API tools faq
paste
Advertisement
DhiaLite

#DhiaLite - OSINT on 37.58.73.42/95.156.228.69/195.210.43.42

DhiaLite
Sep 11th, 2013
710
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.37 KB | None | 0 0
raw download clone embed print report
  1. Wed, Sep 11 2013
  2. #DhiaLite - In response to https://isc.sans.edu/diary/37.58.73.42++95.156.228.69++195.210.43.42%2C+anyone%3F/16559
  3.  
  4. Below are malicious Domains hosted on 37.58.73.42
  5. They appeared in Dynamoo's blog list of May 13th 2013, http://bit.ly/19i7OyY
  6.  
  7. In Dynamoo's blog, they were reported as being hosted on 188.241.86.33, "a malware server currently involved in injection attacks, serving up the Blackhole exploit kit, Zbot and a side order of Cdorked"
  8.  
  9. Intel from Urlquery
  10. http://urlquery.net/search.php?q=37.58.73.42&type=string&start=2013-08-28&end=2013-09-12&max=200
  11. http://urlquery.net/search.php?q=95.156.228.69&type=string&start=2013-08-28&end=2013-09-12&max=200
  12. http://urlquery.net/search.php?q=195.210.43.42&type=string&start=2013-08-28&end=2013-09-12&max=200
  13.  
  14. Intel from VirusTotal
  15. https://www.virustotal.com/en/ip-address/37.58.73.42/information/
  16. https://www.virustotal.com/en/ip-address/95.156.228.69/information/
  17. https://www.virustotal.com/en/ip-address/195.210.43.42/information/
  18.  
  19.  
  20. gmzuwr.ru
  21. hrgvrl.ru
  22. kinyng.ru
  23. luiwmt.ru
  24. olpnso.ru
  25. pvzvnp.ru
  26. rvwwko.ru
  27. tpxhpz.ru
  28. trlnps.ru
  29. zuihwg.ru
  30. zuknsr.ru
  31.  
  32. Below is the data from our Umbrella passive DNS data (OpenDNS)
  33.  
  34. gmzuwr.ru
  35. 9/7/13 9/11/13 37.58.73.42 (TTL: 300)
  36. 7/4/13 7/10/13 37.58.73.42 (TTL: 300)
  37.  
  38. hrgvrl.ru
  39. 8/27/13 9/7/13 37.58.73.42 (TTL: 300)
  40. 7/3/13 7/10/13 37.58.73.42 (TTL: 300)
  41.  
  42. kinyng.ru
  43. 9/6/13 9/8/13 37.58.73.42 (TTL: 300)
  44. 7/3/13 7/9/13 37.58.73.42 (TTL: 300)
  45.  
  46. luiwmt.ru
  47. 8/19/13 9/7/13 37.58.73.42 (TTL: 300)
  48. 7/4/13 7/10/13 37.58.73.42 (TTL: 300)
  49.  
  50. olpnso.ru
  51. 8/17/13 9/7/13 37.58.73.42 (TTL: 300)
  52. 7/4/13 7/11/13 37.58.73.42 (TTL: 300)
  53.  
  54. pvzvnp.ru
  55. 9/7/13 9/8/13 37.58.73.42 (TTL: 300)
  56. 7/4/13 7/7/13 37.58.73.42 (TTL: 300)
  57.  
  58. rvwwko.ru
  59. 9/6/13 9/7/13 37.58.73.42 (TTL: 300)
  60. 7/11/13 7/11/13 37.58.73.42 (TTL: 300) 88.198.227.115 (TTL: 300)
  61. 7/4/13 7/10/13 37.58.73.42 (TTL: 300)
  62.  
  63. tpxhpz.ru
  64. 8/18/13 9/7/13 37.58.73.42 (TTL: 300)
  65. 7/4/13 7/10/13 37.58.73.42 (TTL: 300)
  66.  
  67. trlnps.ru
  68. 8/31/13 9/7/13 37.58.73.42 (TTL: 300)
  69. 7/3/13 7/10/13 37.58.73.42 (TTL: 300)
  70.  
  71. zuihwg.ru
  72. 8/18/13 8/31/13 37.58.73.42 (TTL: 300)
  73. 7/11/13 7/11/13 37.58.73.42 (TTL: 300) 88.198.227.115 (TTL: 300)
  74. 7/3/13 7/10/13 37.58.73.42 (TTL: 300)
  75.  
  76. zuknsr.ru
  77. 9/7/13 9/7/13 37.58.73.42 (TTL: 300)
  78. 7/11/13 7/11/13 37.58.73.42 (TTL: 300) 88.198.227.115 (TTL: 300)
  79. 7/3/13 7/10/13 37.58.73.42 (TTL: 300)
  80.  
  81. END
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!