DhiaLite's Pastebin

14,039 33,572 0 10 years ago

Name / Title	Added	Expires	Hits	Syntax
New Browlock on OVH range Mar 19, 2014	Mar 19th, 2014	Never	289	None	-
Current and next Nuclear EK IPs - Feb 26, 2014	Feb 26th, 2014	Never	380	None	-
Suspicious .pw, .com, .nl on 212.83.164.151-153	Feb 24th, 2014	Never	260	None	-
Predicted next Nuclear IPs - Feb 22, 2014	Feb 22nd, 2014	Never	356	None	-
NuclearPack back to OVH and changed strategy - Feb 22, 2014	Feb 22nd, 2014	Never	279	None	-
NuclearPack EK domains - Feb 12, 2014	Feb 12th, 2014	Never	580	None	-
New Suspicious .pl subdomain on Virut CnC IP - Feb 5, 2014	Feb 5th, 2014	Never	440	None	-
New Browlock under compromised Godaddy doms - Feb 1, 2014	Feb 1st, 2014	Never	327	None	-
New Browlock under compromised Godaddy doms - Jan 18, 2014	Jan 18th, 2014	Never	327	None	-
PayPal Phishing on 80.86.93.101 - Jan 15, 2014	Jan 15th, 2014	Never	270	None	-
New Browlock domains - Jan 8, 2014	Jan 8th, 2014	Never	209	None	-
Suspicious .pl short lived subdomains - Jan 8, 2014	Jan 8th, 2014	Never	232	None	-
Suspicious domains on 89.144.60.123-126 - Jan 04, 2014	Jan 4th, 2014	Never	213	None	-
Styx EK domains on 80.243.181.162-165 - Jan 04, 2014	Jan 4th, 2014	Never	227	None	-
Suspicious domains on 89.144.60.110 - Dec 19, 2013	Dec 19th, 2013	Never	215	None	-
NuclearPack EK domains - Dec 17, 2013	Dec 17th, 2013	Never	204	None	-
NuclearPack EK domains - Dec 15, 2013	Dec 15th, 2013	Never	204	None	-
Casino domains on 178.33.132.80 - Dec 15, 2013	Dec 15th, 2013	Never	190	None	-
Phishing & Spam on 198.27.111.96-127 - Dec 15, 2013	Dec 14th, 2013	Never	557	None	-
NuclearPack EK domains - Dec 13, 2013	Dec 13th, 2013	Never	191	None	-
Compromised GoDaddy domains - Dec 2, 2013	Dec 2nd, 2013	Never	286	None	-
Possible EK domains - Dec 1, 2013	Dec 2nd, 2013	Never	238	None	-
FakeAV domains on 109.236.86.172 - Nov 30, 2013	Nov 30th, 2013	Never	316	None	-
Suspicious .pl short lived subdomains - Nov 30, 2013	Nov 30th, 2013	Never	217	None	-
Compromised GoDaddy domains II - Nov 29, 2013	Nov 29th, 2013	Never	241	None	-
Compromised GoDaddy domains - Nov 29, 2013	Nov 29th, 2013	Never	202	None	-
Compromised GoDaddy domains - Nov 23, 2013	Nov 24th, 2013	Never	195	None	-
NuclearPack EK domains - Nov 23, 2013	Nov 23rd, 2013	Never	190	None	-
NuclearPack EK domains - Nov 21, 2013	Nov 21st, 2013	Never	284	None	-
Compromised GoDaddy domains - Nov 21, 2013	Nov 21st, 2013	Never	202	None	-
Malware shares infrastructure w/ Cryptolocker - Nov 20, 2013	Nov 20th, 2013	Never	364	None	-
NuclearPack EK domains - Nov 19, 2013	Nov 19th, 2013	Never	223	None	-
Suspicious .pl short lived subdomains - Nov 18, 2013	Nov 18th, 2013	Never	255	None	-
Compromised GoDaddy domains - Nov 18, 2013	Nov 18th, 2013	Never	369	None	-
Possible EK domains - Nov 16, 2013	Nov 16th, 2013	Never	236	None	-
Suspicious .pl short lived subdomains - Nov 15, 2013	Nov 15th, 2013	Never	206	None	-
Possible EK domains II - Nov 15, 2013	Nov 15th, 2013	Never	173	None	-
Possible EK domains - Nov 15, 2013	Nov 15th, 2013	Never	244	None	-
Compromised GoDaddy domains, Angler EK - Nov 15, 2013	Nov 15th, 2013	Never	286	None	-
NuclearPack EK domains - Nov 15, 2013	Nov 15th, 2013	Never	238	None	-
New Browlock domains - Nov 14, 2013	Nov 15th, 2013	Never	281	None	-
Suspicious .pl short lived subdomains II - Nov 14, 2013	Nov 14th, 2013	Never	220	None	-
NuclearPack EK domains - Nov 14, 2013	Nov 14th, 2013	Never	231	None	-
Suspicious .pl short lived subdomains - Nov 14, 2013	Nov 14th, 2013	Never	267	None	-
Compromised GoDaddy domains - Nov 14, 2013	Nov 14th, 2013	Never	257	None	-
Suspicious .pl short lived subdomains II - Nov 13, 2013	Nov 13th, 2013	Never	242	None	-
Suspicious domains on 212.83.155.218 - Nov 13, 2013	Nov 13th, 2013	Never	248	None	-
Suspicious .pl short lived subdomains - Nov 12, 2013	Nov 13th, 2013	Never	217	None	-
Possible EK domains - Nov 10, 2013	Nov 10th, 2013	Never	209	None	-
Compromised GoDaddy domains - Nov 10, 2013	Nov 10th, 2013	Never	357	None	-
Compromised GoDaddy domains - Nov 5, 2013	Nov 5th, 2013	Never	337	None	-
Compromised GoDaddy domains part 2 - Nov 2, 2013	Nov 2nd, 2013	Never	266	None	-
Compromised GoDaddy domains - Nov 2, 2013	Nov 2nd, 2013	Never	321	None	-
New malicious campaign on 62.122.73.200-254 - Nov 1, 2013	Nov 2nd, 2013	Never	1,386	None	-
Compromised GoDaddy domains 2 - Oct 31, 2013	Oct 31st, 2013	Never	284	None	-
New NuclearPack domains on 142.4.194.1 - Oct 31, 2013	Oct 31st, 2013	Never	623	None	-
Compromised GoDaddy domains - Oct 31, 2013	Oct 31st, 2013	Never	231	None	-
New malware domains on 5.254.101.32 - Oct 30, 2013	Oct 30th, 2013	Never	244	None	-
Suspicious new domains on 144.76.207.226 - Oct 29, 2013	Oct 30th, 2013	Never	234	None	-
Compromised GoDaddy domains - Oct 29, 2013	Oct 29th, 2013	Never	239	None	-
New NuclearPack domains on 142.4.194.0 - Oct 29, 2013	Oct 29th, 2013	Never	785	None	-
Suspicious new domains on 212.83.148.75 - Oct 27, 2013	Oct 27th, 2013	Never	265	None	-
Suspicious new domains on 212.83.148.185 - Oct 25, 2013	Oct 25th, 2013	Never	317	None	-
Neutrino EK domains on 62.210.209.190 - Oct 25, 2013	Oct 25th, 2013	Never	214	None	-
NuclearPack EK domains on 198.50.235.204 - Oct 25, 2013	Oct 25th, 2013	Never	169	None	-
NuclearPack EK domains on 198.50.235.203 - Oct 24, 2013	Oct 24th, 2013	Never	207	None	-
Compromised GoDaddy domains - Oct 23, 2013	Oct 24th, 2013	Never	229	None	-
Compromised GoDaddy domains - Oct 22, 2013	Oct 22nd, 2013	Never	303	None	-
NuclearPack EK domains sliding on IPs- Oct 22, 2013	Oct 22nd, 2013	Never	489	None	-
NuclearPack EK domains - Oct 16, 2013	Oct 17th, 2013	Never	317	None	-
CIDRs of Ukrainian IP space - Oct 14 2013	Oct 14th, 2013	Never	247	None	-
Canadian pharmacy sites - Oct 12, 2013	Oct 12th, 2013	Never	227	None	-
Recent EK domains - Oct 11, 2013	Oct 11th, 2013	Never	215	None	-
.pl short lived subdomains - Oct 3, 2013	Oct 3rd, 2013	Never	240	None	-
Recent EK domains - Sep 29, 2013	Sep 29th, 2013	Never	259	None	-
Recent EK domains - Sep 26, 2013	Sep 26th, 2013	Never	295	None	-
Recent EK domains - Sep 24, 2013	Sep 24th, 2013	Never	183	None	-
Recent EK domains - Sep 22, 2013	Sep 22nd, 2013	Never	796	None	-
Domain on 216.172.60.55 - Sep 22, 2013	Sep 22nd, 2013	Never	196	None	-
Domains on 216.172.63.243 - Sep 22, 2013	Sep 22nd, 2013	Never	226	None	-
Domains on 216.172.63.141 & 216.172.63.149 - Sep 21, 2013	Sep 21st, 2013	Never	219	None	-
Domains on 216.172.63.137 - Sep 21, 2013	Sep 21st, 2013	Never	285	None	-
Domains on 5.254.101.114 - part 2 Sep 17, 2013	Sep 18th, 2013	Never	179	None	-
Domains on 5.254.101.114 - Sep 17, 2013	Sep 17th, 2013	Never	175	None	-
Domains on 95.169.186.139 - Sep 16, 2013	Sep 17th, 2013	Never	235	None	-
Domains on 188.190.120.43 - Sep 16, 2013	Sep 17th, 2013	Never	217	None	-
Suspicious domains - Revoyem related Sep 16, 2013	Sep 16th, 2013	Never	178	None	-
Suspicious domains - Revoyem related Sep 12, 2013	Sep 12th, 2013	Never	2,010	None	-
#DhiaLite - OSINT on 37.58.73.42/95.156.228.69/195.210.43.42	Sep 11th, 2013	Never	711	None	-
New Police scam domains Sep 10, 2013	Sep 10th, 2013	Never	701	None	-
#DhiaLite- Suspicious domains Sep 9th, 2013	Sep 9th, 2013	Never	226	None	-
#DhiaLite- Suspicious domains Sep 8th part 2, 2013	Sep 8th, 2013	Never	162	None	-
#DhiaLite- Suspicious domains Sep 8th, 2013	Sep 8th, 2013	Never	170	None	-
#DhiaLite- Suspicious domains Sep 5th, 2013	Sep 5th, 2013	Never	224	None	-
#DhiaLite- Suspicious domains Sep 4th part 2, 2013	Sep 5th, 2013	Never	171	None	-
#DhiaLite- Suspicious domains Sep 4th, 2013	Sep 4th, 2013	Never	168	None	-
#DhiaLite- Suspicious domains Sep 3rd, 2013	Sep 3rd, 2013	Never	176	None	-
#DhiaLite- Suspicious domains Sep 3rd, 2013	Sep 3rd, 2013	Never	172	None	-
#DhiaLite- Callbacks used to host Kelihos doms Sep 2nd, 2013	Sep 2nd, 2013	Never	254	None	-
#DhiaLite- Police scam domains and other Sep 2nd, 2013	Sep 2nd, 2013	Never	202	None	-

1 2 Oldest