Those of you reading this blog for any length of time, or specializing in the documentation of malicious domains, will no doubt already be aware of RapidSwitch's history, but here's a little refresher for you;242 reasons to avoid 78.129.142.9 (RapidSwitch - AS29131)
http://hphosts.blogspot.com/2008/09/242-reasons-to-avoid-781291429.html
RapidSwitch customers still involved in SMS Fraud ......
http://hphosts.blogspot.com/2009/02/rapidswitch-customers-still-involved-in.html
Adobe9.0-PDF.com + Computer Solutions Group + 208.118.54.* + Xtreme Software Ltd + Saudi Arabia = Phishing and fraud network
http://hphosts.blogspot.com/2009/03/adobe90-pdfcom-computer-solutions-group.html
Zlkon.lv disconnected - but apparently not completely gone
http://hphosts.blogspot.com/2009/04/zlkonlv-disconnected-but-apparently-not.html
Fake malwarebytes site
http://www.malwarebytes.org/forums/index.php?showtopic=17213
Legitimate Software Typosquatted in SMS Micro-Payment Scam
http://ddanchev.blogspot.com/2009/07/legitimate-software-typosquatted-in-sms.html
RapidSwitch: UK webhosts in champagne throwing cat fight
http://hphosts.blogspot.com/2009/09/rapidswitch-uk-webhosts-in-champagne.html
LC Escrow & Consulting Fraud
http://www.bobbear.com/lcescrowandconsulting.html
Take your time, I'll wait.
Caught up? Good, lets begin shall we? We'll start by looking at what was there, as documented September last year. How many of these are still present? How many have moved? Well, the following contains the hpObserver validation results for those listed in hpHosts as residing on 78.129.*, which were done around an hour or so ago;
http://hosts-file.net/misc/hpObserver_results_-_RapidSwitch-231209.html
I believe the results speak for themselves - the majority are still present, and still involved in malicious activities.
Now, lets look at what's appeared over there in the last few months shall we? And I should point out, this only contains those recorded in my personal database (this database is not published online for varying reasons) and as such, is only a small example.
78.129.205.92 ns64.altervista.org hacklabz.altervista.org/php.txt
78.129.205.94 ns65.altervista.org prodef.altervista.org/dark.txt
78.129.205.94 ns65.altervista.org prodef.altervista.org/id1.txt
78.129.166.98 bod98.i0waterford.net antispyavailable.com/downloadsetup.php
78.129.205.62 ns50.altervista.org orangegraphics.altervista.org
78.129.205.62 ns50.altervista.org italianhom.altervista.org/home.htm
78.129.205.21 ns25.altervista.org all4upload.altervista.org/
78.129.205.17 ns30.altervista.org amoreterno.altervista.org/
78.129.205.29 ns3.altervista.org angelaplatania.altervista.org/
78.129.205.19 ns2.altervista.org bonesitalia.altervista.org/
78.129.205.19 ns2.altervista.org bonesitalia.altervista.org/home.htm
78.129.205.19 ns2.altervista.org casalbertone.altervista.org/index.php
78.129.157.185 ns3589.ukvpshosting.com www.10pips.com/ca/download.php
78.129.205.62 ns50.altervista.org orangegraphics.altervista.org/
78.129.166.98 bod98.i0waterford.net altapcsecurity.com/downloadsetup.php
78.129.166.166 Failed resolution top-pornnet.com/promo3/?aid=763&vname=flash_player.exe
78.129.166.175 Failed resolution tubez4fun.net/download/present.exe
78.129.205.9 ns23.altervista.org fatto.altervista.org/
78.129.205.88 ns63.altervista.org joew.altervista.org/index.php?mod=materiale2
78.129.205.9 ns23.altervista.org www.fatto.altervista.org/
78.129.205.9 ns23.altervista.org www.fatto.altervista.org/
78.129.205.13 ns24.altervista.org www.lorenzopravda.altervista.org/
78.129.205.13 ns24.altervista.org www.lorenzopravda.altervista.org/index.html
78.129.221.11 gateway.simirna.com brkweb.net/beestdwd
78.129.205.34 ns35.altervista.org www.swingthing.altervista.org/
78.129.205.96 ns66.altervista.org cr0j.altervista.org/dark.txt
78.129.205.76 ns57.altervista.org giacomox.altervista.org/ciccio.txt
78.129.205.96 ns66.altervista.org cr0j.altervista.org/id1.txt
78.129.205.96 ns66.altervista.org cr0j.altervista.org/bovsp.txt
78.129.205.31 ns34.altervista.org bhebhebhe.altervista.org/razor.txt
78.129.205.31 ns34.altervista.org bhebhebhe.altervista.org/federico.txt
78.129.205.9 ns23.altervista.org cinemiamo.altervista.org/
78.129.205.17 ns30.altervista.org dbzmito.altervista.org/index.php
78.129.205.7 ns33.altervista.org djandreaweb.altervista.org/
78.129.205.72 ns55.altervista.org eventishoujo.altervista.org/index.php?sl=in_giappone/uscite_manga/archivio/2006/marzo/marzo.htm
78.129.205.15 ns29.altervista.org frenkdjedanyk.altervista.org/photo28/index.html
78.129.205.2 ns32.altervista.org graficnika.altervista.org/
78.129.205.40 ns37.altervista.org hackerpsc.altervista.org/
78.129.205.21 ns25.altervista.org home.metin2pedia.altervista.org/php5/home/home.php?browser=firefox
78.129.205.29 ns3.altervista.org immobiliarerosa.altervista.org/cantieri/Nantoexscuole/index.htm
78.129.205.13 ns24.altervista.org makkot.altervista.org/
78.129.205.13 ns24.altervista.org makkot.altervista.org/index.htm
78.129.205.25 ns27.altervista.org marasma74.altervista.org/KINO/-Miscellaneous/index.html
78.129.205.17 ns30.altervista.org misterhide.altervista.org/elinks/_emulegay/index.html
78.129.205.17 ns30.altervista.org misterhide.altervista.org/elinks/_emulegay/index2.html
78.129.205.88 ns63.altervista.org moothunder.altervista.org/home.html
78.129.205.2 ns32.altervista.org napoorsocapo.altervista.org/home.htm
78.129.205.13 ns24.altervista.org pauraedeliriomp.altervista.org/
78.129.205.13 ns24.altervista.org pinkshoujosite.altervista.org/
78.129.205.21 ns25.altervista.org preda.altervista.org/
78.129.205.50 ns42.altervista.org shadowdance.altervista.org/
78.129.205.72 ns55.altervista.org soldier87.altervista.org/menu.htm
78.129.205.96 ns66.altervista.org dosnetter.altervista.org/par-.txt
78.129.167.135 server135.gnxnetwork.com spealman.net/go/on/
78.129.205.50 ns42.altervista.org uggstaff.altervista.org/130609/indexfoto.htm
78.129.205.50 ns42.altervista.org uggstaff.altervista.org/260507/indexfoto.htm
78.129.205.50 ns42.altervista.org uggstaff.altervista.org/300509/indexfoto.htm
78.129.205.21 ns25.altervista.org wantedlist2.altervista.org/
78.129.205.82 ns60.altervista.org worldmarmalade.altervista.org/
78.129.205.82 ns60.altervista.org worldmarmalade.altervista.org/home.htm
78.129.205.2 ns32.altervista.org www.graficnika.altervista.org/
78.129.205.11 ns22.altervista.org www.kssong.altervista.org/
78.129.166.5 bod5.i0waterford.net 78.129.166.5/~xqz/zw/ldr.exe
78.129.171.49 Failed resolution 78.129.171.49/doc/binor.exe
78.129.247.85 Failed resolution 78.129.247.85/~wwwhi5/images/view.php/image.php
78.129.149.37 backup.black-prophecy.org black-prophecy.org/bot.exe
78.129.166.166 Failed resolution security-components.com/promo3/get.php?aid=1361&vname=antivirus
78.129.205.13 ns24.altervista.org www.pinkshoujosite.altervista.org/
78.129.205.50 ns42.altervista.org www.uggstaff.altervista.org/020607/indexfoto.htm
78.129.205.50 ns42.altervista.org www.uggstaff.altervista.org/200609/indexfoto.htm
78.129.205.50 ns42.altervista.org www.uggstaff.altervista.org/230509/indexfoto.htm
78.129.205.50 ns42.altervista.org www.uggstaff.altervista.org/280209/indexfoto.htm
78.129.205.50 ns42.altervista.org www.uggstaff.altervista.org/rocciadisco/index.htm
78.129.205.48 ns41.altervista.org www.utopia2007.altervista.org/
78.129.166.166 Failed resolution antispyware-center.com/promo1/get.php
78.129.205.98 ns67.altervista.org druido12.altervista.org/federico.txt
78.129.205.98 ns67.altervista.org dig0z.altervista.org/bovsp.txt
78.129.166.178 Failed resolution scanreporting.com/ping13.php?id=1&mid=qhc15dj0erc1&aid=1&type=2
78.129.166.178 Failed resolution scanreporting.com/ping13.php?id=0&mid=qhc15dj0erc1&aid=1&type=2
78.129.166.98 bod98.i0waterford.net securesoftwarebill.com/buy.php
78.129.205.98 ns67.altervista.org babbudoiu.altervista.org/ciccio.txt
78.129.205.98 ns67.altervista.org sospendipure.altervista.org/sca/r0x-id.txt
78.129.221.11 gateway.simirna.com brkweb.net/mmyfi1ms
78.129.205.15 ns29.altervista.org iffty1.altervista.org
78.129.157.22 Failed resolution templates.rightconsultant.com
78.129.142.235 Failed resolution thegimp-full.info/bin/3962/fr/GIFAnimator.exe
78.129.178.133 Failed resolution a-zme.com/kwdxc/pbzyb/authorized.php
78.129.205.68 ns53.altervista.org gloverz.altervista.org/id2.txt
78.129.205.68 ns53.altervista.org gloverz.altervista.org/id1.txt
78.129.205.68 ns53.altervista.org monzetta.altervista.org/ciccio.txt
78.129.205.76 ns57.altervista.org sgarufante.altervista.org/razor.txt
78.129.205.104 ns69.altervista.org fr33z.altervista.org/id2.txt
78.129.205.104 ns69.altervista.org fr33z.altervista.org/id1.txt
78.129.205.104 ns69.altervista.org fr33z.altervista.org/dark.txt
78.129.205.104 ns69.altervista.org drogs.altervista.org/x00x/infoz.txt
78.129.205.104 ns69.altervista.org bring.altervista.org/bovsp.txt
78.129.205.104 ns69.altervista.org bring.altervista.org/dark.txt
78.129.205.104 ns69.altervista.org bring.altervista.org/id2.txt
78.129.205.104 ns69.altervista.org bring.altervista.org/id1.txt
78.129.168.231 Failed resolution dusecurity.com/shells/php/phpshell.txt
78.129.205.104 ns69.altervista.org tr1p.altervista.org/id2.txt
78.129.205.104 ns69.altervista.org tr1p.altervista.org/dark.txt
78.129.205.104 ns69.altervista.org tr1p.altervista.org/id1.txt
78.129.205.104 ns69.altervista.org c0c4.altervista.org/bovsp.txt
78.129.205.104 ns69.altervista.org c0c4.altervista.org/dark.txt
78.129.205.104 ns69.altervista.org c0c4.altervista.org/id2.txt
78.129.205.104 ns69.altervista.org c0c4.altervista.org/id1.txt
78.129.205.104 ns69.altervista.org pr0m0.altervista.org/bovsp.txt
78.129.205.104 ns69.altervista.org pr0m0.altervista.org/dark.txt
78.129.205.104 ns69.altervista.org pr0m0.altervista.org/id2.txt
78.129.205.104 ns69.altervista.org pr0m0.altervista.org/id1.txt
78.129.166.98 bod98.i0waterford.net system-tuner.net/downloadsetup.php
78.129.244.73
Failed resolution
clicks.totemcash.com clicks.totemcash.com/?s=32857&p=21&pp=1
78.129.178.202 server.centralservers.net oilinvestconf.com/images/statement.exe
78.129.178.202 server.centralservers.net signin.ebay.com.ws.ebayisapi.dll.ayvqppabvalabimvxkohzd.oilinvestconf.com/images/statement.exe
78.129.205.106 ns70.altervista.org v2k1.altervista.org/pw.txt
78.129.205.106 ns70.altervista.org v2k1.altervista.org/id2.txt
78.129.205.106 ns70.altervista.org v2k1.altervista.org/dark.txt
78.129.205.106 ns70.altervista.org v2k1.altervista.org/id1.txt
78.129.205.76 ns57.altervista.org v1k1.altervista.org/id2.txt
78.129.205.76 ns57.altervista.org v1k1.altervista.org/dark.txt
78.129.205.76 ns57.altervista.org v1k1.altervista.org/id1.txt
78.129.205.68 ns53.altervista.org vik9.altervista.org/bovsp.txt
78.129.205.68 ns53.altervista.org vik9.altervista.org/id2.txt
78.129.205.68 ns53.altervista.org vik9.altervista.org/dark.txt
78.129.205.68 ns53.altervista.org vik9.altervista.org/id1.txt
78.129.205.68 ns53.altervista.org vik8.altervista.org/id1.txt
78.129.205.68 ns53.altervista.org vik8.altervista.org/pw.txt
78.129.205.68 ns53.altervista.org vik8.altervista.org/id2.txt
78.129.205.68 ns53.altervista.org vik8.altervista.org/dark.txt
78.129.205.104 ns69.altervista.org vik6.altervista.org/bovsp.txt
78.129.205.104 ns69.altervista.org marchetto43.altervista.org/federico.txt
78.129.205.104 ns69.altervista.org vik6.altervista.org/id1.txt
78.129.205.104 ns69.altervista.org vik6.altervista.org/id2.txt
78.129.205.104 ns69.altervista.org vik6.altervista.org/dark.txt
78.129.205.104 ns69.altervista.org vik6.altervista.org/echos.txt
78.129.205.96 ns66.altervista.org vik5.altervista.org/id2.txt
78.129.205.96 ns66.altervista.org vik5.altervista.org/dark.txt
78.129.205.96 ns66.altervista.org vik5.altervista.org/id1.txt
78.129.205.104 ns69.altervista.org luchetto45.altervista.org/federico.txt
78.129.139.185 server.harshainfotech.com sigc.edu/ig/MBA_Complaince_report.my_doc.php
78.129.205.54 ns45.altervista.org br1973.altervista.org/power4/small/down7.htm
78.129.166.176 Failed resolution anysetupreports.com/go.php?afid=2473
78.129.166.176 Failed resolution online-anti-malware-scanner.com/go.php?afid=2473
78.129.166.177 Failed resolution online-bestfree-virus-scanner.com/go.php?afid=2473
78.129.166.179 Failed resolution readyoutube.com/go.php?afid=2473
78.129.242.140 uk36.sayfa.net salihlimousine.com/looks4/another/kind55.html
78.129.242.140 uk36.sayfa.net salihlimousine.com/looks4/another/science30.html
78.129.166.178 Failed resolution scanreporting.com/go.php?afid=2473
78.129.146.102 uk60.sayfa.net yesilcam.gen.tr/even96/history/hard62.htm
78.129.146.102 uk60.sayfa.net yesilcam.gen.tr/even96/history/view16.htm
78.129.146.102 uk60.sayfa.net yesilcam.gen.tr/near25/just/found62.htm
78.129.146.102 uk60.sayfa.net yesilcam.gen.tr/near25/just/upon12.htm
78.129.166.98 bod98.i0waterford.net spyremoveronline.com/download.php
87.117.200.128 server.standupserver.com freebingovouchers.co.uk/
78.129.205.27 ns31.altervista.org passovizze1978.altervista.org
78.129.166.141 Failed resolution activelayersecurity.cn/buy.php?id=139&subid=1
78.129.166.141 Failed resolution 78.129.166.141/malw.db
78.129.166.141 Failed resolution 78.129.166.141/buy.php?id=139&subid=1
78.129.166.141 Failed resolution 78.129.166.141/antimalware.exe
78.129.166.141 Failed resolution 78.129.166.141/uninstall.exe
78.129.166.141 Failed resolution activelayersecurity.cn/antimalware.exe
78.129.166.141 Failed resolution activelayersecurity.cn/uninstall.exe
78.129.205.96 ns66.altervista.org sheridansfaces.altervista.org/965/?go
78.129.139.185 server.harshainfotech.com imayamcollege.org/images/styles.php
78.129.166.11 bod11.i0waterford.net securitytoolnow.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net securitytoolnow.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net securitytoolnow.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net security-utility.net/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net security-utility.net/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net security-utility.net/downloader.php?affid=92800
78.129.205.21 ns25.altervista.org pesforlife.altervista.org/language/it/email/_images/lesbian-esthetique-salon/index.html
78.129.205.21 ns25.altervista.org pesforlife.altervista.org/language/it/email/_images/lesbian-esthetique-salon/map.html
78.129.166.11 bod11.i0waterford.net newsecuritytools.net/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net newsecuritytools.net/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net newsecuritytools.net/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net securitytoolstool.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net securitytoolstool.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net securitytoolstool.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net packagebusiness.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net packagebusiness.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net packagebusiness.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net createfinancialstability.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net createfinancialstability.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net createfinancialstability.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net createfinancialstability.com/downloader.php
78.129.166.11 bod11.i0waterford.net createfinancialstability.com/hitin.php?land=20&affid=92300
78.129.166.11 bod11.i0waterford.net essentialhealthpartners.com/hitin.php?land=20&affid=92300
78.129.166.11 bod11.i0waterford.net createfinancialstability.com/hitin.php?land%253D20&affid%253D91107
78.129.166.11 bod11.i0waterford.net packagebusiness.com/hitin.php
78.129.166.11 bod11.i0waterford.net scanserviceworld.com/hitin.php?land%253D20
78.129.166.11 bod11.i0waterford.net scanserviceworld.com/hitin.php?land=20&affid=92300
78.129.166.11 bod11.i0waterford.net securitytoolstool.com/downloader.php?affid=91107
83.142.226.125 lion.base360.com mirror01.x264.nl/x264/64bit/revision1342/x264.exe
78.129.139.185 server.harshainfotech.com envirodesal.com
78.129.166.11 bod11.i0waterford.net securitytoolnow.com
78.129.166.11 bod11.i0waterford.net securitytoolnow.com/downloader.php?affid=92400
78.129.166.11 bod11.i0waterford.net securitytoolnow.com/hitin.php
78.129.166.11 bod11.i0waterford.net securitytoolnow.com/hitin.php?land=20&affid=92400
78.129.166.11 bod11.i0waterford.net pcmedicalbilling.com/downloader.php
78.129.166.11 bod11.i0waterford.net pcmedicalbilling.com/hitin.php?land=20&affid=92400
78.129.166.11 bod11.i0waterford.net security-utility.net/hitin.php?land=20&affid=92400
78.129.166.11 bod11.i0waterford.net securitytoolsclick.net/hitin.php?land=20&affid=92400
78.129.166.11 bod11.i0waterford.net securitytoolsclick.net/index.php?affid=90400
78.129.166.11 bod11.i0waterford.net newsecuritytools.net/hitin.php?land=20&affid=92400
78.129.166.11 bod11.i0waterford.net securitytoolsclick.net:80/hitin.php?land=20&affid=92600
78.129.166.175 Failed resolution 78.129.166.175/go.php
78.129.166.176 Failed resolution 78.129.166.176/go.php
78.129.166.177 Failed resolution 78.129.166.177/go.php
78.129.166.178 Failed resolution 78.129.166.178/go.php
78.129.166.179 Failed resolution 78.129.166.179/go.php
78.129.166.180 Failed resolution 78.129.166.180/go.php
78.129.166.177 Failed resolution free-girls-xxx.net/go.php
78.129.166.11 bod11.i0waterford.net securitytoolblog.net/hitin.php?land=20&affid=92300
78.129.166.11 bod11.i0waterford.net securitytoolstool.com/hitin.php?land=20&affid=92300
78.129.142.9 Failed resolution www.div-x.ws/it/install_DivXInstaller.exe
78.129.166.11 bod11.i0waterford.net countymove.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net countymove.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net countymove.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net essentialhealthpartners.com/downloader.php
78.129.166.11 bod11.i0waterford.net packagebusiness.com/hitin.php?land=20&affid=92300
78.129.166.11 bod11.i0waterford.net securitysoftcore.com
78.129.166.11 bod11.i0waterford.net securitysoftcore.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net securitytoolnow.com/downloader.php?affid=91109
78.129.166.11 bod11.i0waterford.net securitytoolstool.com
78.129.166.11 bod11.i0waterford.net www.securitysoftcore.com/hitin.php?land=20&affid=92300
78.129.166.11 bod11.i0waterford.net yourlegalprotection.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net yourlegalprotection.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net yourlegalprotection.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net securitysoftdrink.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net securitysoftdrink.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net securitysoftdrink.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net antivirussoftadult.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net antivirussoftadult.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net antivirussoftadult.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net theantyspywaretool.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net theantyspywaretool.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net theantyspywaretool.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net www.securitysoftcore.com/index.php?affid=00000
78.129.166.11 bod11.i0waterford.net www.securitysoftcore.com/downloader.php?affid=00000
78.129.205.23 ns26.altervista.org svn.altervista.org/477/?go
78.129.142.235 Failed resolution aircrack-es.com/bin/7046/es/aircrack-ng-0.9.3-win.exe
78.129.205.54 ns45.altervista.org pinomusik.altervista.org/
78.129.166.143 Failed resolution activesecurityguard.cn/antimalware.exe
78.129.205.94 ns65.altervista.org prodef.altervista.org/dark.txt
78.129.205.94 ns65.altervista.org prodef.altervista.org/id1.txt
78.129.166.98 bod98.i0waterford.net antispyavailable.com/downloadsetup.php
78.129.205.62 ns50.altervista.org orangegraphics.altervista.org
78.129.205.62 ns50.altervista.org italianhom.altervista.org/home.htm
78.129.205.21 ns25.altervista.org all4upload.altervista.org/
78.129.205.17 ns30.altervista.org amoreterno.altervista.org/
78.129.205.29 ns3.altervista.org angelaplatania.altervista.org/
78.129.205.19 ns2.altervista.org bonesitalia.altervista.org/
78.129.205.19 ns2.altervista.org bonesitalia.altervista.org/home.htm
78.129.205.19 ns2.altervista.org casalbertone.altervista.org/index.php
78.129.157.185 ns3589.ukvpshosting.com www.10pips.com/ca/download.php
78.129.205.62 ns50.altervista.org orangegraphics.altervista.org/
78.129.166.98 bod98.i0waterford.net altapcsecurity.com/downloadsetup.php
78.129.166.166 Failed resolution top-pornnet.com/promo3/?aid=763&vname=flash_player.exe
78.129.166.175 Failed resolution tubez4fun.net/download/present.exe
78.129.205.9 ns23.altervista.org fatto.altervista.org/
78.129.205.88 ns63.altervista.org joew.altervista.org/index.php?mod=materiale2
78.129.205.9 ns23.altervista.org www.fatto.altervista.org/
78.129.205.9 ns23.altervista.org www.fatto.altervista.org/
78.129.205.13 ns24.altervista.org www.lorenzopravda.altervista.org/
78.129.205.13 ns24.altervista.org www.lorenzopravda.altervista.org/index.html
78.129.221.11 gateway.simirna.com brkweb.net/beestdwd
78.129.205.34 ns35.altervista.org www.swingthing.altervista.org/
78.129.205.96 ns66.altervista.org cr0j.altervista.org/dark.txt
78.129.205.76 ns57.altervista.org giacomox.altervista.org/ciccio.txt
78.129.205.96 ns66.altervista.org cr0j.altervista.org/id1.txt
78.129.205.96 ns66.altervista.org cr0j.altervista.org/bovsp.txt
78.129.205.31 ns34.altervista.org bhebhebhe.altervista.org/razor.txt
78.129.205.31 ns34.altervista.org bhebhebhe.altervista.org/federico.txt
78.129.205.9 ns23.altervista.org cinemiamo.altervista.org/
78.129.205.17 ns30.altervista.org dbzmito.altervista.org/index.php
78.129.205.7 ns33.altervista.org djandreaweb.altervista.org/
78.129.205.72 ns55.altervista.org eventishoujo.altervista.org/index.php?sl=in_giappone/uscite_manga/archivio/2006/marzo/marzo.htm
78.129.205.15 ns29.altervista.org frenkdjedanyk.altervista.org/photo28/index.html
78.129.205.2 ns32.altervista.org graficnika.altervista.org/
78.129.205.40 ns37.altervista.org hackerpsc.altervista.org/
78.129.205.21 ns25.altervista.org home.metin2pedia.altervista.org/php5/home/home.php?browser=firefox
78.129.205.29 ns3.altervista.org immobiliarerosa.altervista.org/cantieri/Nantoexscuole/index.htm
78.129.205.13 ns24.altervista.org makkot.altervista.org/
78.129.205.13 ns24.altervista.org makkot.altervista.org/index.htm
78.129.205.25 ns27.altervista.org marasma74.altervista.org/KINO/-Miscellaneous/index.html
78.129.205.17 ns30.altervista.org misterhide.altervista.org/elinks/_emulegay/index.html
78.129.205.17 ns30.altervista.org misterhide.altervista.org/elinks/_emulegay/index2.html
78.129.205.88 ns63.altervista.org moothunder.altervista.org/home.html
78.129.205.2 ns32.altervista.org napoorsocapo.altervista.org/home.htm
78.129.205.13 ns24.altervista.org pauraedeliriomp.altervista.org/
78.129.205.13 ns24.altervista.org pinkshoujosite.altervista.org/
78.129.205.21 ns25.altervista.org preda.altervista.org/
78.129.205.50 ns42.altervista.org shadowdance.altervista.org/
78.129.205.72 ns55.altervista.org soldier87.altervista.org/menu.htm
78.129.205.96 ns66.altervista.org dosnetter.altervista.org/par-.txt
78.129.167.135 server135.gnxnetwork.com spealman.net/go/on/
78.129.205.50 ns42.altervista.org uggstaff.altervista.org/130609/indexfoto.htm
78.129.205.50 ns42.altervista.org uggstaff.altervista.org/260507/indexfoto.htm
78.129.205.50 ns42.altervista.org uggstaff.altervista.org/300509/indexfoto.htm
78.129.205.21 ns25.altervista.org wantedlist2.altervista.org/
78.129.205.82 ns60.altervista.org worldmarmalade.altervista.org/
78.129.205.82 ns60.altervista.org worldmarmalade.altervista.org/home.htm
78.129.205.2 ns32.altervista.org www.graficnika.altervista.org/
78.129.205.11 ns22.altervista.org www.kssong.altervista.org/
78.129.166.5 bod5.i0waterford.net 78.129.166.5/~xqz/zw/ldr.exe
78.129.171.49 Failed resolution 78.129.171.49/doc/binor.exe
78.129.247.85 Failed resolution 78.129.247.85/~wwwhi5/images/view.php/image.php
78.129.149.37 backup.black-prophecy.org black-prophecy.org/bot.exe
78.129.166.166 Failed resolution security-components.com/promo3/get.php?aid=1361&vname=antivirus
78.129.205.13 ns24.altervista.org www.pinkshoujosite.altervista.org/
78.129.205.50 ns42.altervista.org www.uggstaff.altervista.org/020607/indexfoto.htm
78.129.205.50 ns42.altervista.org www.uggstaff.altervista.org/200609/indexfoto.htm
78.129.205.50 ns42.altervista.org www.uggstaff.altervista.org/230509/indexfoto.htm
78.129.205.50 ns42.altervista.org www.uggstaff.altervista.org/280209/indexfoto.htm
78.129.205.50 ns42.altervista.org www.uggstaff.altervista.org/rocciadisco/index.htm
78.129.205.48 ns41.altervista.org www.utopia2007.altervista.org/
78.129.166.166 Failed resolution antispyware-center.com/promo1/get.php
78.129.205.98 ns67.altervista.org druido12.altervista.org/federico.txt
78.129.205.98 ns67.altervista.org dig0z.altervista.org/bovsp.txt
78.129.166.178 Failed resolution scanreporting.com/ping13.php?id=1&mid=qhc15dj0erc1&aid=1&type=2
78.129.166.178 Failed resolution scanreporting.com/ping13.php?id=0&mid=qhc15dj0erc1&aid=1&type=2
78.129.166.98 bod98.i0waterford.net securesoftwarebill.com/buy.php
78.129.205.98 ns67.altervista.org babbudoiu.altervista.org/ciccio.txt
78.129.205.98 ns67.altervista.org sospendipure.altervista.org/sca/r0x-id.txt
78.129.221.11 gateway.simirna.com brkweb.net/mmyfi1ms
78.129.205.15 ns29.altervista.org iffty1.altervista.org
78.129.157.22 Failed resolution templates.rightconsultant.com
78.129.142.235 Failed resolution thegimp-full.info/bin/3962/fr/GIFAnimator.exe
78.129.178.133 Failed resolution a-zme.com/kwdxc/pbzyb/authorized.php
78.129.205.68 ns53.altervista.org gloverz.altervista.org/id2.txt
78.129.205.68 ns53.altervista.org gloverz.altervista.org/id1.txt
78.129.205.68 ns53.altervista.org monzetta.altervista.org/ciccio.txt
78.129.205.76 ns57.altervista.org sgarufante.altervista.org/razor.txt
78.129.205.104 ns69.altervista.org fr33z.altervista.org/id2.txt
78.129.205.104 ns69.altervista.org fr33z.altervista.org/id1.txt
78.129.205.104 ns69.altervista.org fr33z.altervista.org/dark.txt
78.129.205.104 ns69.altervista.org drogs.altervista.org/x00x/infoz.txt
78.129.205.104 ns69.altervista.org bring.altervista.org/bovsp.txt
78.129.205.104 ns69.altervista.org bring.altervista.org/dark.txt
78.129.205.104 ns69.altervista.org bring.altervista.org/id2.txt
78.129.205.104 ns69.altervista.org bring.altervista.org/id1.txt
78.129.168.231 Failed resolution dusecurity.com/shells/php/phpshell.txt
78.129.205.104 ns69.altervista.org tr1p.altervista.org/id2.txt
78.129.205.104 ns69.altervista.org tr1p.altervista.org/dark.txt
78.129.205.104 ns69.altervista.org tr1p.altervista.org/id1.txt
78.129.205.104 ns69.altervista.org c0c4.altervista.org/bovsp.txt
78.129.205.104 ns69.altervista.org c0c4.altervista.org/dark.txt
78.129.205.104 ns69.altervista.org c0c4.altervista.org/id2.txt
78.129.205.104 ns69.altervista.org c0c4.altervista.org/id1.txt
78.129.205.104 ns69.altervista.org pr0m0.altervista.org/bovsp.txt
78.129.205.104 ns69.altervista.org pr0m0.altervista.org/dark.txt
78.129.205.104 ns69.altervista.org pr0m0.altervista.org/id2.txt
78.129.205.104 ns69.altervista.org pr0m0.altervista.org/id1.txt
78.129.166.98 bod98.i0waterford.net system-tuner.net/downloadsetup.php
78.129.244.73
Failed resolution
clicks.totemcash.com clicks.totemcash.com/?s=32857&p=21&pp=1
78.129.178.202 server.centralservers.net oilinvestconf.com/images/statement.exe
78.129.178.202 server.centralservers.net signin.ebay.com.ws.ebayisapi.dll.ayvqppabvalabimvxkohzd.oilinvestconf.com/images/statement.exe
78.129.205.106 ns70.altervista.org v2k1.altervista.org/pw.txt
78.129.205.106 ns70.altervista.org v2k1.altervista.org/id2.txt
78.129.205.106 ns70.altervista.org v2k1.altervista.org/dark.txt
78.129.205.106 ns70.altervista.org v2k1.altervista.org/id1.txt
78.129.205.76 ns57.altervista.org v1k1.altervista.org/id2.txt
78.129.205.76 ns57.altervista.org v1k1.altervista.org/dark.txt
78.129.205.76 ns57.altervista.org v1k1.altervista.org/id1.txt
78.129.205.68 ns53.altervista.org vik9.altervista.org/bovsp.txt
78.129.205.68 ns53.altervista.org vik9.altervista.org/id2.txt
78.129.205.68 ns53.altervista.org vik9.altervista.org/dark.txt
78.129.205.68 ns53.altervista.org vik9.altervista.org/id1.txt
78.129.205.68 ns53.altervista.org vik8.altervista.org/id1.txt
78.129.205.68 ns53.altervista.org vik8.altervista.org/pw.txt
78.129.205.68 ns53.altervista.org vik8.altervista.org/id2.txt
78.129.205.68 ns53.altervista.org vik8.altervista.org/dark.txt
78.129.205.104 ns69.altervista.org vik6.altervista.org/bovsp.txt
78.129.205.104 ns69.altervista.org marchetto43.altervista.org/federico.txt
78.129.205.104 ns69.altervista.org vik6.altervista.org/id1.txt
78.129.205.104 ns69.altervista.org vik6.altervista.org/id2.txt
78.129.205.104 ns69.altervista.org vik6.altervista.org/dark.txt
78.129.205.104 ns69.altervista.org vik6.altervista.org/echos.txt
78.129.205.96 ns66.altervista.org vik5.altervista.org/id2.txt
78.129.205.96 ns66.altervista.org vik5.altervista.org/dark.txt
78.129.205.96 ns66.altervista.org vik5.altervista.org/id1.txt
78.129.205.104 ns69.altervista.org luchetto45.altervista.org/federico.txt
78.129.139.185 server.harshainfotech.com sigc.edu/ig/MBA_Complaince_report.my_doc.php
78.129.205.54 ns45.altervista.org br1973.altervista.org/power4/small/down7.htm
78.129.166.176 Failed resolution anysetupreports.com/go.php?afid=2473
78.129.166.176 Failed resolution online-anti-malware-scanner.com/go.php?afid=2473
78.129.166.177 Failed resolution online-bestfree-virus-scanner.com/go.php?afid=2473
78.129.166.179 Failed resolution readyoutube.com/go.php?afid=2473
78.129.242.140 uk36.sayfa.net salihlimousine.com/looks4/another/kind55.html
78.129.242.140 uk36.sayfa.net salihlimousine.com/looks4/another/science30.html
78.129.166.178 Failed resolution scanreporting.com/go.php?afid=2473
78.129.146.102 uk60.sayfa.net yesilcam.gen.tr/even96/history/hard62.htm
78.129.146.102 uk60.sayfa.net yesilcam.gen.tr/even96/history/view16.htm
78.129.146.102 uk60.sayfa.net yesilcam.gen.tr/near25/just/found62.htm
78.129.146.102 uk60.sayfa.net yesilcam.gen.tr/near25/just/upon12.htm
78.129.166.98 bod98.i0waterford.net spyremoveronline.com/download.php
87.117.200.128 server.standupserver.com freebingovouchers.co.uk/
78.129.205.27 ns31.altervista.org passovizze1978.altervista.org
78.129.166.141 Failed resolution activelayersecurity.cn/buy.php?id=139&subid=1
78.129.166.141 Failed resolution 78.129.166.141/malw.db
78.129.166.141 Failed resolution 78.129.166.141/buy.php?id=139&subid=1
78.129.166.141 Failed resolution 78.129.166.141/antimalware.exe
78.129.166.141 Failed resolution 78.129.166.141/uninstall.exe
78.129.166.141 Failed resolution activelayersecurity.cn/antimalware.exe
78.129.166.141 Failed resolution activelayersecurity.cn/uninstall.exe
78.129.205.96 ns66.altervista.org sheridansfaces.altervista.org/965/?go
78.129.139.185 server.harshainfotech.com imayamcollege.org/images/styles.php
78.129.166.11 bod11.i0waterford.net securitytoolnow.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net securitytoolnow.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net securitytoolnow.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net security-utility.net/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net security-utility.net/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net security-utility.net/downloader.php?affid=92800
78.129.205.21 ns25.altervista.org pesforlife.altervista.org/language/it/email/_images/lesbian-esthetique-salon/index.html
78.129.205.21 ns25.altervista.org pesforlife.altervista.org/language/it/email/_images/lesbian-esthetique-salon/map.html
78.129.166.11 bod11.i0waterford.net newsecuritytools.net/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net newsecuritytools.net/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net newsecuritytools.net/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net securitytoolstool.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net securitytoolstool.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net securitytoolstool.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net packagebusiness.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net packagebusiness.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net packagebusiness.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net createfinancialstability.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net createfinancialstability.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net createfinancialstability.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net createfinancialstability.com/downloader.php
78.129.166.11 bod11.i0waterford.net createfinancialstability.com/hitin.php?land=20&affid=92300
78.129.166.11 bod11.i0waterford.net essentialhealthpartners.com/hitin.php?land=20&affid=92300
78.129.166.11 bod11.i0waterford.net createfinancialstability.com/hitin.php?land%253D20&affid%253D91107
78.129.166.11 bod11.i0waterford.net packagebusiness.com/hitin.php
78.129.166.11 bod11.i0waterford.net scanserviceworld.com/hitin.php?land%253D20
78.129.166.11 bod11.i0waterford.net scanserviceworld.com/hitin.php?land=20&affid=92300
78.129.166.11 bod11.i0waterford.net securitytoolstool.com/downloader.php?affid=91107
83.142.226.125 lion.base360.com mirror01.x264.nl/x264/64bit/revision1342/x264.exe
78.129.139.185 server.harshainfotech.com envirodesal.com
78.129.166.11 bod11.i0waterford.net securitytoolnow.com
78.129.166.11 bod11.i0waterford.net securitytoolnow.com/downloader.php?affid=92400
78.129.166.11 bod11.i0waterford.net securitytoolnow.com/hitin.php
78.129.166.11 bod11.i0waterford.net securitytoolnow.com/hitin.php?land=20&affid=92400
78.129.166.11 bod11.i0waterford.net pcmedicalbilling.com/downloader.php
78.129.166.11 bod11.i0waterford.net pcmedicalbilling.com/hitin.php?land=20&affid=92400
78.129.166.11 bod11.i0waterford.net security-utility.net/hitin.php?land=20&affid=92400
78.129.166.11 bod11.i0waterford.net securitytoolsclick.net/hitin.php?land=20&affid=92400
78.129.166.11 bod11.i0waterford.net securitytoolsclick.net/index.php?affid=90400
78.129.166.11 bod11.i0waterford.net newsecuritytools.net/hitin.php?land=20&affid=92400
78.129.166.11 bod11.i0waterford.net securitytoolsclick.net:80/hitin.php?land=20&affid=92600
78.129.166.175 Failed resolution 78.129.166.175/go.php
78.129.166.176 Failed resolution 78.129.166.176/go.php
78.129.166.177 Failed resolution 78.129.166.177/go.php
78.129.166.178 Failed resolution 78.129.166.178/go.php
78.129.166.179 Failed resolution 78.129.166.179/go.php
78.129.166.180 Failed resolution 78.129.166.180/go.php
78.129.166.177 Failed resolution free-girls-xxx.net/go.php
78.129.166.11 bod11.i0waterford.net securitytoolblog.net/hitin.php?land=20&affid=92300
78.129.166.11 bod11.i0waterford.net securitytoolstool.com/hitin.php?land=20&affid=92300
78.129.142.9 Failed resolution www.div-x.ws/it/install_DivXInstaller.exe
78.129.166.11 bod11.i0waterford.net countymove.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net countymove.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net countymove.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net essentialhealthpartners.com/downloader.php
78.129.166.11 bod11.i0waterford.net packagebusiness.com/hitin.php?land=20&affid=92300
78.129.166.11 bod11.i0waterford.net securitysoftcore.com
78.129.166.11 bod11.i0waterford.net securitysoftcore.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net securitytoolnow.com/downloader.php?affid=91109
78.129.166.11 bod11.i0waterford.net securitytoolstool.com
78.129.166.11 bod11.i0waterford.net www.securitysoftcore.com/hitin.php?land=20&affid=92300
78.129.166.11 bod11.i0waterford.net yourlegalprotection.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net yourlegalprotection.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net yourlegalprotection.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net securitysoftdrink.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net securitysoftdrink.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net securitysoftdrink.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net antivirussoftadult.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net antivirussoftadult.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net antivirussoftadult.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net theantyspywaretool.com/index.php?affid=92800
78.129.166.11 bod11.i0waterford.net theantyspywaretool.com/downloader.php?affid=92800
78.129.166.11 bod11.i0waterford.net theantyspywaretool.com/hitin.php?land=20&affid=92800
78.129.166.11 bod11.i0waterford.net www.securitysoftcore.com/index.php?affid=00000
78.129.166.11 bod11.i0waterford.net www.securitysoftcore.com/downloader.php?affid=00000
78.129.205.23 ns26.altervista.org svn.altervista.org/477/?go
78.129.142.235 Failed resolution aircrack-es.com/bin/7046/es/aircrack-ng-0.9.3-win.exe
78.129.205.54 ns45.altervista.org pinomusik.altervista.org/
78.129.166.143 Failed resolution activesecurityguard.cn/antimalware.exe
Here we see everything from RFI's, to fake AV's (these are the most common sighting within the RapidSwitch networks) and a spot of Koobface (e.g. svn.altervista.org/477, which as of a check a couple seconds ago, appears to have been cleaned up), with exploits such as those at pinomusik.altervista.org (see Wepawet results for details), thrown in for good measure.
I'm afraid, given this behaviour is continuing, and is in some measures, getting worse on the RS network, I believe it's safe to say RapidSwitch quite simply don't care. They ARE aware of the malicious traffic within their networks. How do I know? Well for starters, I'm not the only one to try and report it to them, and actually have them do something (I tried back in 2008, which was a complete waste of time, and have reported malicious content to them since then, with absolutely no reply (though given they blocked e-mail from me getting through to them (or so they claimed), I'm not really surprised)).
I do wonder however, how exactly they're explaining themselves to the legit customers they do actually have, and to their shareholders and whatnot (though given shareholders typically only care about profit, I doubt they care either). I suspect it's along the lines of "we're a large ISP and can't possible know about everything, and don't have access to customers servers, and ..... and ..... ", aka: excuses.
For those interested, you'll also find malicious content within the RapidSwitch networks, documented at;
MalwareURL
http://www.malwareurl.com/search.php?domain=&s=AS29131&match=0&rp=50&urls=on&redirs=on&ip=on&reverse=on&as=on
MalwareDomainList
http://www.malwaredomainlist.com/mdl.php?search=29131&colsearch=All&quantity=50
Clean-MX
http://support.clean-mx.de/clean-mx/viruses.php?as=AS29131
http://support.clean-mx.de/clean-mx/phishing.php?as=AS29131
Until such time as RapidSwitch die a horrible death, or boot all of their current management/staff and hire people that actually care about more than profit, I'm personally continuing to blackhole their entire ranges, and strongly urge everyone else do the same (to those legit customers unfortunate enough to be hosted with RapidSwitch - MOVE ELSEWHERE!!!).
Posts
No comments:
Post a Comment