API tools faq
paste
Advertisement
DhiaLite

Suspicious .pl short lived subdomains II - Nov 13, 2013

DhiaLite
Nov 13th, 2013
244
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.88 KB | None | 0 0
raw download clone embed print report
  1. Wed, Nov 13 2013
  2. #DhiaLite - Another campaign of suspicious short lived .pl subdomains started resolving to 109.236.83.184 since yesterday and still going on.
  3. Spike in traffic for these subdomains then they stop resolving.
  4.  
  5. Possibly used for a similar Malvertising -> EK -> ransomware campaign as in
  6. http://www.malekal.com/2013/07/31/en-urausy-adultfriendzfinder-malvertising-banner/
  7.  
  8. Yet to be confirmed.
  9.  
  10. Currently about 260+ subdomains have resolved to this IP, and more are popping up.
  11.  
  12. These subdomains are registered under the Polish cities 2LDs
  13.  
  14. olecko.pl
  15. opole.pl
  16.  
  17. #Sample subdomains on 109.236.83.184
  18.  
  19. zya.fotkidepo.olecko.pl
  20. zmi2.seoclarity.olecko.pl
  21. yourb.youwall.olecko.pl
  22. xncc3.venda.olecko.pl
  23. workc.venda.olecko.pl
  24. wikid.livingspaces.olecko.pl
  25. weis9.seoclarity.olecko.pl
  26. webse.nu.olecko.pl
  27. vizeu.fbadsacademy.olecko.pl
  28. video.cancionfeliz.olecko.pl
  29. venet.livingspaces.olecko.pl
  30. uyana.fotkidepo.olecko.pl
  31. unive.bnfusa.olecko.pl
  32. tuben.seoclarity.olecko.pl
  33. tubeh.markdalgleish.olecko.pl
  34. ttmal.fbadsacademy.olecko.pl
  35. trade.pornteen.olecko.pl
  36. toytr.austinkayak.olecko.pl
  37. timew.publicmarkup.olecko.pl
  38. thehe.yubico.olecko.pl
  39. telec.austinkayak.olecko.pl
  40. techi.pornteen.olecko.pl
  41. teamg.acousticsounds.olecko.pl
  42. tamil.pornteen.olecko.pl
  43. tagla.livingspaces.olecko.pl
  44. tads.jefchaussures.olecko.pl
  45. szsot.jefchaussures.olecko.pl
  46. syner.fotkidepo.olecko.pl
  47. style.epropertysites.olecko.pl
  48. stref.fotkidepo.olecko.pl
  49. stmiv.venda.olecko.pl
  50. stati.vyou.olecko.pl
  51. spoto.addiszefen.olecko.pl
  52. spiel.youwall.olecko.pl
  53. soont.livingspaces.olecko.pl
  54. softm.seoclarity.olecko.pl
  55. snapf.addiszefen.olecko.pl
  56. shecl.markdalgleish.olecko.pl
  57. share.epropertysites.olecko.pl
  58. shahl.markdalgleish.olecko.pl
  59. sgcom.youwall.olecko.pl
  60. sftou.pornteen.olecko.pl
  61. serhs.groups.olecko.pl
  62. seoef.jefchaussures.olecko.pl
  63. semin.pornteen.olecko.pl
  64. sacre.livingspaces.olecko.pl
  65. regio.fbadsacademy.olecko.pl
  66. ranne.nu.olecko.pl
  67. rainf.seoclarity.olecko.pl
  68. quick.fbadsacademy.olecko.pl
  69. pures.epropertysites.olecko.pl
  70. psych.yubico.olecko.pl
  71. prweb.publicmarkup.olecko.pl
  72. prsq.livingspaces.olecko.pl
  73. press.addiszefen.olecko.pl
  74. pornt.venda.olecko.pl
  75. place.austinkayak.olecko.pl
  76. photo.bnfusa.olecko.pl
  77. phen3.austinkayak.olecko.pl
  78. pgwea.markdalgleish.olecko.pl
  79. persi.venda.olecko.pl
  80. pekao.markdalgleish.olecko.pl
  81. pcare.fotkidepo.olecko.pl
  82. otoha.acousticsounds.olecko.pl
  83. otcli.austinkayak.olecko.pl
  84. on86.austinkayak.olecko.pl
  85. nextg.fbadsacademy.olecko.pl
  86. newwo.venda.olecko.pl
  87. newco.cancionfeliz.olecko.pl
  88. natur.seoclarity.olecko.pl
  89. namab.fotkidepo.olecko.pl
  90. myida.addiszefen.olecko.pl
  91. mokro.youwall.olecko.pl
  92. mmnew.yubico.olecko.pl
  93. minik.pornteen.olecko.pl
  94. mille.bnfusa.olecko.pl
  95. mbzpo.yubico.olecko.pl
  96. maxli.epropertysites.olecko.pl
  97. maste.vyou.olecko.pl
  98. maspi.acousticsounds.olecko.pl
  99. marke.vyou.olecko.pl
  100. malls.publicmarkup.olecko.pl
  101. magya.pornteen.olecko.pl
  102. locaw.livingspaces.olecko.pl
  103. likka.venda.olecko.pl
  104. life.epropertysites.olecko.pl
  105. lfspa.jefchaussures.olecko.pl
  106. legra.jefchaussures.olecko.pl
  107. lecre.publicmarkup.olecko.pl
  108. ladal.fotkidepo.olecko.pl
  109. kinor.teilesuche24.olecko.pl
  110. kettl.jefchaussures.olecko.pl
  111. kecho.yubico.olecko.pl
  112. inbox.pornteen.olecko.pl
  113. inbas.yubico.olecko.pl
  114. ictec.addiszefen.olecko.pl
  115. icecw.jefchaussures.olecko.pl
  116. ice.addiszefen.olecko.pl
  117. http2.jefchaussures.olecko.pl
  118. hotel.groups.olecko.pl
  119. hoste.addiszefen.olecko.pl
  120. hnrcz.pornteen.olecko.pl
  121. hislu.acousticsounds.olecko.pl
  122. helpr.markdalgleish.olecko.pl
  123. hdmik.epropertysites.olecko.pl
  124. goods.venda.olecko.pl
  125. glerk.fbadsacademy.olecko.pl
  126. gfeat.youwall.olecko.pl
  127. gdtv.addiszefen.olecko.pl
  128. funny.bnfusa.olecko.pl
  129. fujii.nu.olecko.pl
  130. franc.fbadsacademy.olecko.pl
  131. forme.seoclarity.olecko.pl
  132. flore.yubico.olecko.pl
  133. festh.jefchaussures.olecko.pl
  134. fatre.bnfusa.olecko.pl
  135. farya.livingspaces.olecko.pl
  136. exclu.acousticsounds.olecko.pl
  137. entom.markdalgleish.olecko.pl
  138. egida.seoclarity.olecko.pl
  139. efis.yubico.olecko.pl
  140. echo.seoclarity.olecko.pl
  141. drugf.jefchaussures.olecko.pl
  142. drgru.youwall.olecko.pl
  143. douzh.cancionfeliz.olecko.pl
  144. digit.acousticsounds.olecko.pl
  145. dial4.yoursforprosperity.olecko.pl
  146. desco.cancionfeliz.olecko.pl
  147. demuv.publicmarkup.olecko.pl
  148. dayly.jefchaussures.olecko.pl
  149. dadca.venda.olecko.pl
  150. curit.seoclarity.olecko.pl
  151. cultt.groups.olecko.pl
  152. conin.teilesuche24.olecko.pl
  153. compe.addiszefen.olecko.pl
  154. commc.nu.olecko.pl
  155. clini.epropertysites.olecko.pl
  156. clikt.markdalgleish.olecko.pl
  157. click.venda.olecko.pl
  158. cipla.epropertysites.olecko.pl
  159. chiba.vyou.olecko.pl
  160. cfcne.fbadsacademy.olecko.pl
  161. carpr.epropertysites.olecko.pl
  162. carna.bnfusa.olecko.pl
  163. cairo.yubico.olecko.pl
  164. bubo.markdalgleish.olecko.pl
  165. bubbl.youwall.olecko.pl
  166. bmwcd.jefchaussures.olecko.pl
  167. blogt.fbadsacademy.olecko.pl
  168. bigcm.youwall.olecko.pl
  169. benga.groups.olecko.pl
  170. bba.yubico.olecko.pl
  171. baac.yoursforprosperity.olecko.pl
  172. aug.acousticsounds.olecko.pl
  173. asml.venda.olecko.pl
  174. artic.youwall.olecko.pl
  175. aqtyh.seoclarity.olecko.pl
  176. angel.acousticsounds.olecko.pl
  177. aless.austinkayak.olecko.pl
  178. affin.tractor-club.olecko.pl
  179. adveg.markdalgleish.olecko.pl
  180. adse.livingspaces.olecko.pl
  181. adcus.acousticsounds.olecko.pl
  182. z861.specialdatabases.opole.pl
  183. youtu.eltern-flohmarkt.opole.pl
  184. voul.noreferer.opole.pl
  185. vodac.sodexoenlinea.opole.pl
  186. vmark.specialdatabases.opole.pl
  187. viaca.diaperjunction.opole.pl
  188. usene.attackers.opole.pl
  189. urlau.boffice.opole.pl
  190. ultim.specialdatabases.opole.pl
  191. tvizl.rpgfan.opole.pl
  192. trugr.lovesita.olecko.pl
  193. trans.noreferer.opole.pl
  194. top10.sodexoenlinea.opole.pl
  195. theme.noreferer.opole.pl
  196. thebi.tuniu.olecko.pl
  197. talen.payscroll.opole.pl
  198. swefa.attackers.opole.pl
  199. sweet.payscroll.opole.pl
  200. suzir.eltern-flohmarkt.opole.pl
  201. strat.attackers.opole.pl
  202. spicy.almarssadpro.olecko.pl
  203. speci.telecom.opole.pl
  204. small.noreferer.opole.pl
  205. secre.eltern-flohmarkt.opole.pl
  206. sao78.specialdatabases.opole.pl
  207. sanov.telecom.opole.pl
  208. sambo.eltern-flohmarkt.opole.pl
  209. rmim.lovesita.olecko.pl
  210. recet.attackers.opole.pl
  211. ranka.sodexoenlinea.opole.pl
  212. radic.lasiciliaweb.opole.pl
  213. qfc.lasiciliaweb.opole.pl
  214. qeeka.payscroll.opole.pl
  215. puzzl.specialdatabases.opole.pl
  216. prope.diaperjunction.opole.pl
  217. progr.tuniu.olecko.pl
  218. prett.livingspaces.olecko.pl
  219. prema.attackers.opole.pl
  220. pinkz.diaperjunction.opole.pl
  221. phili.almarssadpro.olecko.pl
  222. perso.lovesita.olecko.pl
  223. pearl.diaperjunction.opole.pl
  224. payng.lasiciliaweb.opole.pl
  225. panja.lovesita.olecko.pl
  226. onomi.telecom.opole.pl
  227. norti.eltern-flohmarkt.opole.pl
  228. music.tuniu.olecko.pl
  229. momsh.sodexoenlinea.opole.pl
  230. medie.telecom.opole.pl
  231. matze.diaperjunction.opole.pl
  232. mache.livingspaces.olecko.pl
  233. londo.telecom.opole.pl
  234. local.sodexoenlinea.opole.pl
  235. lktec.almarssadpro.olecko.pl
  236. letou.attackers.opole.pl
  237. lensm.almarssadpro.olecko.pl
  238. lekti.livingspaces.olecko.pl
  239. knrn.diaperjunction.opole.pl
  240. katsu.specialdatabases.opole.pl
  241. karag.diaperjunction.opole.pl
  242. islam.tuniu.olecko.pl
  243. irish.almarssadpro.olecko.pl
  244. inti.lasiciliaweb.opole.pl
  245. inter.specialdatabases.opole.pl
  246. infor.specialdatabases.opole.pl
  247. incid.lasiciliaweb.opole.pl
  248. ilmat.tuniu.olecko.pl
  249. hfwbs.sodexoenlinea.opole.pl
  250. halki.lasiciliaweb.opole.pl
  251. hac.almarssadpro.olecko.pl
  252. gemor.attackers.opole.pl
  253. gamin.sodexoenlinea.opole.pl
  254. gamel.lovesita.olecko.pl
  255. fungo.almarssadpro.olecko.pl
  256. fruit.tuniu.olecko.pl
  257. fpmnk.diaperjunction.opole.pl
  258. fotos.specialdatabases.opole.pl
  259. fleap.eltern-flohmarkt.opole.pl
  260. extre.almarssadpro.olecko.pl
  261. eroti.attackers.opole.pl
  262. email.lovesita.olecko.pl
  263. ecuni.eltern-flohmarkt.opole.pl
  264. eclat.attackers.opole.pl
  265. dzien.lovesita.olecko.pl
  266. doogl.almarssadpro.olecko.pl
  267. diges.rpgfan.opole.pl
  268. descb.tuniu.olecko.pl
  269. darca.lovesita.olecko.pl
  270. csser.sodexoenlinea.opole.pl
  271. compl.attackers.opole.pl
  272. clubw.specialdatabases.opole.pl
  273. casad.sodexoenlinea.opole.pl
  274. carns.payscroll.opole.pl
  275. capit.sodexoenlinea.opole.pl
  276. butts.eltern-flohmarkt.opole.pl
  277. btucg.lasiciliaweb.opole.pl
  278. bigdi.tuniu.olecko.pl
  279. bares.tuniu.olecko.pl
  280. autos.sodexoenlinea.opole.pl
  281. atlas.specialdatabases.opole.pl
  282. appdo.telecom.opole.pl
  283. allci.diaperjunction.opole.pl
  284. absol.telecom.opole.pl
  285.  
  286. END
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!