API tools faq
paste
Advertisement
DhiaLite

#DhiaLite- Callbacks used to host Kelihos doms Sep 2nd, 2013

DhiaLite
Sep 2nd, 2013
258
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.17 KB | None | 0 0
raw download clone embed print report
  1. Thu, Sep 2nd 2013
  2. #DhiaLite - Domains mapping to IPs in Hosts list from http://pastebin.com/Q5ufz4Cu
  3. I removed the google 8.8.8.8
  4. A lot of these are infected home machines, that are most likely part of the Kelihos botnet.
  5. The relevant IP is 46.172.237.163. It is confirmed to be part of the Kelihos botnet. It's been used to host the fast flux domains. All FF domains are dead now, except aqa.renuncam.nl. Is still alive.
  6.  
  7. #Kelihos FF domains list
  8. abeeu.bobpawa.com 46.172.237.163 0
  9. ximirsex.ru 46.172.237.163 0
  10. teeply.info 46.172.237.163 0
  11. aqa.renuncam.nl 46.172.237.163 0
  12. cych.zymofevy.me 46.172.237.163 0
  13. davujuz.com 46.172.237.163 0
  14. cx3r5.nigucgu.com 46.172.237.163 0
  15. nenkudyf.ru 46.172.237.163 0
  16. dahadkyz.ru 46.172.237.163 0
  17. fcegrrtc.mapuhxaf.ru 46.172.237.163 0
  18. widerat.com 46.172.237.163 0
  19. xexumyb.com 46.172.237.163 0
  20. ogfonis.org 46.172.237.163 0
  21. huznejex.ru 46.172.237.163 0
  22. hsej0rr7.insomtab.nl 46.172.237.163 0
  23. powerwik.ru 46.172.237.163 0
  24. flowsre.com 46.172.237.163 0
  25.  
  26. #Full list
  27. abeeu.bobpawa.com 46.172.237.163 0
  28. ximirsex.ru 46.172.237.163 0
  29. teeply.info 46.172.237.163 0
  30. aqa.renuncam.nl 46.172.237.163 0
  31. s01067cb21b32041d.vc.shawcable.net 24.85.82.3 900
  32. j.maxmind.com 108.168.255.244 28800
  33. j.maxmind.com 108.168.255.244 14400
  34. j.maxmind.com 108.168.255.244 86400
  35. j.maxmind.com 108.168.255.244 7200
  36. webmailportal.info 12.192.118.250 3600
  37. cych.zymofevy.me 46.172.237.163 0
  38. davujuz.com 46.172.237.163 0
  39. cx3r5.nigucgu.com 46.172.237.163 0
  40. nenkudyf.ru 46.172.237.163 0
  41. dahadkyz.ru 46.172.237.163 0
  42. fcegrrtc.mapuhxaf.ru 46.172.237.163 0
  43. c-71-238-72-5.hsd1.mi.comcast.net 71.238.72.5 7200
  44. ool-43562fe7.dyn.optonline.net 67.86.47.231 86400
  45. widerat.com 46.172.237.163 0
  46. c-66-56-26-75.hsd1.ga.comcast.net 66.56.26.75 7200
  47. c-76-27-32-6.hsd1.ut.comcast.net 76.27.32.6 7200
  48. 108.168.255.244-static.reverse.softlayer.com 108.168.255.244 86400
  49. kandreas.desales.edu 147.106.5.3 28800
  50. c-68-44-131-21.hsd1.de.comcast.net 68.44.131.21 7200
  51. xexumyb.com 46.172.237.163 0
  52. ogfonis.org 46.172.237.163 0
  53. huznejex.ru 46.172.237.163 0
  54. hsej0rr7.insomtab.nl 46.172.237.163 0
  55. powerwik.ru 46.172.237.163 0
  56. 173-18-114-28.client.mchsi.com 173.18.114.28 86400
  57. flowsre.com 46.172.237.163 0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!