Blog for hpHosts, and whatever else I feel like writing about ....

Sunday, 25 April 2010

Crimeware friendly ISPs: xorg.pl

I don't speak Polish, but the Google translation suggests xorg.pl advertises themselves as a free domain provider, much like dot.tk. The problem of course, is that like dot.tk, their service gets abused to hell and back.

Normally, this wouldn't have earnt them a place in the crimeware friendly list. However, an exception has to be made in this case for one specific reason - the malicious "aliases"/sub-domains all point to known malicious IP ranges (e.g. Starnet, EuroAccess). All they'd have to do to stop this, is to stop allowing their sub-domains be pointed toward those ranges, and to implement basic security checks to prevent any scripts redirecting to such, but they've done neither.

I've been following the fake AV's used in blackhat SEO for quite some time, and one of the major trends has been the increased use of xorg.pl subdomains for the spreading of this rubbish. Just some of which includes;

20100403205531 109.196.132.41 Failed resolution 39150 39150 109.196.132.0/24 VLTELECOM-AS VLineTelecom LLC Moscow, Russia update2.sysupdate-n2.xorg.pl http://update2.sysupdate-n2.xorg.pl/index2.php?abbr=SGD&setupType=update&setupName=setup&uid=1904&ttl=f17417b0207

20100407155135 78.46.218.250 static.250.218.46.78.clients.your-server.de 24940 24940 78.46.0.0/15 HETZNER-AS Hetzner Online AG RZ www3.tuofed16td.xorg.pl http://www3.tuofed16td.xorg.pl/?pid=3&uid=294&ttl=81e42780c64

20100407155138 209.212.149.18 ip-209.212.149.18.servernap.net 32181 32181 209.212.144.0/20 ASN-ECOMD-COLOQUEST - Ecomdevel, LLC cleanupit22p.xorg.pl http://cleanupit22p.xorg.pl/?p=p52dcWptbF%2FCj8bYbnOCdVik12qZVp%2FZatrauZqqppeLw8ydb5aYfX1sXq3VmaGeYpVhZmlwlJCYZFbZocTY2KR0Y1zWnomtm6ilmXVanqLNkqGMp5mSq29ezZ2fYmGYW5iakWpsYGialImrl5p2WqyndWqTZJScZmFkZ2Re2KCUbWGYZJOamGJuZWiLxMZ2eXZfq6GYdXGWZQ%3D%3D

20100407155140 209.212.149.18 ip-209.212.149.18.servernap.net 32181 32181 209.212.144.0/20 ASN-ECOMD-COLOQUEST - Ecomdevel, LLC cleanupit22p.xorg.pl http://cleanupit22p.xorg.pl/build7_294.php?cmd=getFile&counter=1&p=p52dcWptbF%2FCj8bYbnOCdVik12qZVp%2FZatrauZqqppeLw8ydb5aYfX1sXq3VmaGeYpVhZmlwlJCYZFbZocTY2KR0Y1zWnomtm6ilmXVanqLNkqGMp5mSq29ezZ2fYmGYW5iakWpsYGialImrl5p2WqyndWqTZJScZmFkZ2Re2KCUbWGYZJOamGJuZWiLxMZ2eXZfq6GYdXGWZQ%3D%3D

20100407155148 93.190.139.62 Failed resolution 49981 49981 93.190.136.0/22 WORLDSTREAM WorldStream www4.resavepc13.xorg.pl http://www4.resavepc13.xorg.pl/build7_294.php?cmd=sendFile&counter=1&p=p52dcWptbF%2FCj8bYbnOCdVik12qZVp%2FZatrauZqqppeLw8ydb5aYfX1sXq3VmaGeYpVhZmlwlJCYZFbZocTY2KR0Y1zWnomtm6ilmXVanqLNkqGMp5mSq29ezZ2fYmGYW5iakWpsYGialImrl5p2WqyndWqTZJScZmFkZ2Re2KCUbWGYZJOamGJuZWiLxMZ2eXZfq6GYdXGWZQ%3D%3D

20100408030410 74.118.193.81 Failed resolution 46664 46664 74.118.192.0/22 VOLUMEDRIVE - VolumeDrive www3.kinilanz2.xorg.pl http://www3.kinilanz2.xorg.pl/?uid=318&pid=3&ttl=d1b48720279

20100408030437 217.23.10.139 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www3.yoursafetysystem1.xorg.pl http://www3.yoursafetysystem1.xorg.pl/build7_318.php?cmd=sendFile&counter=1&p=p52dcWtlcF%2FCj8bYbnOCdVik12qZVp%2FZatrauZqqppeLw8ydb5aYfX1sXq3VmaHKYpJhbGlqlF%2BZaVbZocTY2KR0Y1zWnomtm6ilmXVanqLNkqGMp5mSq29ezZ2fYmGYW5iakWpsYGialImrl5p2WqyndWqTZJScamJdamRe2KCUbWGYZJOanGNnaGiLxMZ2eXZfq6GYdXGXZA%3D%3D

20100408110713 74.118.193.81 Failed resolution 46664 46664 74.118.192.0/22 VOLUMEDRIVE - VolumeDrive www4.fiting52td.xorg.pl http://www4.fiting52td.xorg.pl/?uid=318&pid=3&ttl=d1b48720279

20100408110720 94.228.209.181 Failed resolution 47869 47869 94.228.208.0/20 NETROUTING-AS Netrouting Data Facilities www3.searchingscan4.xorg.pl http://www3.searchingscan4.xorg.pl/?p=p52dcWtlcF%2FCj8bYbnOCdVik12qZVp%2FZatrau4FdlJ%2FJnsWYe3lvWqyopHbFXsaaaWdfZGRvnVPVpJHaotahlFeob1zZytell3FfmqGgnXaHo83LqG1TnaJ1ll6UXmWcW5yZkWNsZVzXxsl2mqitpHJjZ2qZZZKXY2RbZ2Bql2ORkV%2FNnJHUy6FdpqmikpVwYmtrZWhmaF%2FVoJajYmJkZGlqlV2UYFbJkKCrpVeum5qimZlw

20100408110728 217.23.10.138 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www4.tobesafe26pd.xorg.pl http://www4.tobesafe26pd.xorg.pl/build7_318.php?cmd=sendFile&counter=1&p=p52dcWtlcF%2FCj8bYbnOCdVik12qZVp%2FZatrau4FdlJ%2FJnsWYe3lvWqyopHbFXsaaaWdfZGRvnVPVpJHaotahlFeob1zZytell3FfmqGgnXaHo83LqG1TnaJ1ll6UXmWcW5yZkWNsZVzXxsl2mqitpHJjZ2qZZZKXY2RbZ2Bql2ORkV%2FNnJHUy6FdpqmikpVwYmtrZWhmaF%2FVoJajYmJkZGlqlV2UYFbJkKCrpVeum5qimZlw

20100408110734 94.228.209.181 Failed resolution 47869 47869 94.228.208.0/20 NETROUTING-AS Netrouting Data Facilities www3.searchingscan4.xorg.pl http://www3.searchingscan4.xorg.pl/build7_318.php?cmd=getFile&counter=1&p=p52dcWtlcF%2FCj8bYbnOCdVik12qZVp%2FZatrau4FdlJ%2FJnsWYe3lvWqyopHbFXsaaaWdfZGRvnVPVpJHaotahlFeob1zZytell3FfmqGgnXaHo83LqG1TnaJ1ll6UXmWcW5yZkWNsZVzXxsl2mqitpHJjZ2qZZZKXY2RbZ2Bql2ORkV%2FNnJHUy6FdpqmikpVwYmtrZWhmaF%2FVoJajYmJkZGlqlV2UYFbJkKCrpVeum5qimZlw

20100409104736 78.46.218.250 static.250.218.46.78.clients.your-server.de 24940 24940 78.46.0.0/15 HETZNER-AS Hetzner Online AG RZ www3.tuofed16td.xorg.pl http://www3.tuofed16td.xorg.pl/?p=p52dcWpscV%2FRlsijZFahqJ51yF7EZGidX5OWmmo%3D

20100409104743 217.23.5.52 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www3.saveus37.xorg.pl http://www3.saveus37.xorg.pl/?p=p52dcWpscV%2FCj8bYbnOCdVik12qZVp%2FZatrauZqqppeLw8ydb5aYfX1sXq3VmaHIYpFhZmmblJOaZFbZocTY2KR0Y1zWnomtm6ilmXVanqLNkqGMp5mSq29ezZ2fYmGYW5iakWpsYGialImrl5p2WqyndWqTZJSeYWZeZGhe2KCUbWGYZJOck2doYmyLxMZ2eXZfq6GYdXGWZQ%3D%3D

20100409104750 217.23.5.52 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www3.saveus37.xorg.pl http://www3.saveus37.xorg.pl/build7_289.php?cmd=getFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qZVp%2FZatrauZqqppeLw8ydb5aYfX1sXq3VmaHIYpFhZmmblJOaZFbZocTY2KR0Y1zWnomtm6ilmXVanqLNkqGMp5mSq29ezZ2fYmGYW5iakWpsYGialImrl5p2WqyndWqTZJSeYWZeZGhe2KCUbWGYZJOck2doYmyLxMZ2eXZfq6GYdXGWZQ%3D%3D

20100409104758 93.190.139.63 Failed resolution 49981 49981 93.190.136.0/22 WORLDSTREAM WorldStream www4.realscan93pd.xorg.pl http://www4.realscan93pd.xorg.pl/build7_289.php?cmd=sendFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qZVp%2FZatrauZqqppeLw8ydb5aYfX1sXq3VmaHIYpFhZmmblJOaZFbZocTY2KR0Y1zWnomtm6ilmXVanqLNkqGMp5mSq29ezZ2fYmGYW5iakWpsYGialImrl5p2WqyndWqTZJSeYWZeZGhe2KCUbWGYZJOck2doYmyLxMZ2eXZfq6GYdXGWZQ%3D%3D

20100410024025 217.23.5.51 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www3.saveus40.xorg.pl http://www3.saveus40.xorg.pl/?p=p52dcWpscV%2FCj8bYbnOCdVik12qaVp%2FZatrauZqqppeLw8ydb5aYfX1sXq3VmaHLYmFhlmlxlGSbk1bZocTY2KR0WKeih9eipqCecV6aoaXGaorcmpWkcVih1GqUYWKUYpmSnGZlZGuYh9WemHFfqKtxaWuYXZycY2lkbVis11%2BfYWKdXZualWpua1zIxKCAdFqwnZxxcG6Z

20100410024032 217.23.5.51 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www3.saveus40.xorg.pl http://www3.saveus40.xorg.pl/8add96d33c43e60de1c7a43c5c98910e013008411.js

20100410024041 217.23.5.51 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www3.saveus40.xorg.pl http://www3.saveus40.xorg.pl/build8_289.php?cmd=getFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qaVp%2FZatrauZqqppeLw8ydb5aYfX1sXq3VmaHLYmFhlmlxlGSbk1bZocTY2KR0WKeih9eipqCecV6aoaXGaorcmpWkcVih1GqUYWKUYpmSnGZlZGuYh9WemHFfqKtxaWuYXZycY2lkbVis11%2BfYWKdXZualWpua1zIxKCAdFqwnZxxcG6Z

20100410024049 217.23.10.138 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www3.mypcsafetyscan1.xorg.pl http://www3.mypcsafetyscan1.xorg.pl/build8_289.php?cmd=sendFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qaVp%2FZatrauZqqppeLw8ydb5aYfX1sXq3VmaHLYmFhlmlxlGSbk1bZocTY2KR0WKeih9eipqCecV6aoaXGaorcmpWkcVih1GqUYWKUYpmSnGZlZGuYh9WemHFfqKtxaWuYXZycY2lkbVis11%2BfYWKdXZualWpua1zIxKCAdFqwnZxxcG6Z

20100410052835 93.186.124.94 static.vitalhosting.com.tr 44565 44565 93.186.112.0/20 VITAL VITAL TEKNOLOJI update2.winsystemupdates.xorg.pl http://update2.winsystemupdates.xorg.pl/index.php?controller=microinstaller&abbr=CUA&setupType=xp&ttl=21181220cdc&pid=

20100411175149 78.46.218.253 static.253.218.46.78.clients.your-server.de 24940 24940 78.46.0.0/15 HETZNER-AS Hetzner Online AG RZ www4.duforing8.xorg.pl http://www4.duforing8.xorg.pl/?p=p52dcWpscV%2FRlsijZFahqJ51yF7EZGidX5OWmmo%3D

20100411175151 209.212.149.20 ip-209.212.149.20.servernap.net 32181 32181 209.212.144.0/20 ASN-ECOMD-COLOQUEST - Ecomdevel, LLC www3.saveus36.xorg.pl http://www3.saveus36.xorg.pl/?p=p52dcWpscV%2FCj8bYbnOCdVik12qZVp%2FZatrauZqqppeLw8ydb5aYfX1sXq3VmaHMYpRhZGlwlWGSZFbZocTY2KR0Y1zWnomtm6ilmXVanqLNkqGMp5mSq29ezZ2faGKUYJySlGNqYGubh9WemHFfqKtxaWuYXpSWZGhgaFis11%2BfYWKdXpOUlmlqZlzIxKCAdFqwnZxxcG6Z

20100411175153 209.212.149.20 ip-209.212.149.20.servernap.net 32181 32181 209.212.144.0/20 ASN-ECOMD-COLOQUEST - Ecomdevel, LLC www3.saveus36.xorg.pl http://www3.saveus36.xorg.pl/7a6ed3a98cc60201d906b62be765c910913008411.js

20100411175156 209.212.149.20 ip-209.212.149.20.servernap.net 32181 32181 209.212.144.0/20 ASN-ECOMD-COLOQUEST - Ecomdevel, LLC www3.saveus36.xorg.pl http://www3.saveus36.xorg.pl/build7_289.php?cmd=getFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qZVp%2FZatrauZqqppeLw8ydb5aYfX1sXq3VmaHMYpRhZGlwlWGSZFbZocTY2KR0Y1zWnomtm6ilmXVanqLNkqGMp5mSq29ezZ2faGKUYJySlGNqYGubh9WemHFfqKtxaWuYXpSWZGhgaFis11%2BfYWKdXpOUlmlqZlzIxKCAdFqwnZxxcG6Z

20100411175203 217.23.10.138 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www3.defenderofpc26pd.xorg.pl http://www3.defenderofpc26pd.xorg.pl/build7_289.php?cmd=sendFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qZVp%2FZatrauZqqppeLw8ydb5aYfX1sXq3VmaHMYpRhZGlwlWGSZFbZocTY2KR0Y1zWnomtm6ilmXVanqLNkqGMp5mSq29ezZ2faGKUYJySlGNqYGubh9WemHFfqKtxaWuYXpSWZGhgaFis11%2BfYWKdXpOUlmlqZlzIxKCAdFqwnZxxcG6Z

20100419172529 78.46.218.252 static.252.218.46.78.clients.your-server.de 24940 24940 78.46.0.0/15 HETZNER-AS Hetzner Online AG RZ www3.suaprotect04td.xorg.pl http://www3.suaprotect04td.xorg.pl/?p=p52dcWpkanCHnc3KbmNTqKakoWCTlmSeZJOVlWls

20100419172536 94.228.209.219 Failed resolution 47869 47869 94.228.208.0/20 NETROUTING-AS Netrouting Data Facilities www2.realsafepc21p.xorg.pl http://www2.realsafepc21p.xorg.pl/?p=p52dcWpkanCHjsbIo21wiXNe0KCfYWCdU9LXoKitiJ%2FY1cRflJ2dcZqTgX6ZU9janW1gZZhsnGSSYWKeYonX15Krp6mikomqb1qtnaygnXaHk83Slm1Tqpud22qImaCjX5SWkWZtYG%2Baj5VuZVqrmZ5xoK3VnZ6VYKekq2Cf05zJnJWUkNKS2JxmpZvG08ahcZylcZ2iXprOnZ%2FSo21TlZ%2Bon6HEn23WU8TR02yrlKmi0serbKFflaWkc6qeUpaYmaCVo6Ws11KUYlbHmtOf1qWYpKqikpZpWJWmpHOnmXavU9jZbmFfa2NunWCUaGeModaWoGJpaWebmpZramtfl5txf3uHpM3KbmhlbQ%3D%3D

20100419172542 94.228.209.219 Failed resolution 47869 47869 94.228.208.0/20 NETROUTING-AS Netrouting Data Facilities www2.realsafepc21p.xorg.pl http://www2.realsafepc21p.xorg.pl/107a766f91f081c124faece68e6c4b15ffdc3008611.js

20100419172549 94.228.209.219 Failed resolution 47869 47869 94.228.208.0/20 NETROUTING-AS Netrouting Data Facilities www2.realsafepc21p.xorg.pl http://www2.realsafepc21p.xorg.pl/build107_2027.php?cmd=getFile&counter=1&p=p52dcWpkanCHjsbIo21wiXNe0KCfYWCdU9LXoKitiJ%2FY1cRflJ2dcZqTgX6ZU9janW1gZZhsnGSSYWKeYonX15Krp6mikomqb1qtnaygnXaHk83Slm1Tqpud22qImaCjX5SWkWZtYG%2Baj5VuZVqrmZ5xoK3VnZ6VYKekq2Cf05zJnJWUkNKS2JxmpZvG08ahcZylcZ2iXprOnZ%2FSo21TlZ%2Bon6HEn23WU8TR02yrlKmi0serbKFflaWkc6qeUpaYmaCVo6Ws11KUYlbHmtOf1qWYpKqikpZpWJWmpHOnmXavU9jZbmFfa2NunWCUaGeModaWoGJpaWebmpZramtfl5txf3uHpM3KbmhlbQ%3D%3D

20100419172556 93.190.139.63 Failed resolution 49981 49981 93.190.136.0/22 WORLDSTREAM WorldStream www2.realfastguard36pd.xorg.pl http://www2.realfastguard36pd.xorg.pl/build107_2027.php?cmd=sendFile&counter=1&p=p52dcWpkanCHjsbIo21wiXNe0KCfYWCdU9LXoKitiJ%2FY1cRflJ2dcZqTgX6ZU9janW1gZZhsnGSSYWKeYonX15Krp6mikomqb1qtnaygnXaHk83Slm1Tqpud22qImaCjX5SWkWZtYG%2Baj5VuZVqrmZ5xoK3VnZ6VYKekq2Cf05zJnJWUkNKS2JxmpZvG08ahcZylcZ2iXprOnZ%2FSo21TlZ%2Bon6HEn23WU8TR02yrlKmi0serbKFflaWkc6qeUpaYmaCVo6Ws11KUYlbHmtOf1qWYpKqikpZpWJWmpHOnmXavU9jZbmFfa2NunWCUaGeModaWoGJpaWebmpZramtfl5txf3uHpM3KbmhlbQ%3D%3D

20100420005812 78.46.218.251 static.251.218.46.78.clients.your-server.de 24940 24940 78.46.0.0/15 HETZNER-AS Hetzner Online AG RZ www3.suaprotect08td.xorg.pl http://www3.suaprotect08td.xorg.pl

20100420005815 78.46.218.250 static.250.218.46.78.clients.your-server.de 24940 24940 78.46.0.0/15 HETZNER-AS Hetzner Online AG RZ www3.suaprotect07td.xorg.pl http://www3.suaprotect07td.xorg.pl

20100420005817 78.46.218.253 static.253.218.46.78.clients.your-server.de 24940 24940 78.46.0.0/15 HETZNER-AS Hetzner Online AG RZ www3.suaprotect05td.xorg.pl http://www3.suaprotect05td.xorg.pl

20100420005820 78.46.218.252 static.252.218.46.78.clients.your-server.de 24940 24940 78.46.0.0/15 HETZNER-AS Hetzner Online AG RZ www3.suaprotect09td.xorg.pl http://www3.suaprotect09td.xorg.pl

20100420005822 78.46.218.253 static.253.218.46.78.clients.your-server.de 24940 24940 78.46.0.0/15 HETZNER-AS Hetzner Online AG RZ www3.suaprotect10td.xorg.pl http://www3.suaprotect10td.xorg.pl

20100420005830 74.118.193.81 Failed resolution 46664 46664 74.118.192.0/22 VOLUMEDRIVE - VolumeDrive www3.suaprotect11td.xorg.pl http://www3.suaprotect11td.xorg.pl

20100420005837 74.118.193.81 Failed resolution 46664 46664 74.118.192.0/22 VOLUMEDRIVE - VolumeDrive www3.suaprotect12td.xorg.pl http://www3.suaprotect12td.xorg.pl

20100420005839 78.46.218.249 static.249.218.46.78.clients.your-server.de 24940 24940 78.46.0.0/15 HETZNER-AS Hetzner Online AG RZ www3.suaprotect06td.xorg.pl http://www3.suaprotect06td.xorg.pl

20100420005848 95.211.97.181 Failed resolution 16265 16265 95.211.0.0/16 LEASEWEB LEASEWEB AS www1.fastfullfind36p.xorg.pl http://www1.fastfullfind36p.xorg.pl/?p=p52dcWpkanCHjsbIo21wiXNe0KCfYWCdU9LXoKitiJ%2FY1cRflJ2dcZqTgX6ZU9janW1gZZhsnGSSYWKeYonX15Krp6mikomqb1qtnaygnXaHk83Slm1Tqpud22qImaCjX5SWkWZtYG%2Baj5VuZVqrmZ5xXq3UapWYaGFkZmJwnWCIpKOYapSWmmJuZGadmpZflZd2e3par6LFapyeag%3D%3D

20100420005856 95.211.97.181 Failed resolution 16265 16265 95.211.0.0/16 LEASEWEB LEASEWEB AS www1.fastfullfind36p.xorg.pl http://www1.fastfullfind36p.xorg.pl/build107_2027.php?cmd=getFile&counter=1&p=p52dcWpkanCHjsbIo21wiXNe0KCfYWCdU9LXoKitiJ%2FY1cRflJ2dcZqTgX6ZU9janW1gZZhsnGSSYWKeYonX15Krp6mikomqb1qtnaygnXaHk83Slm1Tqpud22qImaCjX5SWkWZtYG%2Baj5VuZVqrmZ5xXq3UapWYaGFkZmJwnWCIpKOYapSWmmJuZGadmpZflZd2e3par6LFapyeag%3D%3D

20100420005904 217.23.10.138 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www2.cromguard20.xorg.pl http://www2.cromguard20.xorg.pl

20100420005911 217.23.10.138 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www2.cromguard18.xorg.pl http://www2.cromguard18.xorg.pl/build107_2027.php?cmd=sendFile&counter=1&p=p52dcWpkanCHjsbIo21wiXNe0KCfYWCdU9LXoKitiJ%2FY1cRflJ2dcZqTgX6ZU9janW1gZZhsnGSSYWKeYonX15Krp6mikomqb1qtnaygnXaHk83Slm1Tqpud22qImaCjX5SWkWZtYG%2Baj5VuZVqrmZ5xXq3UapWYaGFkZmJwnWCIpKOYapSWmmJuZGadmpZflZd2e3par6LFapyeag%3D%3D

20100420005920 93.190.139.62 Failed resolution 49981 49981 93.190.136.0/22 WORLDSTREAM WorldStream www2.cromguard2.xorg.pl http://www2.cromguard2.xorg.pl/build107_2027.php?cmd=sendFile&counter=2&p=p52dcWpkanCHjsbIo21wiXNe0KCfYWCdU9LXoKitiJ%2FY1cRflJ2dcZqTgX6ZU9janW1gZZhsnGSSYWKeYonX15Krp6mikomqb1qtnaygnXaHk83Slm1Tqpud22qImaCjX5SWkWZtYG%2Baj5VuZVqrmZ5xXq3UapWYaGFkZmJwnWCIpKOYapSWmmJuZGadmpZflZd2e3par6LFapyeag%3D%3D

20100421065808 209.212.149.19 ip-209.212.149.19.servernap.net 32181 32181 209.212.144.0/20 ASN-ECOMD-COLOQUEST - Ecomdevel, LLC www2.realsafepc27p.xorg.pl http://www2.realsafepc27p.xorg.pl/?p=p52dcWtmcF%2FCj8bYbnOCdVik12qTYGeMnNah2qeNm6nZwombm5h2lpd9fXGHodjSbpZeZGZom4%2BUZmCZU9bYxKWspXOWh9R2WKiiqKSZdV%2FHltDLblajnZevoVPLoG2YXpWSmGdla2uTk5hsWKaemnVarKyeXpadYmhfbWRvmVPWo2KjXpWblGlpa2iclomclXGAdl6roZ2eZZuZ

20100421065813 209.212.149.19 ip-209.212.149.19.servernap.net 32181 32181 209.212.144.0/20 ASN-ECOMD-COLOQUEST - Ecomdevel, LLC www2.realsafepc27p.xorg.pl http://www2.realsafepc27p.xorg.pl/build107_328.php?cmd=getFile&counter=1&p=p52dcWtmcF%2FCj8bYbnOCdVik12qTYGeMnNah2qeNm6nZwombm5h2lpd9fXGHodjSbpZeZGZom4%2BUZmCZU9bYxKWspXOWh9R2WKiiqKSZdV%2FHltDLblajnZevoVPLoG2YXpWSmGdla2uTk5hsWKaemnVarKyeXpadYmhfbWRvmVPWo2KjXpWblGlpa2iclomclXGAdl6roZ2eZZuZ

20100421065820 93.190.139.63 Failed resolution 49981 49981 93.190.136.0/22 WORLDSTREAM WorldStream www2.deepscanpc42-pd.xorg.pl http://www2.deepscanpc42-pd.xorg.pl/build107_328.php?cmd=sendFile&counter=1&p=p52dcWtmcF%2FCj8bYbnOCdVik12qTYGeMnNah2qeNm6nZwombm5h2lpd9fXGHodjSbpZeZGZom4%2BUZmCZU9bYxKWspXOWh9R2WKiiqKSZdV%2FHltDLblajnZevoVPLoG2YXpWSmGdla2uTk5hsWKaemnVarKyeXpadYmhfbWRvmVPWo2KjXpWblGlpa2iclomclXGAdl6roZ2eZZuZ

20100421171048 72.233.29.124 124.29.233.72.static.reverse.ltdomains.com 22576 22576 72.233.0.0/19 LAYER3-ASN - Layered Technologies, Inc. security-center10.xorg.pl http://security-center10.xorg.pl/content1/qzzt/ckmrtmtoou/rqmrkoivtk.html

20100421171054 72.233.29.124 124.29.233.72.static.reverse.ltdomains.com 22576 22576 72.233.0.0/19 LAYER3-ASN - Layered Technologies, Inc. security-center10.xorg.pl http://security-center10.xorg.pl/?id=2004&k=6c00ebfb0&d=1

20100421171056 72.233.29.124 124.29.233.72.static.reverse.ltdomains.com 22576 22576 72.233.0.0/19 LAYER3-ASN - Layered Technologies, Inc. security-center10.xorg.pl http://security-center10.xorg.pl/download.php?id=2004

20100421171059 72.233.29.124 124.29.233.72.static.reverse.ltdomains.com 22576 22576 72.233.0.0/19 LAYER3-ASN - Layered Technologies, Inc. security-center10.xorg.pl http://security-center10.xorg.pl/download/SetupSecure_2004_b8.exe

20100423000359 74.118.193.81 Failed resolution 46664 46664 74.118.192.0/22 VOLUMEDRIVE - VolumeDrive www3.drumbom77-td.xorg.pl http://www3.drumbom77-td.xorg.pl/?p=p52dcWtmcF%2FRlsijZFahqJ51xl6aZJKdXZXJlGE%3D

20100423000406 94.228.209.219 Failed resolution 47869 47869 94.228.208.0/20 NETROUTING-AS Netrouting Data Facilities www1.fastfullfind23p.xorg.pl http://www1.fastfullfind23p.xorg.pl/?p=p52dcWtmcF%2FCj8bYbn2AeVik12qTYGeMnNah2qeNm6nZwombm5h2lpd9fXGHodjSbpJebGaam12UlWGWU9bYxKWspXOWh9R2WKiiqKSZdV%2FHltDLblajnZevoVPLoG2YXpWSmGdla2uTk5hsWKaemnVarKyeXpadYmlka2NvlFPWo2KjXpWblGpuaWeckYmclXGAdl6roZ2eZZuZ

20100423000413 94.228.209.219 Failed resolution 47869 47869 94.228.208.0/20 NETROUTING-AS Netrouting Data Facilities www1.fastfullfind23p.xorg.pl http://www1.fastfullfind23p.xorg.pl/107ac6bb57b576e50c6e4d253c2934534a9d3008611.js

20100423000420 94.228.209.219 Failed resolution 47869 47869 94.228.208.0/20 NETROUTING-AS Netrouting Data Facilities www1.fastfullfind23p.xorg.pl http://www1.fastfullfind23p.xorg.pl/build107_328.php?cmd=getFile&counter=1&p=p52dcWtmcF%2FCj8bYbn2AeVik12qTYGeMnNah2qeNm6nZwombm5h2lpd9fXGHodjSbpJebGaam12UlWGWU9bYxKWspXOWh9R2WKiiqKSZdV%2FHltDLblajnZevoVPLoG2YXpWSmGdla2uTk5hsWKaemnVarKyeXpadYmlka2NvlFPWo2KjXpWblGpuaWeckYmclXGAdl6roZ2eZZuZ

20100423000427 217.23.10.139 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www2.scan-protect8.xorg.pl http://www2.scan-protect8.xorg.pl/build107_328.php?cmd=sendFile&counter=1&p=p52dcWtmcF%2FCj8bYbn2AeVik12qTYGeMnNah2qeNm6nZwombm5h2lpd9fXGHodjSbpJebGaam12UlWGWU9bYxKWspXOWh9R2WKiiqKSZdV%2FHltDLblajnZevoVPLoG2YXpWSmGdla2uTk5hsWKaemnVarKyeXpadYmlka2NvlFPWo2KjXpWblGpuaWeckYmclXGAdl6roZ2eZZuZ

20100423000434 94.228.209.219 Failed resolution 47869 47869 94.228.208.0/20 NETROUTING-AS Netrouting Data Facilities www1.fastfullfind23p.xorg.pl http://www1.fastfullfind23p.xorg.pl/build107_328.php?cmd=getFile&counter=2&p=p52dcWtmcF%2FCj8bYbn2AeVik12qTYGeMnNah2qeNm6nZwombm5h2lpd9fXGHodjSbpJebGaam12UlWGWU9bYxKWspXOWh9R2WKiiqKSZdV%2FHltDLblajnZevoVPLoG2YXpWSmGdla2uTk5hsWKaemnVarKyeXpadYmlka2NvlFPWo2KjXpWblGpuaWeckYmclXGAdl6roZ2eZZuZ

20100423005216 93.186.124.94 static.vitalhosting.com.tr 44565 44565 93.186.112.0/20 VITAL VITAL TEKNOLOJI update2.winsystemupdates.xorg.pl http://update2.winsystemupdates.xorg.pl

20100423021244 74.118.193.81 Failed resolution 46664 46664 74.118.192.0/22 VOLUMEDRIVE - VolumeDrive www3.drumbom78-td.xorg.pl http://www3.drumbom78-td.xorg.pl/?p=p52dcWppcF%2FRlsijZFaZp29plGOIpKTSasiVl2VoaW2Xw5Wa

20100423021251 94.228.208.55 Failed resolution 47869 47869 94.228.208.0/20 NETROUTING-AS Netrouting Data Facilities www2.burnvirusnow24.xorg.pl http://www2.burnvirusnow24.xorg.pl/?p=p52dcWppcF%2FCj8bYbn2AeVik12qTYGaMnNah2qeNm6nZwombm5h2lpd9fXGHodjSbpVeaGZpm2SUkmLHU9bYxKWspXOWh9R2WKiiqKSZdV%2FHltDLblajnZevoVPLoG2YXpWSmGdla2uTk5hsWKaemnVarKyeXpadYmllaGdom1PWo2KjXpWblGpvZmuVmImclXGAdl6roZ2eZZia

20100423021258 94.228.208.55 Failed resolution 47869 47869 94.228.208.0/20 NETROUTING-AS Netrouting Data Facilities www2.burnvirusnow24.xorg.pl http://www2.burnvirusnow24.xorg.pl/106ad9749f86def3c9253188f7b59949af993008611.js

20100423021305 94.228.208.55 Failed resolution 47869 47869 94.228.208.0/20 NETROUTING-AS Netrouting Data Facilities www2.burnvirusnow24.xorg.pl http://www2.burnvirusnow24.xorg.pl/build106_258.php?cmd=getFile&counter=1&p=p52dcWppcF%2FCj8bYbn2AeVik12qTYGaMnNah2qeNm6nZwombm5h2lpd9fXGHodjSbpVeaGZpm2SUkmLHU9bYxKWspXOWh9R2WKiiqKSZdV%2FHltDLblajnZevoVPLoG2YXpWSmGdla2uTk5hsWKaemnVarKyeXpadYmllaGdom1PWo2KjXpWblGpvZmuVmImclXGAdl6roZ2eZZia

20100423021315 93.190.139.62 Failed resolution 49981 49981 93.190.136.0/22 WORLDSTREAM WorldStream www1.scan-protect10.xorg.pl http://www1.scan-protect10.xorg.pl/build106_258.php?cmd=sendFile&counter=1&p=p52dcWppcF%2FCj8bYbn2AeVik12qTYGaMnNah2qeNm6nZwombm5h2lpd9fXGHodjSbpVeaGZpm2SUkmLHU9bYxKWspXOWh9R2WKiiqKSZdV%2FHltDLblajnZevoVPLoG2YXpWSmGdla2uTk5hsWKaemnVarKyeXpadYmllaGdom1PWo2KjXpWblGpvZmuVmImclXGAdl6roZ2eZZia

20100423153931 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova protection100.xorg.pl http://protection100.xorg.pl/?mid=328&code=3593b2&d=3&s=0&name=Loading%20video...

20100424201032 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-scanner4.xorg.pl http://www-scanner4.xorg.pl/content1/qzzt/ckmrtmtoou/rqmqruiotr.html

20100424201038 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-scanner4.xorg.pl http://www-scanner4.xorg.pl/?id=2004&k=6c00ebfb0&d=1

20100424201045 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-scanner4.xorg.pl http://www-scanner4.xorg.pl/download.php?id=2004

20100424201052 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-scanner4.xorg.pl http://www-scanner4.xorg.pl/download/InstRem_2004_b8.exe

20100424201058 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-scanner1.xorg.pl http://www-scanner1.xorg.pl/download/InstRem_2004_b8.exe

20100424201105 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-scanner2.xorg.pl http://www-scanner2.xorg.pl/download/InstRem_2004_b8.exe

20100424201112 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-scanner3.xorg.pl http://www-scanner3.xorg.pl/download/InstRem_2004_b8.exe

20100424201119 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-scanner5.xorg.pl http://www-scanner5.xorg.pl/download/InstRem_2004_b8.exe

20100424223550 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova bestscanmalware.com.xorg.pl http://bestscanmalware.com.xorg.pl/?mid=328&code=3593b2&d=3&s=0&name=Loading%20video...

20100424223556 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova bestscanmalware.com.xorg.pl http://bestscanmalware.com.xorg.pl/download.php?id=328

20100424223603 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova bestscanmalware.com.xorg.pl http://bestscanmalware.com.xorg.pl/download/Setup_328.exe

20100425002153 93.186.124.94 static.vitalhosting.com.tr 44565 44565 93.186.112.0/20 VITAL VITAL TEKNOLOJI update2.winsystemupdates.xorg.pl http://update2.winsystemupdates.xorg.pl/index.php?controller=microinstaller&abbr=CUA&setupType=xp&ttl=21183195c59&pid=

20100425002714 217.149.251.12 smtp.gery.pl 15694 15694 217.149.240.0/20 ATMAN ATMAN Autonomous System www1.secyresyscare7.xorg.pl http://www1.secyresyscare7.xorg.pl/build30_289.php?cmd=sendFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qVYFbVoKDb2YmHWJjOxaCbkX1%2Bal6orKWeYJXKZWJkZmOenV6Io6THodjXoGJdo3OL1cytnpl2Wp6dpJ6eU9rPlqdqWpuooV6bYl6XY5uSlF9paVzXxsl2WKiscWlmb2qYYZafYWdTqKVqoV6UZ2GdYZWdk2hdlZmip7VfqZ2dcXBpcA%3D%3D

20100425002716 217.149.251.12 smtp.gery.pl 15694 15694 217.149.240.0/20 ATMAN ATMAN Autonomous System www1.workinsave13.xorg.pl http://www1.workinsave13.xorg.pl/build30_289.php?cmd=sendFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qVYFbVoKDb2YmHWJjOxaCbkX1%2Bal6orKWek5WWZWBklmRulGCIo6THodjXoGJdo3OL1cytnpl2Wp6dpJ6eU9rPlqdqWpuooV6bYl6XY5uSlF9paVzXxsl2WKiscWlmb2qZYp2ZZ2NTqKVqoV6UZ2GeYpyXmWRdlZmip7VfqZ2dcXBpcA%3D%3D

20100425002718 217.149.251.12 smtp.gery.pl 15694 15694 217.149.240.0/20 ATMAN ATMAN Autonomous System www2.flyguardon1.xorg.pl http://www2.flyguardon1.xorg.pl/build30_289.php?cmd=sendFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qVYFbVoKDb2YmHWJjOxaCbkX1%2Bal6orKWeXZWbZWZkZ2Obm46Io6THodjXoGJdo3OL1cytnpl2Wp6dpJ6eU9rPlqdqWpuooV6bYl6XY5uSlF9paVzXxsl2WKiscWlmb2qXX5iZaGFTqKVqoV6UZ2GcX5eXmmJdlZmip7VfqZ2dcXBpcA%3D%3D

20100425002720 217.149.251.12 smtp.gery.pl 15694 15694 217.149.240.0/20 ATMAN ATMAN Autonomous System www2.realfastguard40pd.xorg.pl http://www2.realfastguard40pd.xorg.pl/build30_289.php?cmd=sendFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qVYFbVoKDb2YmHWJjOxaCbkX1%2Bal6orKWeYJXMZWhkZGNqnGKIo6THodjXoGJdo3OL1cytnpl2Wp6dpJ6eU9rPlqdqWpuooV6bYl6XY5uSlF9paVzXxsl2WKiscWlmb2qXYp2damNTqKVqoV6UZ2GcYpybnGRdlZmip7VfqZ2dcXBpcA%3D%3D

20100425002722 217.149.251.12 smtp.gery.pl 15694 15694 217.149.240.0/20 ATMAN ATMAN Autonomous System www2.realfastguard40pd.xorg.pl http://www2.realfastguard40pd.xorg.pl/build30_289.php?cmd=sendFile&counter=2&p=p52dcWpscV%2FCj8bYbnOCdVik12qVYFbVoKDb2YmHWJjOxaCbkX1%2Bal6orKWeYJXMZWhkZGNqnGKIo6THodjXoGJdo3OL1cytnpl2Wp6dpJ6eU9rPlqdqWpuooV6bYl6XY5uSlF9paVzXxsl2WKiscWlmb2qXYp2damNTqKVqoV6UZ2GcYpybnGRdlZmip7VfqZ2dcXBpcA%3D%3D

20100425002724 217.149.251.12 smtp.gery.pl 15694 15694 217.149.240.0/20 ATMAN ATMAN Autonomous System www2.secyresyscare2.xorg.pl http://www2.secyresyscare2.xorg.pl/build107_289.php?cmd=sendFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qTYGeMnNah2qePglzHysd2lJOCeW5arK3NapeXlWRfa2RpymaTVqPajtfZ1m5do3OL1cytnpl2Wp6dpJ6eU9rPlqdqWpuooV6bYl6XY5uSlF9paVzXxsl2WKiscWlmb2qYYZeYaGVTqKVqoV6UZ2GdYZaWmmZdlZmip7VfqZ2dcXBpcA%3D%3D

20100425002726 217.149.251.12 smtp.gery.pl 15694 15694 217.149.240.0/20 ATMAN ATMAN Autonomous System www2.suaguard04pd.xorg.pl http://www2.suaguard04pd.xorg.pl/build30_289.php?cmd=sendFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qVYFbVoKDb2YmHWJjOxaCbkX1%2Bal6orKWeXZWbZWZkZ2Obm46Io6THodjXoGJdo3OL1cytnpl2Wp6dpJ6eU9rPlqdqWpuooV6bYl6XY5uSlF9paVzXxsl2WKiscWlmb2qXXZecYWdTqKVqoV6UZ2GcXZaak2hdlZmip7VfqZ2dcXBpcA%3D%3D

20100425002728 217.149.251.12 smtp.gery.pl 15694 15694 217.149.240.0/20 ATMAN ATMAN Autonomous System www3.defenderofpc35pd.xorg.pl http://www3.defenderofpc35pd.xorg.pl/build7_289.php?cmd=sendFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qZVp%2FZatrau4FdlJ%2FJnsWYe3lvWqyopHbHXsiaYWdlZWZomFPVpJHaotahlFeob1zZytell3FfmqGgnXaHo83LqG1TnaJ1lWaUXmGcZZGVkWNuWKjKx6Bfpqd2ZWpraHKaXpqcZFahp2R1lV%2BZYGmfXpmallealXOrs4mwm5h2bG1s

20100425002730 217.149.251.12 smtp.gery.pl 15694 15694 217.149.240.0/20 ATMAN ATMAN Autonomous System www3.defenderofpc35pd.xorg.pl http://www3.defenderofpc35pd.xorg.pl/build7_289.php?cmd=sendFile&counter=2&p=p52dcWpscV%2FCj8bYbnOCdVik12qZVp%2FZatrau4FdlJ%2FJnsWYe3lvWqyopHbHXsiaYWdlZWZomFPVpJHaotahlFeob1zZytell3FfmqGgnXaHo83LqG1TnaJ1lWaUXmGcZZGVkWNuWKjKx6Bfpqd2ZWpraHKaXpqcZFahp2R1lV%2BZYGmfXpmallealXOrs4mwm5h2bG1s

20100425002732 217.149.251.12 smtp.gery.pl 15694 15694 217.149.240.0/20 ATMAN ATMAN Autonomous System www3.defenderofpc35pd.xorg.pl http://www3.defenderofpc35pd.xorg.pl/build7_289.php?cmd=sendFile&counter=3&p=p52dcWpscV%2FCj8bYbnOCdVik12qZVp%2FZatrau4FdlJ%2FJnsWYe3lvWqyopHbHXsiaYWdlZWZomFPVpJHaotahlFeob1zZytell3FfmqGgnXaHo83LqG1TnaJ1lWaUXmGcZZGVkWNuWKjKx6Bfpqd2ZWpraHKaXpqcZFahp2R1lV%2BZYGmfXpmallealXOrs4mwm5h2bG1s

20100425002734 217.149.251.12 smtp.gery.pl 15694 15694 217.149.240.0/20 ATMAN ATMAN Autonomous System www3.defenderofpc35pd.xorg.pl http://www3.defenderofpc35pd.xorg.pl/build8_289.php?cmd=sendFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qaVp%2FZatrau4FdlJ%2FJnsWYe3lvWqyopHbHXsiaYWdlZWZomFPVpJHaotahiaJ0WKrO1c%2Beb1qfnaSZdV%2FXlsndblaWpG9pnV%2BQYWaeW5SSlWhdpJvLnomtpXFqZm9kcXKSZJadV6SgZm9plmSSaWmXZJWbiZSab3y3h9qilnFxaXA%3D

20100425002736 217.149.251.12 smtp.gery.pl 15694 15694 217.149.240.0/20 ATMAN ATMAN Autonomous System www3.defenderofpc35pd.xorg.pl http://www3.defenderofpc35pd.xorg.pl/build8_289.php?cmd=sendFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qaVp%2FZatrau4FdlJ%2FJnsWYe3lvWqyopHbHXsiaYWdlZWZomFPVpJHaotahiaJ0WKrO1c%2Beb1qfnaSZdV%2FXlsndblaWpG9pnV%2BQYWaeW5SSlWhdpJvLnsutpqRzY2dmmp6OodbLn5SgYqStk5%2BRkpHJmJWS05mnWKrYnpRraWRybWltcWmHodeYbmFfa2JxnV6baWCMkMahqYNdqZ%2FJnptuag%3D%3D

20100425002738 217.149.251.12 smtp.gery.pl 15694 15694 217.149.240.0/20 ATMAN ATMAN Autonomous System www3.defenderofpc35pd.xorg.pl http://www3.defenderofpc35pd.xorg.pl/build9_289.php?cmd=sendFile&counter=1&p=p52dcWpscV%2FCj8bYbnOCdVik12qbVp%2FZatrau4FdlJ%2FJnsWYe3lvWqyopHbHXsiaYWdlZWZomFPVpJHaotahiaJ0WKrO1c%2Beb1qfnaSZdV%2FXlsndblaWpG9pnV%2BQYWaeW5SSlWhdpJvLnomtpXFqZm9kcXKSZZSXV6SgZm9plmSSaWmXZZOViZSab3y3h9qilnFxaXA%3D

20100425011032 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova fastantivirusscanner15.com.xorg.pl http://fastantivirusscanner15.com.xorg.pl/a6b6f82231/?adama=ygzM&ynym=MjA0LjE0LI1LjA5j&ybebe=ramaritxau

20100425011039 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova fastantivirusscanner15.com.xorg.pl http://fastantivirusscanner15.com.xorg.pl/?mid=283&code=2a15a0&d=1

20100425011046 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova fastantivirusscanner15.com.xorg.pl http://fastantivirusscanner15.com.xorg.pl/download.php?id=283

20100425011052 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova fastantivirusscanner15.com.xorg.pl http://fastantivirusscanner15.com.xorg.pl/download/Setup_328.exe

20100425011059 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-scanner5.xorg.pl http://www-scanner5.xorg.pl/content1/qzzt/ckmrtmtoou/rqmqritzqq.html

20100425011106 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-scanner5.xorg.pl http://www-scanner5.xorg.pl/?id=2004&k=6c00ebfb0&d=1

20100425011113 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-scanner5.xorg.pl http://www-scanner5.xorg.pl/download.php?id=2004

20100425012432 74.118.193.81 Failed resolution 46664 46664 74.118.192.0/22 VOLUMEDRIVE - VolumeDrive www4.monaprotectguard11td.xorg.pl http://www4.monaprotectguard11td.xorg.pl/?p=p52dcWpscV%2FRlsijZFaZp29oiqHWnG3IXpeYxmhoZG2ZlQ%3D%3D

20100425012439 217.23.5.52 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www1.suaguardprotect12p.xorg.pl http://www1.suaguardprotect12p.xorg.pl?p=p52dcWpscV%2FCj8bYbn2AeVik12qTYGeMnNah2qePglzHysd2lJOCeXBarK3NasaXZWSQa2Nqm2GWVqPajtfZ1m5oWKeih9eipqCecV6aoaXGaorcmpWkcVih1GqaYl6ZZpGVlWRlZ2yL08ifb5ytqKhuZ2jYpNuaX52copOo1pzWlZPalNjF1ZVoY6rJj9uopJtnpKRzqHbRYpbKlIedp5WOiV%2BogpzZls2%2BqZKRomie0Myqeoune2t9kKnGhtzTmZ%2BHe2SS0H6HY3SLYKeK16R0Y2ick5RuZmxyZ16oq2ueXpadY2FiaGpxl1PFk22tb4nbzJV0amud

20100425012446 217.23.5.52 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www1.suaguardprotect12p.xorg.pl http://www1.suaguardprotect12p.xorg.pl/?p=p52dcWpscV%2FCj8bYbn2AeVik12qTYGeMnNah2qePglzHysd2lJOCeXBarK3NasaXZWSQa2Nqm2GWVqPajtfZ1m5oWKeih9eipqCecV6aoaXGaorcmpWkcVih1GqaYl6ZZpGVlWRlZ2yL08ifb5ytqKhuZ2jYpNuaX52copOo1pzWlZPalNjF1ZVoY6rJj9uopJtnpKRzqHbRYpbKlIedp5WOiV%2BogpzZls2%2BqZKRomie0Myqeoune2t9kKnGhtzTmZ%2BHe2SS0H6HY3SLYKeK16R0Y2ick5RuZmxyZ16oq2ueXpadY2FiaGpxl1PFk22tb4nbzJV0amud

20100425012453 217.23.5.52 Failed resolution 49981 49981 217.23.0.0/20 WORLDSTREAM WorldStream www1.suaguardprotect12p.xorg.pl http://www1.suaguardprotect12p.xorg.pl/107aad15ba6b97acb376b51a8c8c6708987d3008611.js

20100425031334 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-antivir.xorg.pl http://www-antivir.xorg.pl/content1/qzzt/ckmrtmtoou/rqmqroruvi.html

20100425031342 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-antivir.xorg.pl http://www-antivir.xorg.pl/?id=2004&k=6c00ebfb0&d=1

20100425031349 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-antivir.xorg.pl http://www-antivir.xorg.pl/download.php?id=2004

20100425031356 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-antivir.xorg.pl http://www-antivir.xorg.pl/download/InstRem_2004_b8.exe

20100425031423 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova fastantivirusscanner15.com.xorg.pl http://fastantivirusscanner15.com.xorg.pl/a2f31c41/?uqega=ygzM&aqaz=MjA0LjE0LI1LjA5j&avysu=ramaroruvm

20100425105607 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova antivir1a.com.xorg.pl http://antivir1a.com.xorg.pl/a3e2d6bc1/?egave=ygzM&apej=MjA0LjE0LI1LjA5j&ydepu=ramarkvrik

20100425105614 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova antivir1a.com.xorg.pl http://antivir1a.com.xorg.pl/?mid=283&code=2a15a0&d=1

20100425105621 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova antivir1a.com.xorg.pl http://antivir1a.com.xorg.pl/download.php?id=283

20100425105627 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova antivir1a.com.xorg.pl http://antivir1a.com.xorg.pl/download/Setup_283.exe

20100425105634 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-antivir3.xorg.pl http://www-antivir3.xorg.pl/content1/qzzt/ckmrtmtoou/rqmqrkvrik.html

20100425105641 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-antivir3.xorg.pl http://www-antivir3.xorg.pl/?id=2004&k=6c00ebfb0&d=1

20100425105648 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-antivir3.xorg.pl http://www-antivir3.xorg.pl/download.php?id=2004

20100425105655 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System www-antivir3.xorg.pl http://www-antivir3.xorg.pl/download/InstRem_2004_b8.exe

20100425194113 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova bestantivirus1.com.xorg.pl http://bestantivirus1.com.xorg.pl/?mid=283&code=2a15a0&d=1

20100425202820 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System my-scanner4.xorg.pl http://my-scanner4.xorg.pl/content1/qzzt/ckmrtmtoou/rqmqqququm.html

20100425202827 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System my-scanner4.xorg.pl http://my-scanner4.xorg.pl/?id=2004&k=6c00ebfb0&d=1

20100425202834 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System my-scanner1.xorg.pl http://my-scanner1.xorg.pl/download.php?id=2004

20100425202841 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System my-scanner1.xorg.pl http://my-scanner1.xorg.pl/download/InstRem_2004_b8.exe

20100425202849 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System my-scanner2.xorg.pl http://my-scanner2.xorg.pl/download.php?id=2004

20100425202856 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System my-scanner2.xorg.pl http://my-scanner2.xorg.pl/download/InstRem_2004_b8.exe

20100425202903 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System my-scanner3.xorg.pl http://my-scanner3.xorg.pl/download.php?id=2004

20100425202910 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System my-scanner3.xorg.pl http://my-scanner3.xorg.pl/download/InstRem_2004_b8.exe

20100425202917 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System my-scanner4.xorg.pl http://my-scanner4.xorg.pl/download.php?id=2004

20100425202924 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System my-scanner4.xorg.pl http://my-scanner4.xorg.pl/download/InstRem_2004_b8.exe

20100425202931 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System my-scanner5.xorg.pl http://my-scanner5.xorg.pl/download.php?id=2004

20100425202938 85.12.46.16 Failed resolution 34305 34305 85.12.0.0/18 EUROACCESS Euroaccess Global Autonomous System my-scanner5.xorg.pl http://my-scanner5.xorg.pl/download/InstRem_2004_b8.exe

20100425202945 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova spydefender1.com.xorg.pl http://spydefender1.com.xorg.pl/a90cc3461/?upuvy=ygzM&ejad=MjA0LjE0LI1LjA5j&ytuby=ramaaauauv

20100425202952 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova spydefender1.com.xorg.pl http://spydefender1.com.xorg.pl/?mid=283&code=2a15a0&d=1

20100425202959 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova spydefender1.com.xorg.pl http://spydefender1.com.xorg.pl/download.php?id=283

20100425203006 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova spydefender1.com.xorg.pl http://spydefender1.com.xorg.pl/download/Setup_283.exe

20100425220556 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova spydefender11.com.xorg.pl http://spydefender11.com.xorg.pl/a732b71/?uzuje=0IjM&utyd=ODIuNS45NEuNg%3D%3DD&avere=ramaaxvxui

20100425220723 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova win-antispyware10.com.xorg.pl http://win-antispyware10.com.xorg.pl/a8e8cd81/?epadu=ygzM&uvuq=MjA0LjE0LI1LjA5j&ajebu=ramaaaviok

20100425220730 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova win-antispyware10.com.xorg.pl http://win-antispyware10.com.xorg.pl/?mid=283&code=2a15a0&d=1

20100425220737 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova win-antispyware10.com.xorg.pl http://win-antispyware10.com.xorg.pl/download?id=283

20100425220743 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova win-antispyware10.com.xorg.pl http://win-antispyware10.com.xorg.pl/download/Setup_283.exe

20100425220747 195.5.161.125 Failed resolution 31252 31252 195.5.161.0/24 STARNET-AS StarNet Moldova fastantivirusscanner15.com.xorg.pl http://fastantivirusscanner15.com.xorg.pl/download/Setup_25.exe


From what I'm seeing, just as there was with the previous campaigns, there are new subdomains being created and put into service at least every 4-6 hours (can't follow it 24/7 obviously, so I do miss quite alot of them). xorg.pl have never responded to an abuse report, or enquiry into why they're ignoring this problem, so perhaps they'll respond to this.

No comments: