highroller.pxnet.to (Betabot http botnet hosted by server4.pro)

By I_Post_Ur_Info, March 14, 2013

Resolved highroller.pxnet.to to 176.31.53.143

Domain: highroller.pxnet.to
Port: 666
Gate file: /sbn-admin/order.php

Yes, the moron is hosting his http server on the very spooky port 666 rather than the usual port 80.

Backup domains:
sbn.pxnet.to
cpstw.santros.ws
ccc.santros.ws
vg.allrounders.cc
zp.swissfaking.biz

Now he use diferent ip :
highroller.pxnet.to 176.31.53.143
http://176.31.53.143/sbn-admin/order.php (highroller.pxnet.to)
Remote server: highroller.pxnet.to TCP port 666

betabot sample here:hxxp://176.31.53.137/updt/nfs.exe

This domain previously hosted a insomnia botnet.

Hosting infos: http://whois.domaintools.com/176.31.53.143

Categories: Uncategorized

Tags: beta bot

Previous postgooglesafebrowsing-counter.org (Citadel banking malware hosted by Fastflux botnet)

Next postSydnexoyex.us(Pony hosted in Germany Gunzenhausen Tt International D.o.o.)

1 Comment

Pernat1y - March 15, 2013 at 10:29 am

/sbn-admin/login.php

sinsec.net (Betabot http botnet hosted by alibabahost.com)

api.wifi-update.biz (Betabot http botnet hosted by oneandone.net)

frizzcams.com (Betabot http botnet hosted by Balticservers.com)

1 Comment

Pernat1y - March 15, 2013 at 10:29 am

Comments are closed