[funsec] Naughty thing ...
RLVaughn
Randy_Vaughn at baylor.edu
Tue Jan 17 19:23:39 CST 2006
Richard Cox wrote:
> On Wed, 18 Jan 2006 00:24:29 +0000 (GMT)
> Drsolly <drsollyp at drsolly.com> wrote:
>
>> <iframe src=
>> http://%77%77%77%2E%74%72%75%73%74%34%66%72%65%65%2E%77%73?id=index12
>> frameborder="0" width="1" height="1" scrolling="no" name=counter></iframe>
>
> That decodes to : <iframe src= http://www.trust4free.ws?id=index12
> frameborder="0" width="1" height="1" scrolling="no" name=counter></iframe>
>
> If that's malware, there are specific lists for reporting that ...
>
> Dig www.trust4free.ws at ns4.everydns.net (63.219.183.200) ...
> Authoritative Answer
> Query for www.trust4free.ws type=255 class=1
> www.trust4free.ws A (Address) 207.150.165.180
> trust4free.ws NS (Nameserver) ns1.everydns.net
> trust4free.ws NS (Nameserver) ns2.everydns.net
> trust4free.ws NS (Nameserver) ns3.everydns.net
> trust4free.ws NS (Nameserver) ns4.everydns.net
> ns1.everydns.net A (Address) 64.158.219.3
> ns2.everydns.net A (Address) 216.218.240.206
> ns3.everydns.net A (Address) 80.84.249.169
> ns4.everydns.net A (Address) 63.219.183.200
>
> Paging EVERYDNS to the WHITE COURTESY PHONE ...
>
> http://www.spamhaus.org/sbl/sbl.lasso?query=SBL37017
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
I've followed this one through and see nothing other
than a web site in Japanese with a link to duke.
More information about the funsec
mailing list