.cn
www.bjmama.net.cn
www.blogool.org
www.bnt.com.cn
www.china01hr.cn
www.cnstage.com
www.craftwork-trade.com
www.cynn.com.cn
www.dysp.cn
www.eastvsoft.com
www.ecsmarket.net.cn
www.espam.org.cn
www.hiphop18.cn
www.ip10w.cn
www.jnydl.com
www.longtengphoto.cn
www.loos.com.cn
www.lovebak.com
www.makegamegold.com
www.mrdodo.cn
www.novr.net
www.onlinecn.com.cn
www.oomov.cn
www.seocaogen.cn
www.shanying.cn
www.shplaycenter.cn
www.sjbook.cn
www.sms95.com
www.sw911.com
www.tzxl.cn
www.wotomi.cn
www.xianhc.com
www.xinicn.com
www.yilinet.com.cn
www.yunna.cn
www.zzyqr.com
x.jpopbbs.net
xwzi.com
zhibo26al.22la.com
Search with google.com
Correct keywords will make google search engines return you lot things.
Reference: http://www.pakbugs.com/tutorials/5143-search-google-com.html
method 1
put this string in google search:
"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
Notice that i am only changing the word after the parent directory, change it to what you want and you will get a lot of stuff.
voila!
method 2
put this string in google search:
?intitle:index.of? mp3
You only need add the name of the song/artist/singer.
Example: ?intitle:index.of? mp3 jackson
Reference: http://www.pakbugs.com/tutorials/5143-search-google-com.html
Symantec Internet Security Threat Report 2008
Symantec released their security threat report 2008 for downloading. 110 Pages for that document has covered few discussion areas such as Threat Activity, Vulnerability, Malicious code, Phishing, Underground Economy Servers and Spam Thrends.
Downloading url: http://www4.symantec.com/Vrt/wl?tu_id=gCGG123913789453640802
Reference: http://www.symantec.com/about/news/release/article.jsp?prid=20090413_01
Downloading url: http://www4.symantec.com/Vrt/wl?tu_id=gCGG123913789453640802
Reference: http://www.symantec.com/about/news/release/article.jsp?prid=20090413_01
Tuesday, May 5, 2009
McAfee Quarter Threats reports
Yo..McAfee released their quarterly report about global threats. This is one of my favourite reading when free.
Just download the pdf now in different 9 languages.
Few interesting topics covered.
- Conflicker
- Google and Search Engine abuse
- Spams
- .........
http://resources.mcafee.com/content/AvertReportQ109
Just download the pdf now in different 9 languages.
Few interesting topics covered.
- Conflicker
- Google and Search Engine abuse
- Spams
- .........
http://resources.mcafee.com/content/AvertReportQ109
Update to latest player when visiting Porn site
View video at porn site that have ranking in alexa? This malicious porn site host malicious file and prompt to install latest version of player in order to view it.
The malicious link
The suspected file was uploaded to virustotal for analysis.
http://www.virustotal.com/analisis/b10f79a1177f2a1c4c78a3f96bbbec03
Note:If you think the information benefit to you, click on advertisement column to support me in order pay for domain fees.
The malicious link
- hxxp: //em.pc-on-internet.com/eas?camp=24897&ty=ct&popt1=1152&popt2=0&popt3=2
- hxxp: //download.live-player.com/Live-Player_setup.php?grpid=2566&tag_id=718&nums=FGFBbtPAAA&popt1=1152&popt2=0&popt3=2
The suspected file was uploaded to virustotal for analysis.
http://www.virustotal.com/analisis/b10f79a1177f2a1c4c78a3f96bbbec03
Note:If you think the information benefit to you, click on advertisement column to support me in order pay for domain fees.
Monday, May 4, 2009
Malicious URLs *5-May-09*
Malicious urls link *5-May-09*
level 0 -http://csson.ch.ma/css.js?width=700&height=600&keyword=uf556
level 1 -http://count41.51yes.com/sa.aspx?id=419175949&refe='+window.parent.location+'&location=http%3A//'+paramsArr[0]+'&color=32x&resolution=1280x1024&returning=0&language=zh-cn&ua=Mozilla/4.0%20%28compatible%3B%20MSIE%206.0%3B%20Windows%20NT%205.1%3B%20SV1%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.0.04506.30%29
level 1 -http://ddv.sarl.tk/cnzz1.html
level 1 -http://er.kye68.cn/1/06/index.htm?e1-p
level 2 -http://er.kye68.cn/1/06/index2.htm
level 3 -http://er.kye68.cn/1/06/ccqm.htm
level 4 -http://ww1.uws3y.com/1/ActivcX.exe#version=1,0,0,002
level 3 -http://er.kye68.cn/1/06/js.css
level 4 -http://er.kye68.cn/1/06/hk14.htm
level 5 -http://er.kye68.cn/1/06/14.css
level 6 -http://ww1.uws3y.com/1/cX.exe
level 5 -http://er.kye68.cn/1/06/15.css
level 5 -http://er.kye68.cn/1/06/16.css
level 4 -http://er.kye68.cn/1/06/hkfl.htm
level 5 -http://er.kye68.cn/1/06/cc11.htm
level 6 -http://er.kye68.cn/1/06/swfobject.css
level 5 -http://er.kye68.cn/1/06/cc22.htm
level 6 -http://er.kye68.cn/1/06/swfobject.css
level 4 -http://er.kye68.cn/1/06/hkvod.htm
level 4 -http://er.kye68.cn/1/06/hkbb.htm
level 5 -http://er.kye68.cn/1/06/bff1.css
level 6 -http://ww1.uws3y.com/1/cX.exe
level 5 -http://er.kye68.cn/1/06/bff.css
level 4 -http://er.kye68.cn/1/06/hkxxz.htm
level 5 -http://er.kye68.cn/1/06/091.css
level 5 -http://er.kye68.cn/1/06/092.css
level 4 -http://er.kye68.cn/1/06/hkff.htm
level 5 -http://er.kye68.cn/1/06/ff.css
level 4 -http://er.kye68.cn/1/06/hk122121.htm
level 5 -http://er.kye68.cn/1/06/Turl.css
level 5 -http://er.kye68.cn/1/06/real.css
level 5 -http://er.kye68.cn/1/06/real1.css
Note:If you think the information benefit to you, click on advertisement column to support me in order pay for domain fees.
level 0 -http://csson.ch.ma/css.js?width=700&height=600&keyword=uf556
level 1 -http://count41.51yes.com/sa.aspx?id=419175949&refe='+window.parent.location+'&location=http%3A//'+paramsArr[0]+'&color=32x&resolution=1280x1024&returning=0&language=zh-cn&ua=Mozilla/4.0%20%28compatible%3B%20MSIE%206.0%3B%20Windows%20NT%205.1%3B%20SV1%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.0.04506.30%29
level 1 -http://ddv.sarl.tk/cnzz1.html
level 1 -http://er.kye68.cn/1/06/index.htm?e1-p
level 2 -http://er.kye68.cn/1/06/index2.htm
level 3 -http://er.kye68.cn/1/06/ccqm.htm
level 4 -http://ww1.uws3y.com/1/ActivcX.exe#version=1,0,0,002
level 3 -http://er.kye68.cn/1/06/js.css
level 4 -http://er.kye68.cn/1/06/hk14.htm
level 5 -http://er.kye68.cn/1/06/14.css
level 6 -http://ww1.uws3y.com/1/cX.exe
level 5 -http://er.kye68.cn/1/06/15.css
level 5 -http://er.kye68.cn/1/06/16.css
level 4 -http://er.kye68.cn/1/06/hkfl.htm
level 5 -http://er.kye68.cn/1/06/cc11.htm
level 6 -http://er.kye68.cn/1/06/swfobject.css
level 5 -http://er.kye68.cn/1/06/cc22.htm
level 6 -http://er.kye68.cn/1/06/swfobject.css
level 4 -http://er.kye68.cn/1/06/hkvod.htm
level 4 -http://er.kye68.cn/1/06/hkbb.htm
level 5 -http://er.kye68.cn/1/06/bff1.css
level 6 -http://ww1.uws3y.com/1/cX.exe
level 5 -http://er.kye68.cn/1/06/bff.css
level 4 -http://er.kye68.cn/1/06/hkxxz.htm
level 5 -http://er.kye68.cn/1/06/091.css
level 5 -http://er.kye68.cn/1/06/092.css
level 4 -http://er.kye68.cn/1/06/hkff.htm
level 5 -http://er.kye68.cn/1/06/ff.css
level 4 -http://er.kye68.cn/1/06/hk122121.htm
level 5 -http://er.kye68.cn/1/06/Turl.css
level 5 -http://er.kye68.cn/1/06/real.css
level 5 -http://er.kye68.cn/1/06/real1.css
Note:If you think the information benefit to you, click on advertisement column to support me in order pay for domain fees.
Adobe Reader Exploits PoC-Updated
Milw0rm released three Adobe Reader exploits in their website. One of the exploit was considered as Critical according to Adobe [http://www.adobe.com/support/security/bulletins/apsb09-04.html], another exploit PoC was tested on Ubuntu platform and lastly was PDF remote exploit target on customDictionaryOpen() function.
Adobe Reader 8.1.4/9.1 GetAnnots() Remote Code Execution Exploit
Adobe Acrobat Reader 8.1.2 – 9.0 getIcon() Memory Corruption Exploit
Exploit pdf reader by spray the large buffer into the Collab.getIcon () function.
Prevention Steps:
- http://www.web2secure.com/2009/04/preventing-from-pdf-exploit-in-acrobat.html
Reference:
http://www.milw0rm.com/exploits/8595
http://www.milw0rm.com/exploits/8569
Adobe Reader 8.1.4/9.1 GetAnnots() Remote Code Execution Exploit
Adobe Acrobat Reader 8.1.2 – 9.0 getIcon() Memory Corruption Exploit
Exploit pdf reader by spray the large buffer into the Collab.getIcon () function.
PoC can be obtained from http://milw0rm.com/sploits/2009-Adobe.Collab.getIcon.pdfAdobe 8.1.4/9.1 customDictionaryOpen() Code Execution Exploit
Prevention Steps:
- http://www.web2secure.com/2009/04/preventing-from-pdf-exploit-in-acrobat.html
Reference:
http://www.milw0rm.com/exploits/8595
http://www.milw0rm.com/exploits/8569
Google Chrome XSS vulnerability
Google Chrome browsers was reported had XSS flaws and 1.0.154.59 will fix the vulnerability.
More read can be obtained from http://blog.watchfire.com/wfblog/2009/04/google-chrome-universal-xss-vulnerability-.html
PoC #1
PoC #2
More read can be obtained from http://blog.watchfire.com/wfblog/2009/04/google-chrome-universal-xss-vulnerability-.html
PoC #1
PoC #2
Bogus Viagra & Cialis Botnet
Hosted IP address: 220.248.167.110 and 220.248.184.7
http://callnices.com
http://ciifwu.cn
http://cddosy.cn
http://clssdg.cn
http://dcsugxye.cn
http://deyurabaw.cn
http://digpiiw.cn
http://dilsoo.cn
http://dlooryd.cn
http://dyyldqo.cn
http://gigehonus.cn
http://grsiud.cn
http://idlooro.cn
http://oinoqq.cn
http://jipilipuj.cn
http://jezuriteq.cn
http://iylqcby.cn
http://oiyldyi.cn
http://paxopetuy.cn
http://www.rexuwurig.cn
http://vtqionju.cn
http://www.yotusuziq.cn
http://yotusuziq.cn
http://yylqosd.cn
http://ydosqor.cn
http://cxvjpiet.cn
http://demqzag.tufexasaw.cn
http://fmdwyhygh.boqaqaroy.cn
http://hnefcbko.namawomiq.cn
http://mohxoxiw.cn
http://oidq.gogiecoy.cn
http://quincy.doyslho.cn
http://rexuwurig.cn
http://rubi.ydssdqo.cn
http://suoaiiar.cn
http://www.cabunorix.cn
http://www.daqemumaw.cn
http://www.daydaze.com
http://www.iorodl.cn
http://www.iydiko.cn
http://www.jesevewum.cn
http://www.jmmtqeea.cn
http://www.sspdug.cn
http://www.vjoiiaw.cn
http://www.xciylo.cn
http://www.yaoaoe.cn
http://www.yoroyd.cn
http://idyogtri.cn
http://joinmake.com
http://litefort.com
http://makeflat.com
http://okomptfh.lufecumul.cn
http://phone.addresses.com
http://phone.theyellowpages.com
http://qomawuciv.cn
http://quincy.doyslho.cn
http://ricadigox.cn
http://rushpact.com
http://tafibahav.cn
http://wadeship.com
http://widewarm.com
http://www.bjopifde.cn
http://www.daqemumaw.cn
http://www.fhbpiii.cn
http://www.iyljoq.cn
http://www.iylkjoo.cn
http://www.mortgagemodifications247.com
http://www.muluqemuw.cn
http://www.ocaofca.cn
http://www.odlorid.cn
http://www.vppoiwrt.cn
http://www.wazadixih.cn
http://fmdwyhygh.boqaqaroy.cn
http://idyogtri.cn
http://joinmake.com
http://litefort.com
http://makeflat.com
http://okomptfh.lufecumul.cn
http://phone.addresses.com
http://phone.theyellowpages.com
http://qomawuciv.cn
http://quincy.doyslho.cn
http://ricadigox.cn
http://rushpact.com
http://tafibahav.cn
http://wadeship.com
http://widewarm.com
http://www.bjopifde.cn
http://www.daqemumaw.cn
http://www.fhbpiii.cn
http://www.iorodl.cn
http://www.iyljoq.cn
http://www.iylkjoo.cn
http://www.mortgagemodifications247.com
http://www.muluqemuw.cn
http://www.ocaofca.cn
http://www.odlorid.cn
http://www.vppoiwrt.cn
http://www.wazadixih.cn
http://www.diwrcb.cn
http://www.uioonaeo.cn
http://cxvjpiet.cn
http://demqzag.tufexasaw.cn
http://fmdwyhygh.boqaqaroy.cn
http://hnefcbko.namawomiq.cn
http://mohxoxiw.cn
http://nawoqirux.cn
http://oidq.gogiecoy.cn
http://oinoqq.cn
http://quincy.doyslho.cn
http://rexuwurig.cn
http://rubi.ydssdqo.cn
http://suoaiiar.cn
http://www.bjopifde.cn
http://www.cabunorix.cn
http://www.daqemumaw.cn
http://www.daydaze.com
http://www.iorodl.cn
http://www.iydiko.cn
http://www.jesevewum.cn
http://www.jmmtqeea.cn
http://www.sspdug.cn
http://www.uioonaeo.cn
http://www.vjoiiaw.cn
http://www.xciylo.cn
http://www.yaoaoe.cn
http://www.yoroyd.cn
http://www.cgwwrg.cn
http://cxvjpiet.cn
http://demqzag.tufexasaw.cn
http://fmdwyhygh.boqaqaroy.cn
http://hnefcbko.namawomiq.cn
http://mohxoxiw.cn
http://nawoqirux.cn
http://oidq.gogiecoy.cn
http://oinoqq.cn
http://quincy.doyslho.cn
http://rexuwurig.cn
http://rubi.ydssdqo.cn
http://suoaiiar.cn
http://callnices.com
http://ciifwu.cn
http://cddosy.cn
http://clssdg.cn
http://dcsugxye.cn
http://deyurabaw.cn
http://digpiiw.cn
http://dilsoo.cn
http://dlooryd.cn
http://dyyldqo.cn
http://gigehonus.cn
http://grsiud.cn
http://idlooro.cn
http://oinoqq.cn
http://jipilipuj.cn
http://jezuriteq.cn
http://iylqcby.cn
http://oiyldyi.cn
http://paxopetuy.cn
http://www.rexuwurig.cn
http://vtqionju.cn
http://www.yotusuziq.cn
http://yotusuziq.cn
http://yylqosd.cn
http://ydosqor.cn
http://cxvjpiet.cn
http://demqzag.tufexasaw.cn
http://fmdwyhygh.boqaqaroy.cn
http://hnefcbko.namawomiq.cn
http://mohxoxiw.cn
http://oidq.gogiecoy.cn
http://quincy.doyslho.cn
http://rexuwurig.cn
http://rubi.ydssdqo.cn
http://suoaiiar.cn
http://www.cabunorix.cn
http://www.daqemumaw.cn
http://www.daydaze.com
http://www.iorodl.cn
http://www.iydiko.cn
http://www.jesevewum.cn
http://www.jmmtqeea.cn
http://www.sspdug.cn
http://www.vjoiiaw.cn
http://www.xciylo.cn
http://www.yaoaoe.cn
http://www.yoroyd.cn
http://idyogtri.cn
http://joinmake.com
http://litefort.com
http://makeflat.com
http://okomptfh.lufecumul.cn
http://phone.addresses.com
http://phone.theyellowpages.com
http://qomawuciv.cn
http://quincy.doyslho.cn
http://ricadigox.cn
http://rushpact.com
http://tafibahav.cn
http://wadeship.com
http://widewarm.com
http://www.bjopifde.cn
http://www.daqemumaw.cn
http://www.fhbpiii.cn
http://www.iyljoq.cn
http://www.iylkjoo.cn
http://www.mortgagemodifications247.com
http://www.muluqemuw.cn
http://www.ocaofca.cn
http://www.odlorid.cn
http://www.vppoiwrt.cn
http://www.wazadixih.cn
http://fmdwyhygh.boqaqaroy.cn
http://idyogtri.cn
http://joinmake.com
http://litefort.com
http://makeflat.com
http://okomptfh.lufecumul.cn
http://phone.addresses.com
http://phone.theyellowpages.com
http://qomawuciv.cn
http://quincy.doyslho.cn
http://ricadigox.cn
http://rushpact.com
http://tafibahav.cn
http://wadeship.com
http://widewarm.com
http://www.bjopifde.cn
http://www.daqemumaw.cn
http://www.fhbpiii.cn
http://www.iorodl.cn
http://www.iyljoq.cn
http://www.iylkjoo.cn
http://www.mortgagemodifications247.com
http://www.muluqemuw.cn
http://www.ocaofca.cn
http://www.odlorid.cn
http://www.vppoiwrt.cn
http://www.wazadixih.cn
http://www.diwrcb.cn
http://www.uioonaeo.cn
http://cxvjpiet.cn
http://demqzag.tufexasaw.cn
http://fmdwyhygh.boqaqaroy.cn
http://hnefcbko.namawomiq.cn
http://mohxoxiw.cn
http://nawoqirux.cn
http://oidq.gogiecoy.cn
http://oinoqq.cn
http://quincy.doyslho.cn
http://rexuwurig.cn
http://rubi.ydssdqo.cn
http://suoaiiar.cn
http://www.bjopifde.cn
http://www.cabunorix.cn
http://www.daqemumaw.cn
http://www.daydaze.com
http://www.iorodl.cn
http://www.iydiko.cn
http://www.jesevewum.cn
http://www.jmmtqeea.cn
http://www.sspdug.cn
http://www.uioonaeo.cn
http://www.vjoiiaw.cn
http://www.xciylo.cn
http://www.yaoaoe.cn
http://www.yoroyd.cn
http://www.cgwwrg.cn
http://cxvjpiet.cn
http://demqzag.tufexasaw.cn
http://fmdwyhygh.boqaqaroy.cn
http://hnefcbko.namawomiq.cn
http://mohxoxiw.cn
http://nawoqirux.cn
http://oidq.gogiecoy.cn
http://oinoqq.cn
http://quincy.doyslho.cn
http://rexuwurig.cn
http://rubi.ydssdqo.cn
http://suoaiiar.cn
http://www.uidijsno.cn
http://www.idogynue.cn
http://www.uiffzgbo.cn
IP address:119.67.72.170
http://cheap-swisswatch.com
http://beenduel.com
http://beenfull.com
http://cinizafok.cn
http://citegist.com
http://citehigh.com
http://coltcite.com
http://coltduel.com
http://coltfull.com
http://futijadof.cn
http://gistdunk.com
http://gooddoes.com
http://listslim.com
http://mainpeers.com
http://maylit.com
http://michpick.com
http://okomptfh.lufecumul.cn
http://powercleanse-ultimate.com
http://rearmiss.com
http://semivery.com
http://tazohotus.cn
http://thensend.com
http://willsmain.com
http://wordslim.com
http://wordwill.com
http://www.buqucoxux.cn
http://www.fleddale.com
http://www.issduc.cn
http://xbigger.com
Note:If you think the information benefit to you, click on advertisement column to support me in order pay for domain fees.
http://www.idogynue.cn
http://www.uiffzgbo.cn
IP address:119.67.72.170
http://cheap-swisswatch.com
http://beenduel.com
http://beenfull.com
http://cinizafok.cn
http://citegist.com
http://citehigh.com
http://coltcite.com
http://coltduel.com
http://coltfull.com
http://futijadof.cn
http://gistdunk.com
http://gooddoes.com
http://listslim.com
http://mainpeers.com
http://maylit.com
http://michpick.com
http://okomptfh.lufecumul.cn
http://powercleanse-ultimate.com
http://rearmiss.com
http://semivery.com
http://tazohotus.cn
http://thensend.com
http://willsmain.com
http://wordslim.com
http://wordwill.com
http://www.buqucoxux.cn
http://www.fleddale.com
http://www.issduc.cn
http://xbigger.com
Note:If you think the information benefit to you, click on advertisement column to support me in order pay for domain fees.
Sunday, May 3, 2009
Malicious URLs *4-May-09*
Malicious host domain obtained from hxxp://ohyes88.com/xin/host.jpg
127.0.0.1 v.onondown.com.cn
127.0.0.2 ymsdasdw1.cn
127.0.0.3 h96b.info
127.0.0.0 fuck.zttwp.cn
127.0.0.0 www.hackerbf.cn
127.0.0.0 zzz.2008wyt.net
127.1.1.1 999.2005wyt.com
127.1.1.1 219.152.120.240
127.0.0.0 ww.popdm.cn
127.1.1.1 bbt.etimes888.com
127.1.1.1 219.147.13.53
127.1.1.1 a1.xxoozjz.com:56868
127.1.1.1 a1.xxoozjz.com
127.1.1.1 ddown.xxoozjz.com:56868
127.1.1.1 ddown.xxoozjz.com
127.1.1.1 dnl-13.geo.kaspersky.com
127.1.1.1 dl.360safe.com
127.1.1.1 www.sunlight.org.cn
127.1.1.1 w.wonthe.cn
127.1.1.1 20068080.cn
127.1.1.1 l.neter888.cn
127.1.1.1 stat.untang.com
127.1.1.1 www.ikdy.cn
127.0.0.0 geekbyfeng.cn
127.0.0.0 121.14.101.68
127.0.0.0 ppp.etimes888.com
127.0.0.0 www.bypk.com
127.0.0.0 CSC3-2004-crl.verisign.com
127.0.0.1 va9sdhun23.cn
127.0.0.0 udp.hjob123.com
127.1.1.1 999.hfdy2828.com
127.1.1.1 www.hfdy2929.com
127.1.1.1 www.xiazaide1.cn
127.1.1.1 www.vuf51579.cn
127.1.1.1 wm.eo2q.cn
127.1.1.1 d.www-263.com
127.1.1.1 www.ssy1688.cn
127.1.1.1 121.12.173.218
127.1.1.1 qq.18i16.net
127.1.1.1 a.baidu-6661.com
127.1.1.1 www.vuf51579.cn
127.1.1.1 www.1079223105.cn
127.1.1.1 home.xzx6.cn
127.1.1.1 top.fgc3.cn
127.1.1.1 165.246.44.228
127.1.1.1 wwww.ttfafa.com
127.1.1.1 pa.tt-09.com
127.0.0.2 bnasnd83nd.cn
127.0.0.0 www.gamehacker.com.cn
127.0.0.0 gamehacker.com.cn
127.1.1.1 www.cctv-100008.cn
127.1.1.1 222.73.208.141
127.0.0.3 adlaji.cn
127.1.1.1 aiyyw.com
127.0.0.1 858656.com
127.1.1.1 bnasnd83nd.cn
127.0.0.1 my123.com
127.0.0.0 user1.12-27.net
127.0.0.1 8749.com
127.0.0.0 fengent.cn
127.0.0.1 4199.com
127.0.0.1 user1.16-22.net
127.0.0.1 7379.com
127.0.0.1 2be37c5f.3f6e2cc5f0b.com
127.0.0.1 7255.com
127.0.0.1 user1.23-12.net
127.0.0.1 3448.com
127.0.0.1 www.guccia.net
127.0.0.1 7939.com
127.0.0.1 a.o1o1o1.nEt
127.0.0.1 8009.com
127.0.0.1 user1.12-73.cn
127.0.0.1 piaoxue.com
127.0.0.1 3n8nlasd.cn
127.0.0.1 kzdh.com
127.0.0.0 www.sony888.cn
127.0.0.1 about.blank.la
127.0.0.0 user1.asp-33.cn
127.0.0.1 6781.com
127.0.0.0 www.netkwek.cn
127.0.0.1 7322.com
127.0.0.0 ymsdkad6.cn
127.0.0.1 localhost
127.0.0.0 www.lkwueir.cn
127.0.0.1 06.jacai.com
127.0.1.1 user1.23-17.net
127.0.0.1 1.jopenkk.com
127.0.0.0 upa.luzhiai.net
127.0.0.1 1.jopenqc.com
127.0.0.0 www.guccia.net
127.0.0.1 1.joppnqq.com
127.0.0.0 4m9mnlmi.cn
127.0.0.1 1.xqhgm.com
127.0.0.0 mm119mkssd.cn
127.0.0.1 100.332233.com
127.0.0.0 61.128.171.115:8080
127.0.0.1 121.11.90.79
127.0.0.0 www.1119111.com
127.0.0.1 121565.net
127.0.0.0 win.nihao69.cn
127.0.0.1 125.90.88.38
127.0.0.1 16888.6to23.com
127.0.0.1 2.joppnqq.com
127.0.0.0 puc.lianxiac.net
127.0.0.1 204.177.92.68
127.0.0.0 pud.lianxiac.net
127.0.0.1 210.74.145.236
127.0.0.0 210.76.0.133
127.0.0.1 219.129.239.220
127.0.0.0 61.166.32.2
127.0.0.1 219.153.40.221
127.0.0.0 218.92.186.27
127.0.0.1 219.153.46.27
127.0.0.0 www.fsfsfag.cn
127.0.0.1 219.153.52.123
127.0.0.0 ovo.ovovov.cn
127.0.0.1 221.195.42.71
127.0.0.0 dw.com.com
127.0.0.1 222.73.218.115
127.0.0.1 203.110.168.233:80
127.0.0.1 3.joppnqq.com
127.0.0.1 203.110.168.2280
127.0.0.1 363xx.com
127.0.0.1 www1.ip10086.com.cm
127.0.0.1 4199.com
127.0.0.1 blog.ip10086.com.cn
127.0.0.1 43242.com
127.0.0.1 www.ccji68.cn
127.0.0.1 5.xqhgm.com
127.0.0.0 t.myblank.cn
127.0.0.1 520.mm5208.com
127.0.0.0 x.myblank.cn
127.0.0.1 59.34.131.54
127.0.0.1 210.51.45.5
127.0.0.1 59.34.198.228
127.0.0.1 www.ew1q.cn
127.0.0.1 59.34.198.88
127.0.0.1 59.34.198.97
127.0.0.1 60.190.114.101
127.0.0.1 60.190.218.34
127.0.0.0 qq-xing.com.cn
127.0.0.1 60.191.124.252
127.0.0.1 61.145.117.212
127.0.0.1 61.157.109.222
127.0.0.1 75.126.3.216
127.0.0.1 220.250.64.21
127.0.0.1 75.126.3.217
127.0.0.1 75.126.3.218
127.0.0.0 59.125.231.177:17777
127.0.0.1 75.126.3.220
127.0.0.1 75.126.3.221
127.0.0.1 75.126.3.222
127.0.0.1 772630.com
127.0.0.1 832823.cn
127.0.0.1 8749.com
127.0.0.1 888.jopenqc.com
127.0.0.1 89382.cn
127.0.0.1 8v8.biz
127.0.0.1 97725.com
127.0.0.1 9gg.biz
127.0.0.1 www.9000music.com
127.0.0.1 test.591jx.com
127.0.0.1 a.topxxxx.cn
127.0.0.1 picon.chinaren.com
127.0.0.1 www.5566.net
127.0.0.1 p.qqkx.com
127.0.0.1 news.netandtv.com
127.0.0.1 z.neter888.cn
127.0.0.1 b.myblank.cn
127.0.0.1 wvw.wokutu.com
127.0.0.1 unionch.qyule.com
127.0.0.1 www.qyule.com
127.0.0.1 it.itjc.cn
127.0.0.1 www.linkwww.com
127.0.0.1 vod.kaicn.com
127.0.0.1 www.tx8688.com
127.0.0.1 b.neter888.cn
127.0.0.1 promote.huanqiu.com
127.0.0.1 www.huanqiu.com
127.0.0.1 www.haokanla.com
127.0.0.1 play.unionsky.cn
127.0.0.1 www.52v.com
127.0.0.1 www.gghka.cn
127.0.0.1 icon.ajiang.net
127.0.0.1 new.ete.cn
127.0.0.1 www.stiae.cn
127.0.0.1 o.neter888.cn
127.0.0.1 comm.jinti.com
127.0.0.1 www.google-analytics.com
127.0.0.1 hz.mmstat.com
127.0.0.1 www.game175.cn
127.0.0.1 x.neter888.cn
127.0.0.1 z.neter888.cn
127.0.0.1 p.etimes888.com
127.0.0.1 hx.etimes888.com
127.0.0.1 abc.qqkx.com
127.0.0.1 dm.popdm.cn
127.0.0.1 www.yl9999.com
127.0.0.1 www.dajiadoushe.cn
127.0.0.1 v.onondown.com.cn
127.0.0.1 www.interoo.net
127.0.0.1 bally1.bally-bally.net
127.0.0.1 www.bao5605509.cn
127.0.0.1 www.rty456.cn
127.0.0.1 www.werqwer.cn
127.0.0.1 1.360-1.cn
127.0.0.1 user1.23-16.net
127.0.0.1 www.guccia.net
127.0.0.1 www.interoo.net
127.0.0.1 upa.netsool.net
127.0.0.1 js.users.51.la
127.0.0.1 qq.gong2008.com
127.0.0.1 2008tl.copyip.com
127.0.0.1 tla.laozihuolaile.cn
127.0.0.1 www.tx6868.cn
127.0.0.1 p001.tiloaiai.com
127.0.0.1 s1.tl8tl.com
127.0.0.1 s1.gong2008.com
127.0.0.1 4b3ce56f9g.3f6e2cc5f0b.com
127.0.0.1 2be37c5f.3f6e2cc5f0b.com
222.189.238.6 biz5c.sandai.net
222.189.238.6 recommend.xunlei.com
222.189.238.6 news.51uc.com
222.189.238.6 chat.sina.com.cn
222.189.238.6 hallcenter.ourgame.com
Note:If you think the information benefit to you, click on advertisement column to support me in order pay for domain fees.
127.0.0.1 v.onondown.com.cn
127.0.0.2 ymsdasdw1.cn
127.0.0.3 h96b.info
127.0.0.0 fuck.zttwp.cn
127.0.0.0 www.hackerbf.cn
127.0.0.0 zzz.2008wyt.net
127.1.1.1 999.2005wyt.com
127.1.1.1 219.152.120.240
127.0.0.0 ww.popdm.cn
127.1.1.1 bbt.etimes888.com
127.1.1.1 219.147.13.53
127.1.1.1 a1.xxoozjz.com:56868
127.1.1.1 a1.xxoozjz.com
127.1.1.1 ddown.xxoozjz.com:56868
127.1.1.1 ddown.xxoozjz.com
127.1.1.1 dnl-13.geo.kaspersky.com
127.1.1.1 dl.360safe.com
127.1.1.1 www.sunlight.org.cn
127.1.1.1 w.wonthe.cn
127.1.1.1 20068080.cn
127.1.1.1 l.neter888.cn
127.1.1.1 stat.untang.com
127.1.1.1 www.ikdy.cn
127.0.0.0 geekbyfeng.cn
127.0.0.0 121.14.101.68
127.0.0.0 ppp.etimes888.com
127.0.0.0 www.bypk.com
127.0.0.0 CSC3-2004-crl.verisign.com
127.0.0.1 va9sdhun23.cn
127.0.0.0 udp.hjob123.com
127.1.1.1 999.hfdy2828.com
127.1.1.1 www.hfdy2929.com
127.1.1.1 www.xiazaide1.cn
127.1.1.1 www.vuf51579.cn
127.1.1.1 wm.eo2q.cn
127.1.1.1 d.www-263.com
127.1.1.1 www.ssy1688.cn
127.1.1.1 121.12.173.218
127.1.1.1 qq.18i16.net
127.1.1.1 a.baidu-6661.com
127.1.1.1 www.vuf51579.cn
127.1.1.1 www.1079223105.cn
127.1.1.1 home.xzx6.cn
127.1.1.1 top.fgc3.cn
127.1.1.1 165.246.44.228
127.1.1.1 wwww.ttfafa.com
127.1.1.1 pa.tt-09.com
127.0.0.2 bnasnd83nd.cn
127.0.0.0 www.gamehacker.com.cn
127.0.0.0 gamehacker.com.cn
127.1.1.1 www.cctv-100008.cn
127.1.1.1 222.73.208.141
127.0.0.3 adlaji.cn
127.1.1.1 aiyyw.com
127.0.0.1 858656.com
127.1.1.1 bnasnd83nd.cn
127.0.0.1 my123.com
127.0.0.0 user1.12-27.net
127.0.0.1 8749.com
127.0.0.0 fengent.cn
127.0.0.1 4199.com
127.0.0.1 user1.16-22.net
127.0.0.1 7379.com
127.0.0.1 2be37c5f.3f6e2cc5f0b.com
127.0.0.1 7255.com
127.0.0.1 user1.23-12.net
127.0.0.1 3448.com
127.0.0.1 www.guccia.net
127.0.0.1 7939.com
127.0.0.1 a.o1o1o1.nEt
127.0.0.1 8009.com
127.0.0.1 user1.12-73.cn
127.0.0.1 piaoxue.com
127.0.0.1 3n8nlasd.cn
127.0.0.1 kzdh.com
127.0.0.0 www.sony888.cn
127.0.0.1 about.blank.la
127.0.0.0 user1.asp-33.cn
127.0.0.1 6781.com
127.0.0.0 www.netkwek.cn
127.0.0.1 7322.com
127.0.0.0 ymsdkad6.cn
127.0.0.1 localhost
127.0.0.0 www.lkwueir.cn
127.0.0.1 06.jacai.com
127.0.1.1 user1.23-17.net
127.0.0.1 1.jopenkk.com
127.0.0.0 upa.luzhiai.net
127.0.0.1 1.jopenqc.com
127.0.0.0 www.guccia.net
127.0.0.1 1.joppnqq.com
127.0.0.0 4m9mnlmi.cn
127.0.0.1 1.xqhgm.com
127.0.0.0 mm119mkssd.cn
127.0.0.1 100.332233.com
127.0.0.0 61.128.171.115:8080
127.0.0.1 121.11.90.79
127.0.0.0 www.1119111.com
127.0.0.1 121565.net
127.0.0.0 win.nihao69.cn
127.0.0.1 125.90.88.38
127.0.0.1 16888.6to23.com
127.0.0.1 2.joppnqq.com
127.0.0.0 puc.lianxiac.net
127.0.0.1 204.177.92.68
127.0.0.0 pud.lianxiac.net
127.0.0.1 210.74.145.236
127.0.0.0 210.76.0.133
127.0.0.1 219.129.239.220
127.0.0.0 61.166.32.2
127.0.0.1 219.153.40.221
127.0.0.0 218.92.186.27
127.0.0.1 219.153.46.27
127.0.0.0 www.fsfsfag.cn
127.0.0.1 219.153.52.123
127.0.0.0 ovo.ovovov.cn
127.0.0.1 221.195.42.71
127.0.0.0 dw.com.com
127.0.0.1 222.73.218.115
127.0.0.1 203.110.168.233:80
127.0.0.1 3.joppnqq.com
127.0.0.1 203.110.168.2280
127.0.0.1 363xx.com
127.0.0.1 www1.ip10086.com.cm
127.0.0.1 4199.com
127.0.0.1 blog.ip10086.com.cn
127.0.0.1 43242.com
127.0.0.1 www.ccji68.cn
127.0.0.1 5.xqhgm.com
127.0.0.0 t.myblank.cn
127.0.0.1 520.mm5208.com
127.0.0.0 x.myblank.cn
127.0.0.1 59.34.131.54
127.0.0.1 210.51.45.5
127.0.0.1 59.34.198.228
127.0.0.1 www.ew1q.cn
127.0.0.1 59.34.198.88
127.0.0.1 59.34.198.97
127.0.0.1 60.190.114.101
127.0.0.1 60.190.218.34
127.0.0.0 qq-xing.com.cn
127.0.0.1 60.191.124.252
127.0.0.1 61.145.117.212
127.0.0.1 61.157.109.222
127.0.0.1 75.126.3.216
127.0.0.1 220.250.64.21
127.0.0.1 75.126.3.217
127.0.0.1 75.126.3.218
127.0.0.0 59.125.231.177:17777
127.0.0.1 75.126.3.220
127.0.0.1 75.126.3.221
127.0.0.1 75.126.3.222
127.0.0.1 772630.com
127.0.0.1 832823.cn
127.0.0.1 8749.com
127.0.0.1 888.jopenqc.com
127.0.0.1 89382.cn
127.0.0.1 8v8.biz
127.0.0.1 97725.com
127.0.0.1 9gg.biz
127.0.0.1 www.9000music.com
127.0.0.1 test.591jx.com
127.0.0.1 a.topxxxx.cn
127.0.0.1 picon.chinaren.com
127.0.0.1 www.5566.net
127.0.0.1 p.qqkx.com
127.0.0.1 news.netandtv.com
127.0.0.1 z.neter888.cn
127.0.0.1 b.myblank.cn
127.0.0.1 wvw.wokutu.com
127.0.0.1 unionch.qyule.com
127.0.0.1 www.qyule.com
127.0.0.1 it.itjc.cn
127.0.0.1 www.linkwww.com
127.0.0.1 vod.kaicn.com
127.0.0.1 www.tx8688.com
127.0.0.1 b.neter888.cn
127.0.0.1 promote.huanqiu.com
127.0.0.1 www.huanqiu.com
127.0.0.1 www.haokanla.com
127.0.0.1 play.unionsky.cn
127.0.0.1 www.52v.com
127.0.0.1 www.gghka.cn
127.0.0.1 icon.ajiang.net
127.0.0.1 new.ete.cn
127.0.0.1 www.stiae.cn
127.0.0.1 o.neter888.cn
127.0.0.1 comm.jinti.com
127.0.0.1 www.google-analytics.com
127.0.0.1 hz.mmstat.com
127.0.0.1 www.game175.cn
127.0.0.1 x.neter888.cn
127.0.0.1 z.neter888.cn
127.0.0.1 p.etimes888.com
127.0.0.1 hx.etimes888.com
127.0.0.1 abc.qqkx.com
127.0.0.1 dm.popdm.cn
127.0.0.1 www.yl9999.com
127.0.0.1 www.dajiadoushe.cn
127.0.0.1 v.onondown.com.cn
127.0.0.1 www.interoo.net
127.0.0.1 bally1.bally-bally.net
127.0.0.1 www.bao5605509.cn
127.0.0.1 www.rty456.cn
127.0.0.1 www.werqwer.cn
127.0.0.1 1.360-1.cn
127.0.0.1 user1.23-16.net
127.0.0.1 www.guccia.net
127.0.0.1 www.interoo.net
127.0.0.1 upa.netsool.net
127.0.0.1 js.users.51.la
127.0.0.1 qq.gong2008.com
127.0.0.1 2008tl.copyip.com
127.0.0.1 tla.laozihuolaile.cn
127.0.0.1 www.tx6868.cn
127.0.0.1 p001.tiloaiai.com
127.0.0.1 s1.tl8tl.com
127.0.0.1 s1.gong2008.com
127.0.0.1 4b3ce56f9g.3f6e2cc5f0b.com
127.0.0.1 2be37c5f.3f6e2cc5f0b.com
222.189.238.6 biz5c.sandai.net
222.189.238.6 recommend.xunlei.com
222.189.238.6 news.51uc.com
222.189.238.6 chat.sina.com.cn
222.189.238.6 hallcenter.ourgame.com
Note:If you think the information benefit to you, click on advertisement column to support me in order pay for domain fees.
Subscribe to:
Posts (Atom)