Resolved betabot.zapto.org to 106.187.88.52 Server: betabot.zapto.org Gate file: /beta/order.php Alternate domains: 7obby.com betabu.zapto.org Hosting infos: http://whois.domaintools.com/106.187.88.52
steroids-buy-anabolic.com (Betabot http botnet hosted by balticservers.com)
Resolved steroids-buy-anabolic.com to 5.199.167.132 Server: steroids-buy-anabolic.com Gate file: order.php There don’t appear to be any alternate domains for this bot. The domain previously hosted panels for ddos bots. Hosting infos: http://whois.domaintools.com/5.199.167.132
rocksolidswag.no-ip.org (Betabot http botnet hosted by ecatel.net)
Resolved rocksolidswag.no-ip.org to 89.248.160.146 Server: rocksolidswag.no-ip.org Gate file: /swag/order.php Alternate domains: swazers.com pirateleaks.us lilseizurespizza.com trytoperceive.me The owner is mining some bitcoins: http://askaa_worker:penis@us3.eclipsemc.com:8337 Hosting infos: http://whois.domaintools.com/89.248.160.146
infuego.ru (Betabot http botnet hosted by altushost.com)
Resolved infuego.ru to 37.46.127.164 Server: infuego.ru Gate file: /forums/order.php Alternate domains: virtualdreams.ruwinyl.wsoffshored.suwinyle.su Hosting info: http://whois.domaintools.com/37.46.127.164
turnaroundhot.info (Betabot http botnet hosted by dataclub.biz)
Resolved turnaroundhot.info to 46.183.217.111 Server: turnaroundhot.info Gate file: /hot/order.php Alternate domains: fivestarintack.ws/live/order.php, tstartedtoearly.info/hot/order.php The owner seems to be using it to direct views towards www.twitch.tv/bowserdubs, where an Estonian-American is currently streaming Runescape. Hosting infos: http://whois.domaintools.com/46.183.217.111
strike-file-hosting.us (Betabot http botnet hosted by santrex.net)
Resolved strike-file-hosting.us to 46.166.184.109 Server: strike-file-hosting.us Gate file: /b/order.php Backup domain: gethostingfast.info Based on the domain, I’d say that this is digitals. Hosting infos: http://whois.domaintools.com/46.166.184.109
highroller.pxnet.to (Betabot http botnet hosted by server4.pro)
Resolved highroller.pxnet.to to 176.31.53.143 Domain: highroller.pxnet.to Port: 666 Gate file: /sbn-admin/order.php Yes, the moron is hosting his http server on the very spooky port 666 rather than the usual port 80. Backup domains: sbn.pxnet.to cpstw.santros.ws ccc.santros.ws vg.allrounders.cc zp.swissfaking.biz Now he use diferent ip : highroller.pxnet.to 176.31.53.143 http://176.31.53.143/sbn-admin/order.php (highroller.pxnet.to) Remote server: highroller.pxnet.to TCP port 666Read more...
assler.hfgfr56745fg.com (Betabot http botnet hosted by ecatel.net)
Resolved assler.hfgfr56745fg.com to 80.82.66.205 Server: assler.hfgfr56745fg.com Gate file: /cakes/sale.php The bot has been updated, so it no longer crashes skype. However it still seems to have some issues with it. Sample Hosting infos: http://whois.domaintools.com/80.82.66.205
hfgfr56745fg.com (Betabot http botnet hosted by ecatel.net)
Resolved hfgfr56745fg.com to 80.82.66.204 Server: hfgfr56745fg.com Gate file: /rem/order.php Brian Krebs on the login page It still crashes skype. Sample here A previous version of the bot was posted here. Hosting infos: http://whois.domaintools.com/80.82.66.204
webhostingprotection.info (Betabot http botnet hosted by Santrex.net)
Resolved webhostingprotection.info to 46.166.163.131 Server: webhostingprotection.info Gate file: /icool/order.php This was from the closed beta of the betabot http bot. The server files have been taken down now so not much point visiting the site. There wasn’t much to see except evidence of the coder’s man crush on the steely gaze of Brian Krebs. ForRead more...