Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Malvertizement featuring americansingles.com

October 15th 2008 in Uncategorized

image

Malicious URL:
mystats.com/crossdomain.xml

mystats.com – IP 208.87.33.150 – Bahamas – Secure Hosting Ltd
ICANN Registrar: FABULOUS.COM PTY LTD
Created 23 July 1997
NS: NS1.HITFARM.COM
NS: NS2.HITFARM.COM
NS: NS3.HITFARM.COM

Reverse IP – reverse DNS – wc40-main.medialogik.com
1,156,828 domains at the same IP address!!!!

208.87.33.% – 1,156,841 domains !!!

medialogik.com – 72.51.27.100 – British Columbia – Vancouver – Nameview Inc
ICANN Registrar: Nameview Inc
Created 5 August 2001
WHOIS: Hidden behind “Whois Identity Shield”

Other sites at same IP:

1.  Aditcorp.com
2.  Bulkurl.com
3.  Exileddomains.com
4.  Gdei.com
5.  Hoststart.com
6.  Medialogik.com
7.  Proto.com
8.  Verticalaxis.com


Comments are closed.

            Malicious URL:track.megaplexer.com/statsa.php?campaign=<<snipped>> ICANN Registrar: Estdomains, IncCreated: 7 April 2003NS: NS1.MEGAPLEXER.COMNS: NS2.MEGAPLEXER.COMRegistrant:Vasil pentykovich(leonardo126@gmail.com – associated with 22 domains)Ny tipa normalnij addressShobloOther,20365PRTel. +023.2569856Fax. +023.5565599 Domain suspended – previous IP 64.15.157.119 64.15.157.119 – Canada Iweb Dedicated Cl

Previous Entry

It seems to me that Directi is not even close to cleaning up its act, and they certainly don’t seem to be keeping away from domains that are used to facilitate the distribution of fraudware.  Just over the past few days I have encountered quicktds.com (which had been registered since 16 Sept), pcvirusbuster.com (registered 7 […]

Next Entry

Archives