Added more IE 0-day exploit domains from isc.sans.org:
17xj .cn 64tianwang .com 27pay .com 6gerere3e .cn 2wdqwdqw .cn 85580000 .com 66yttrre .cn babi2009 .com 6sys6 .cn ccfsdee32 .cn 73yi .cn cdew32dsw .cn 7iai .cn ceewe3w2 .cn 9owe2211 .cn d212dddw .cn carloon .cn dasda11d .cn ckt5 .cn duiguide .us gkiot .cn dump .vicp .cc hostts .cn haha888l .com huimzhe .cn haha999b .com kan31ni .cn hao-duo .com kmip .net jazzhigh .com mjbox .com linezing .com xin765 .com netcode .com y2y2dfa .cn wildmansai .com
Read this page if you want to report a false positive.
Domains.txt file is the complete list along with original reference. New: Justdomains contains list of only the domain names. Updates are located at http://www.malwaredomains.com/updates. The full files are located at: http://www.malwaredomains.com/files BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.
Also Available in AdBlock, ISA, and MaraDNS formats. Now a trusted source on the WOT-the Web of Trust! Used by SURBL, MOREnet, and others…
The Internet Storm Center has a running list of IE 0day exploit domains.
Many of these domains are already listed, those which are not will be added on the next update. Check the SANS list often and update your own blacklist often.
PS – because of the mention of this site traffic has increased dramatically. Please consider donating to help hosting and infrastructure costs.
http://isc.sans.org/diary.html?storyid=6733
A 0-day exploit within the msVidCtl component of Microsoft DirectShow is actively being exploited through drive-by attacks using thousands of newly compromised web sites, according to CSIS. The code has been published in the public domain via a number of Chinese web sites.
http://translate.google.com/translate?prev=hp&hl=en&js=n&u=http%3A%2F%2Fwww.csis.dk%2Fdk%2Fnyheder%2Fnyheder.asp%3FtekstID%3D799&sl=da&tl=en&history_state0=
Domains currently involved are: hxxp://milllk. com and hxxp://8oy4t .8866 .org but you can be sure there will be more.
Both of these domains are currently listed in our blocklist, (one added over the weekend), so refresh your blocklist ASAP!
Many waledac independence day domains, some zeus domains, and other badness. Sources include www.malwareurl.com, zeustracker.abuse.ch, www.siteadvisor.com:
1ffli .com .mx 1live-antimalware-pro-scan .com 51pt .com .cn 1liveantimalwarequickscnan .com 7777ee .com 4thfirework .com 7777tt .com 6-tube-world .com a3l .ru advanced-virus-remover2009 .com ajokauz .cn antimalwareaupdateserver .com ajyawif .cn antimalwaregiard .com akajjcthr .com antivir2009pro .com akoede .cn antivirapro .com akoetly .cn antivirfile .com apefovy .cn antivirsystempro .com arachka .com antivir-systempro .com ateugic .cn antiviruslicensepurchase .com ateygi .cn antivirus-nt .com atiawy .cn antivirussyspro2009 .com atiguko .cn antivirwin2009 .com ativoma .cn avirguardian .com atoceuk .cn avirprotect .com atofaf .cn awareprotect .com atyorzi .cn benini .xpg .com .br avayhik .cn best-antivirus-pc .info avemyk .cn dreamheartsnow .cn aveyco .cn enginecoolant .cn aveylpa .cn filescan4 .info aviopuh .cn fireholiday .com avoapyt .cn fireworksholiday .com awyeg .com fireworksnetwork .com b5r .ru fireworkspoint .com b7p .ru flywell-travel .com b9g .at freeindependence .com bayscan4 .info full-antispyware-scanner .com bbvvbb .cn green-tube-site .com best-av .info guard-gate .info bgiyjcthr .com guardincorp .info biumer .com handyphoneworld .com bonusdream .cn happyindependence .com boxingclubs .cn holidayfirework .com bricezfunz .com holidaysfirework .com c1z .at holifireworks .com c5e .at hot-exe-area .net c5p .at hotxxxtubz .com c5p .ru i-antivirusplus .com c5y .at imgesinstudioonline .com cheappower .ru interactiveindependence .com dfdfg443 .cn jukeboxjunkie .at entrank .com let-exe-2009 .com fobrim .cn luxartpics .net fomazej .cn miosmschat .com fombual .cn miosmsworld .com gasdry .ru morescan4 .info gemells .com movie4thjuly .com gg .jjmmmmm .cn moviefireworks .com gogotraff .cn movieindependence .com gvod-down .cn movies4thjuly .com gzpf .in moviesfireworks .com hexhome .com moviesindependence .com hfs-haus .de music-megaupload .com hh88567 .cn mynameisboxxy .com hohoh .biz mywhitecoat .com ina6iq .com netgalleryart .com keeperbook .cn outdoorindependence .com lentopl .info privatesecuredpayments .com mavr-best .com pro-secure .info medisont .com protectinstructor .info megapain .info protectionlol .info metroking .ws queilesaventura .com milllk .com safeandsearch .info mixlotsite .cn scan4high .info mvt .c4 .fr scan6zoom .info no-virus .info scan-spyware-now .com pixphotos .com scanzoom6 .info pokjuyt .ru secure .paysecureorders .com qvod881 .cn secure-gov .com rain-man .cn securerealy .com ro-skill .com securitybestonline .com rtcb .org sesese .y145c .cn smophi .com shootersworld .cn suntravet .cn superhandycap .com sxicl .co .uk systemprotectinc .info tcsrz .com thehandygal .com tec .qc .cx therealsecurityshields .com tong-ji .com thesecuritynsyard .com tongji520 .com totalsecuritysite .com trfdb .net trustshield .info udta .in video4thjuly .com uhaulde .cn videoindependence .com ukropin .com vivalatube .com vpsvip .com wirtschaft-frieden .ch welivehere .cn workscan4 .info wthelp .cn www-facebook .net xs8g .com xmoviedownloads .cn yusitymp .com yourhandyhome .com
Read this page if you want to report a false positive.
Domains.txt file is the complete list along with original reference. New: Justdomains contains list of only the domain names. Updates are located at http://www.malwaredomains.com/updates. The full files are located at: http://www.malwaredomains.com/files BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.
Also Available in AdBlock, ISA, and MaraDNS formats. Now a trusted source on the WOT-the Web of Trust! Used by SURBL, MOREnet, and others…
Over 230 bad domains. Sources include www.malwaredomainlist.com, www.malwareurl.com, zeustracker.abuse.ch:
| 3bor .ru | 840384tony .mobi |
| 8070371 .com | abnc-portal .com |
| a5l .at | acmecorp .net .cn |
| abuze .cn | adult-you-tube .info |
| acajelu .cn | agro-files-archive .com |
| actupdate .net | all-in-exe .com |
| ajal .ru | allsecurityshields .com |
| aligovs .cn | alls-tube-here .com |
| atxh .in | alwebsearch .info |
| axtos .net | analrapesite .com |
| bablomet .net | anella2009 .dominiotemporario .com |
| bbwgroup .cn | animalsextoy .com |
| bestplace .in | anti-malware-2010 .com |
| bjbotnet .cn | archi-tube-world .com |
| blade2009 .ru | archiv-tube-world .com |
| bn2z .cn | arkbroadcasters .org |
| boroda888 .cn | artmarket .or .kr |
| botnetuk .cn | autodirection .cn |
| bum-biz .com | baessler-befestigungssysteme .de |
| buminch .org | bigmack .opendns .be:81 |
| chartse .cn | bouncenplay .ca |
| chiliwilli .cn | brooksxvideos .com |
| cleanmyos .com | businesproject4you .org |
| coolbelts .cn | carlo20 .dyndns .org |
| coolgifs .cn | cashpopup .info |
| crawlnet .cn | christmasclub .cn |
| ctuf .info | cokoladovefigurky .sk |
| d4rkst4r .cn | coolcrosses .cn |
| dailynylon .cn | coolpapabell .cn |
| darkslim .cn | coolwordart .cn |
| detcentral .cn | crabindustry .ru |
| doggody .com | delaizoloto .cn |
| domenzmonz .cn | dma-businessclt .com |
| eminemlive .cn | drugly-cats .net |
| etm-p .cn | dunkinsworld .cn |
| fackaaa .com | easycash2all .com |
| factoria .ru | ecseonline .com |
| filomo .com | efreeflow .com |
| finksayq .ru | fdheropytrqazepisak .com |
| fireee .com | filedeepsea .com |
| forserv .net | firstplumb .info |
| foxholter .ru | foundguide .com |
| funaman .com | freeguard .biz |
| fynimytu .cn | fristcenter .cn |
| gasa .in | goironscan .com |
| geda .it | google-analitics .cn |
| ggmt .in | googlenames .cn |
| go5reborn .cn | greatfound .net |
| goldtraf .su | happyabc .ru .ru |
| greatpoets .cn | harleyhousedomain .cn |
| greattoast .cn | hepofishycs .info |
| grozv .cn | howareubro .com |
| hostingmd .cn | indidrugs .com |
| hub-z .net | irunasa .no-ip .info |
| hxzv .in | istitutomicoterapico .it |
| hzcpwl .cn | javiercubel .com |
| igorhhasy .ru | kedex02 .hpg .ig .com .br |
| ina4ch .com | lastfmmusic .cn |
| iuyf .at | linus1630 .dominiotemporario .com |
| jopi .mobi | londondirect252z .ru |
| kat15 .com | loots-leg .com |
| kik .mine .nu | malwareprofessional .com |
| klikvp .cn | maujidoon .com |
| krasotka .ph | medianet08 .net |
| labormi .com | mercadoabc .com .br |
| lil9 .cn | mini-socks .ru |
| liventsov .ru | mougoalivee .com |
| lyuboy .cn | msncoreupdate .com |
| mabira .ws | mycomputerscanner .com |
| makefred .cn | mydb4umuser .org |
| mbd2 .org | myofficeguard .info |
| miafery .org | newagehosting .cn |
| midigratis .cn | nicevideo18 .ne |
| mobpvl .cn | nirmjika31 .name |
| mypage12 .com | nupoprobuyloknia .com .cn |
| myteqw .com | oneplace-all-exe .com |
| nanomx .net | onlinefilesviruscheck .com |
| nehyzimo .cn | pics .bubbled .cn |
| newskyag .com | pop-market .name |
| olikar .ru | robingood .beeglover .cn |
| opbise .cn | royrose1939 .ph |
| orzsystem .me | rustavi2 .hastyfree .com |
| outerinfo .com | safetyutilitys .com |
| pe2pe .net | searchearth .info |
| posofler .com | security-access-control .cn |
| pro100biz .cn | serverinlit .cn |
| prorom .cn | sheep-crc .com |
| pwerwerwe .ru | smsdiarybig .cn |
| r0t .su | szederjei .com |
| rbckc .com | tdngroupsltd .com |
| rklr .in | technoopmizer .cn |
| roasocks .com | thanksforscan .com |
| samorez .cn | thecamsnow .net |
| sdelaem .cn | thesecuritytools .com |
| seistic .org | thewarningcenter .com |
| sex4fun .su | threatpcscanner .com |
| skystels .com | tiho .polomaem .cn |
| sofiloren .cn | tmr-unlimited .com |
| sohalar .cn | touquetventes .com |
| sploday .com | truemtstick .cn |
| stkgroop .cn | twittercut .com |
| super .tom .ru | ultracreative-solutions .biz |
| svertok .com | vbssssffff .ru |
| theiwbl .ru | vse-buddet-zae .biz |
| ttiirk5 .com | wareshield .cn |
| vaav .sk | websystemsec .info |
| vertusale .cn | welcomeone .cn |
| vexokope .cn | xpressforummoney .org |
| x9s7b .cn | xxx-video-tube .org |
| xazlon .cn | xyseinobama .org |
| zbot .su | yandexcounter .ru |
| zdbbd .cn | yourtubeworld .com |
| zonephp .com | zeus-logs .org |
| z-paiment .ru | zeuspanel .name |
| zsyr .in | zz7 .no-ip .info |
Read this page if you want to report a false positive.
Domains.txt file is the complete list along with original reference. New: Justdomains contains list of only the domain names. Updates are located at http://www.malwaredomains.com/updates. The full files are located at: http://www.malwaredomains.com/files BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.
Also Available in AdBlock, ISA, and MaraDNS formats. Now a trusted source on the WOT-the Web of Trust! Used by SURBL, MOREnet, and others…