Blog for hpHosts, and whatever else I feel like writing about ....

Wednesday, 14 October 2009

Suspect ad network leads to PDF exploit

That email address of is well known. The subdomain is dual-homed on and (both NTT America, Inc).

The next hop is;b=2;c=0;z=406377 was regisitered on 17th September with the same "" contact details as is dual homed on, (both NTT America, Inc).

Yet another hop, this time to{munged} was created on 7th August 2009, registered to (again). is hosted on at some outfit called Linode.

Yet another hop, this time to which is currently down but was hosted on (Netdirekt E.k) who are pretty well known for hosting bad sites (but they may well have nuked this one already, and if so.. well done!)

Read more

No comments: