Broadband Tech > Security > Scam and Phishbusters > Rock phish information - continued

reply to nwrickert

Rock phish report Sep 27, 2007

18176 dns_temp_fail     securelogin-45815113.moneymanagergps.com.nty90.com
18184 NXDOMAIN          moneymanagergps-id211428562.citizensbank.com.gleli4.gz.cn
18185 dns_temp_fail     securelogin-66183765.moneymanagergps.com.ssd12.com
18187 dns_temp_fail     securelogin-45492118.moneymanagergps.com.ssd12.com
18189 211.60.129.140    moneymanagergps-id3400118.citizensbank.com.va2rian.gx.cn
18190 211.60.129.140    moneymanagergps-id02597512.citizensbank.com.member46.cn
18191 24.90.125.171(10) securelogin-00178065.moneymanagergps.com.jbl93.com
18192 24.90.125.171(10) securelogin-82747770.moneymanagergps.com.wsb34.com
18193 18.62.31.57(10)   securelogin-66399291.moneymanagergps.com.jbl93.com
18194 18.62.31.57(10)   securelogin-30087204.moneymanagergps.com.sks47.com
18199 18.62.31.57(10)   securelogin-50616171.moneymanagergps.com.tnt67.com
18200 18.62.31.57(10)   securelogin-95201136.moneymanagergps.com.htn39.com
18201 18.62.31.57(10)   securelogin-62342935.moneymanagergps.com.htn39.com
18226 NXDOMAIN          onlinesession-7121794900.natwest.com.member48.cn
18227 66.30.113.109(10) securelogin-66957377.moneymanagergps.com.skm64.com
18231 24.199.79.21(10)  securelogin-24515210.moneymanagergps.com.sks47.com
18232 24.199.79.21(10)  securelogin-15587859.moneymanagergps.com.prs86.com
18233 24.199.79.21(10)  securelogin-19498525.moneymanagergps.com.gts72.com
18234 159.226.7.162     moneymanagergps-id3141162287.citizensbank.com.advanced4.cn
18235 NXDOMAIN          moneymanagergps-id4209732.citizensbank.com.beloe.xz.cn
18250 211.60.129.140    service.bankofamerica.com.token2026.hahwkd.gs.cn
 

advanced4.cn    unknown                 9/26/2007? (cancelled)
beloe.xz.cn     www.cnnic.net.cn        9/21/2007
gleli4.gz.cn    www.cnnic.net.cn        9/21/2007 (suspended)
gts72.com       REGISTER.COM            9/26/2007
hahwkd.gs.cn    www.cnnic.net.cn        9/27/2007
htn39.com       REGISTER.COM            9/26/2007
jbl93.com       REGISTER.COM            9/26/2007
member46.cn     www.cnnic.net.cn        9/05/2007
member48.cn     www.cnnic.net.cn        9/05/2007
nty90.com       REGISTER.COM            9/26/2007
prs86.com       REGISTER.COM            9/26/2007
skm64.com       REGISTER.COM            9/26/2007
sks47.com       REGISTER.COM            9/26/2007
ssd12.com       REGISTER.COM            9/26/2007
tnt67.com       REGISTER.COM            9/26/2007
va2rian.gx.cn   www.cnnic.net.cn        9/21/2007
wsb34.com       REGISTER.COM            9/26/2007

abc-tgc.com     REGISTER.COM            9/11/2007
bar-bar-com.com BIZCN.COM               9/18/2007 (suspended)
polo456.com     TODAYNIC.COM            9/17/2007
realtextonline.com INFO AVENUE          9/12/2007

Rock phish report Sep 28, 2007

18267 200.77.213.15     moneymanagergps-id9973651507.citizensbank.com.kidfgk.gz.cn
18268 62.87.167.73(10)  securelogin-24911269.moneymanagergps.com.meg48.com
18270 62.87.167.73(10)  securelogin-76353314.moneymanagergps.com.gms96.com
18275 74.69.237.72(10)  securelogin-61541844.moneymanagergps.com.kms59.com
18276 200.77.213.15     moneymanagergps-id942504656.citizensbank.com.xlopoe5.cn
18277 200.77.213.15     moneymanagergps-id22102339.citizensbank.com.fkkiwe.xz.cn
18278 74.69.237.72(10)  securelogin-23784056.moneymanagergps.com.sks47.com
18279 74.69.237.72(10)  securelogin-37333832.moneymanagergps.com.sks47.com
18280 74.69.237.72(10)  securelogin-22494928.moneymanagergps.com.skm64.com
18281 74.69.237.72(10)  securelogin-92187665.moneymanagergps.com.dmk49.com
18282 200.77.213.15     service.bankofamerica.com.unitid99672038.poernu3.hi.cn
18295 200.77.213.15     www.rbsdigital.com.cid1808346.porenu3.hi.cn
18299 200.77.213.15     moneymanagergps-id94358536.citizensbank.com.ognigor1.cn
18300 12.201.89.143(10) securelogin-92285959.moneymanagergps.com.fag54.com
 

dmk49.com       REGISTER.COM            9/26/2007
fag54.com       REGISTER.COM            9/26/2007
fkkiwe.xz.cn    www.cnnic.net.cn        9/25/2007
gms96.com       REGISTER.COM            9/26/2007
kidfgk.gz.cn    www.cnnic.net.cn        9/27/2007
kms59.com       REGISTER.COM            9/26/2007
meg48.com       REGISTER.COM            9/26/2007
ognigor1.cn     www.cnnic.net.cn        9/27/2007
poernu3.hi.cn   www.cnnic.net.cn        9/05/2007
porenu3.hi.cn   www.cnnic.net.cn        9/05/2007
skm64.com       REGISTER.COM            9/26/2007
sks47.com       REGISTER.COM            9/26/2007
xlopoe5.cn      www.cnnic.net.cn        9/27/2007

abc-tgc.com     REGISTER.COM            9/11/2007
lo1-prt.com     BIZCN.COM               9/05/2007 (suspended)
realtextonline.com INFO AVENUE          9/12/2007
vilopr.cn       www.cnnic.net.cn        8/16/2007

Rock phish report Sep 29, 2007

18314 62.141.76.247(10) securelogin-28882163.moneymanagergps.com.fag54.com
18316 219.253.140.172   moneymanagergps-id17261436.citizensbank.com.cykiony.yn.cn
18317 62.141.76.247(10) securelogin-13240548.moneymanagergps.com.prs86.com
18327 219.253.140.172   moneymanagergps-id7334720249.citizensbank.com.gkkkd.gs.cn
18337 12.215.205.230(10) securelogin-47162069.moneymanagergps.com.glw93.com
18338 219.253.140.172   moneymanagergps-id315411.citizensbank.com.fkkiwe.gz.cn
18339 219.253.140.172   moneymanagergps-id277540973.citizensbank.com.fg45ll3.gz.cn
18344 24.199.79.21(10)  securelogin-88228842.moneymanagergps.com.tnt67.com
18345 24.199.79.21(10)  securelogin-24234738.moneymanagergps.com.gts72.com
18346 24.199.79.21(10)  securelogin-77570268.moneymanagergps.com.skm64.com
 

cykiony.yn.cn   www.cnnic.net.cn        9/28/2007
fag54.com       REGISTER.COM            9/26/2007
fg45ll3.gz.cn   www.cnnic.net.cn        9/25/2007
fkkiwe.gz.cn    www.cnnic.net.cn        9/25/2007
gkkkd.gs.cn     www.cnnic.net.cn        9/27/2007
glw93.com       REGISTER.COM            9/26/2007
gts72.com       REGISTER.COM            9/26/2007
prs86.com       REGISTER.COM            9/26/2007
skm64.com       REGISTER.COM            9/26/2007
tnt67.com       REGISTER.COM            9/26/2007

abc-tgc.com     REGISTER.COM            9/11/2007
bar-bar-com.com BIZCN.COM               9/18/2007 (suspended)
lo1-prt.com     BIZCN.COM               9/05/2007 (suspended)
realtextonline.com INFO AVENUE          9/12/2007
vilopr.cn       www.cnnic.net.cn        8/16/2007

Rock phish report Sep 30, 2007

18362 219.253.140.172   moneymanagergps-id1962368525.citizensbank.com.dfklkkd.gz.cn
18364 219.253.140.172   moneymanagergps-id1770040259.citizensbank.com.dfklkkd.gz.cn
18365 219.253.140.172   moneymanagergps-id539428.citizensbank.com.kidfgk.gz.cn
18366 219.253.140.172   moneymanagergps-id273247250.citizensbank.com.etkkdr.zj.cn
18369 219.253.140.172   moneymanagergps-id63921.citizensbank.com.dfgkke.gs.cn
18383 219.253.140.172   moneymanagergps-id1076920.citizensbank.com.glooer4.gz.cn
18384 219.253.140.172   moneymanagergps-id0216402349.citizensbank.com.glooer4.gz.cn
18385 219.253.140.172   moneymanagergps-id9388169782.citizensbank.com.ajjfhef.yn.cn
18386 219.253.140.172   moneymanagergps-id48164689.citizensbank.com.ajjfhef.yn.cn
18387 219.253.140.172   moneymanagergps-id67977470.citizensbank.com.cykiony.yn.cn
18388 219.253.140.172   moneymanagergps-id4624262.citizensbank.com.ajjfhef.yn.cn
18391 219.253.140.172   moneymanagergps-id0064212.citizensbank.com.cykiony.yn.cn
18392 219.253.140.172   moneymanagergps-id627766986.citizensbank.com.ajjfhef.yn.cn
18393 219.253.140.172   moneymanagergps-id6815992.citizensbank.com.cykiony.yn.cn
18394 219.253.140.172   moneymanagergps-id44923.citizensbank.com.ajjfhef.yn.cn
18395 219.253.140.172   moneymanagergps-id647311.citizensbank.com.ajjfhef.yn.cn
18399 219.253.140.172   moneymanagergps-id70417.citizensbank.com.glooer4.gz.cn
 

ajjfhef.yn.cn   www.cnnic.net.cn        9/28/2007
cykiony.yn.cn   www.cnnic.net.cn        9/28/2007
dfgkke.gs.cn    www.cnnic.net.cn        9/27/2007
dfklkkd.gz.cn   www.cnnic.net.cn        9/27/2007 (suspended)
etkkdr.zj.cn    www.cnnic.net.cn        9/27/2007
glooer4.gz.cn   www.cnnic.net.cn        9/25/2007
kidfgk.gz.cn    www.cnnic.net.cn        9/27/2007

bar-bar-com.com BIZCN.COM               9/18/2007 (suspended)
lo1-prt.com     BIZCN.COM               9/05/2007 (suspended)
vilopr.cn       www.cnnic.net.cn        8/16/2007

Rock phish report Oct 01, 2007

18402 58.251.87.236(10) securelogin-38988320.moneymanagergps.com.skm64.com
18418 219.253.140.172   moneymanagergps-id72348.citizensbank.com.mostreal23.cn
18419 62.141.76.247(10) securelogin-62184394.moneymanagergps.com.baz74.com
18420 219.253.140.172   moneymanagergps-id6219024024.citizensbank.com.ajjfhef.yn.cn
18421 62.141.76.247(10) securelogin-11601605.moneymanagergps.com.btm32.com
18424 62.101.170.125(10) securelogin-17525227.moneymanagergps.com.kpp18.com
18425 62.101.170.125(10) securelogin-37997282.moneymanagergps.com.klm46.com
18435 80.133.238.126(10) securelogin-51763809.moneymanagergps.com.jps81.com
18436 dns_temp_fail     securelogin-50192216.moneymanagergps.com.mpr75.com
18440 76.204.245.211(10) securelogin-32419768.moneymanagergps.com.nil46.com
18442 dns_temp_fail     securelogin-91667224.moneymanagergps.com.gip73.com
18443 67.166.213.41(10) securelogin-68511216.moneymanagergps.com.nil46.com
18444 67.166.213.41(10) securelogin-75342894.moneymanagergps.com.klm46.com
18445 67.166.213.41(10) securelogin-31625887.moneymanagergps.com.fij59.com
18447 219.253.140.172   moneymanagergps-id344002424.citizensbank.com.gkkj45.xz.cn
18448 67.166.213.41(10) securelogin-59135935.moneymanagergps.com.bds39.com
18449 219.253.140.172   moneymanagergps-id05603895.citizensbank.com.mmbmb.zj.cn
18450 219.253.140.172   moneymanagergps-id67008.citizensbank.com.pipec0.yn.cn
18452 67.166.213.41(10) securelogin-09100930.moneymanagergps.com.kpp18.com
 

ajjfhef.yn.cn   www.cnnic.net.cn        9/28/2007
baz74.com       REGISTER.COM            9/30/2007
bds39.com       REGISTER.COM            9/30/2007
btm32.com       REGISTER.COM            9/30/2007
fij59.com       REGISTER.COM            9/30/2007
gip73.com       REGISTER.COM            9/30/2007
gkkj45.xz.cn    www.cnnic.net.cn        10/01/2007
jps81.com       REGISTER.COM            9/30/2007
klm46.com       REGISTER.COM            9/30/2007
kpp18.com       REGISTER.COM            9/30/2007
mmbmb.zj.cn     www.cnnic.net.cn        10/02/2007
mostreal23.cn   www.cnnic.net.cn        10/01/2007
mpr75.com       REGISTER.COM            9/30/2007
nil46.com       REGISTER.COM            9/30/2007
pipec0.yn.cn    www.cnnic.net.cn        10/01/2007
skm64.com       REGISTER.COM            9/26/2007

bar-bar-com.com BIZCN.COM               9/18/2007 (suspended)
dsluptimes.com  INFO AVENUE             8/30/2007
hardensite.com  INFO AVENUE             7/19/2007
polo456.com     TODAYNIC.COM            9/17/2007
realtextonline.com INFO AVENUE          9/12/2007

Rock phish report Oct 02, 2007

18461 219.253.140.172   cman_id-69739257.bbt.com.jguuer.yn.cn
18463 219.253.140.172   moneymanagergps-id654573.citizensbank.com.mmbmb.zj.cn
18464 78.51.66.25(10)   securelogin-68732121.moneymanagergps.com.vsa78.com
18470 78.51.66.25(10)   securelogin-99708833.moneymanagergps.com.bnt73.com
18471 78.51.66.25(10)   securelogin-55057559.moneymanagergps.com.knui1.com
18472 219.253.140.172   id-216568.citizensbankmoneymanagergps.com.metroid5.cn
18473 62.101.170.125(10) securelogin-30589421.moneymanagergps.com.btm32.com
18474 219.253.140.172   moneymanagergps-id7855243768.citizensbank.com.pip3ec.yn.cn
18477 62.101.170.125(10) securelogin-31071867.moneymanagergps.com.cmt38.com
18479 74.13.153.20(10)  securelogin-94191439.moneymanagergps.com.bnt73.com
18480 74.13.153.20(10)  securelogin-48506969.moneymanagergps.com.lsv13.com
18483 219.253.140.172   moneymanagergps-id9918637379.citizensbank.com.dlliptool.cn
18484 219.253.140.172   cman_id-33742.bbt.com.dkkwje3.hn
18485 24.57.85.74(10)   securelogin-98950041.moneymanagergps.com.dls84.com
18486 219.253.140.172   id-8686628.citizensbankmoneymanagergps.com.vnjjfrt.in
18487 219.253.140.172   cman_id-00725.bbt.com.opkrie.in
18488 219.253.140.172   cman_id-74883.bbt.com.miloe1r.gz.cn
18489 219.253.140.172   id-88102507.citizensbankmoneymanagergps.com.affer66.in
18490 219.253.140.172   cman_id-6053175.bbt.com.otyee.in
18491 219.253.140.172   id-078602284.citizensbankmoneymanagergps.com.otyee.in
18492 219.253.140.172   id-06978820.citizensbankmoneymanagergps.com.bk4ft.zj.cn
18493 219.253.140.172   id-9855881831.citizensbankmoneymanagergps.com.glooe.gx.cn
18514 58.140.87.64(10)  securelogin-95932870.moneymanagergps.com.int29.com
18516 58.140.87.64(10)  securelogin-40771980.moneymanagergps.com.vsa78.com
18526 58.141.31.27(10)  securelogin-16560433.moneymanagergps.com.pmt38.com
18528 58.141.31.27(10)  securelogin-83252810.moneymanagergps.com.tns76.com
18529 219.253.140.172   id-90421.citizensbankmoneymanagergps.com.kdiie.mn
18530 219.253.140.172   id-43142.citizensbankmoneymanagergps.com.uw11we.in
 

affer66.in      Good Luck Domains       10/02/2007
bk4ft.zj.cn     www.cnnic.net.cn        10/02/2007
bnt73.com       REGISTER.COM            10/01/2007 (cancelled)
btm32.com       REGISTER.COM            9/30/2007
cmt38.com       REGISTER.COM            10/01/2007
dkkwje3.hn      NamesBeyond             10/01/2007
dlliptool.cn    unknown                 10/01/2007? (cancelled)
dls84.com       REGISTER.COM            10/01/2007
glooe.gx.cn     www.cnnic.net.cn        10/02/2007
int29.com       REGISTER.COM            10/01/2007
jguuer.yn.cn    unknown                 9/30/2007? (cancelled)
kdiie.mn        unknown                 10/01/2007?
knui1.com       REGISTER.COM            10/01/2007
lsv13.com       REGISTER.COM            10/01/2007
metroid5.cn     unknown                 10/01/2007? (cancelled?)
miloe1r.gz.cn   www.cnnic.net.cn        10/02/2007
mmbmb.zj.cn     www.cnnic.net.cn        10/02/2007 (cancelled)
opkrie.in       Good Luck Domains       10/01/2007
otyee.in        Good Luck Domains       10/01/2007
pip3ec.yn.cn    unknown                 10/01/2007? (cancelled?)
pmt38.com       REGISTER.COM            10/01/2007
tns76.com       REGISTER.COM            10/01/2007
uw11we.in       Good Luck Domains       10/01/2007
vnjjfrt.in      Good Luck Domains       10/02/2007
vsa78.com       REGISTER.COM            9/30/2007

abc-tgc.com     REGISTER.COM            9/11/2007
bar-bar-com.com BIZCN.COM               9/18/2007 (cancelled)
dsluptimes.com  INFO AVENUE             8/30/2007
realtextonline.com INFO AVENUE          9/12/2007

Rock phish report Oct 03, 2007

18532 24.178.69.4(10)   securelogin-76124736.moneymanagergps.com.fgs45.com
18533 24.178.69.4(10)   securelogin-04220383.moneymanagergps.com.jdg82.com
18534 24.178.69.4(10)   securelogin-28002060.moneymanagergps.com.bnt73.com
18541 24.178.69.4(10)   securelogin-19273028.moneymanagergps.com.cmt38.com
18542 80.117.245.29(10) securelogin-34366712.moneymanagergps.com.int29.com
18543 80.117.245.29(10) securelogin-81004681.moneymanagergps.com.bnt73.com
18544 80.117.245.29(10) securelogin-22921553.moneymanagergps.com.fgs45.com
18547 200.77.213.15     id-22400444.citizensbankmoneymanagergps.com.miloe1r.gz.cn
18548 200.77.213.15     cman_id-1670764.bbt.com.miloe3r.gz.cn
18549 62.101.170.125(10) securelogin-19761060.moneymanagergps.com.dls84.com
18550 200.77.213.15     cman_id-81350.bbt.com.kdiie.mn
18551 200.77.213.15     id-263106.citizensbankmoneymanagergps.com.fkrrkk5.gx.cn
18552 200.77.213.15     cman_id-767101210.bbt.com.vnjjfrt.in
18553 200.77.213.15     cman_id-29366481.bbt.com.opkrie.in
18554 200.77.213.15     cman_id-7789828.bbt.com.affer66.in
18555 200.77.213.15     id-2105207.citizensbankmoneymanagergps.com.fkiieik4.gx.cn
18556 200.77.213.15     cman_id-315975673.bbt.com.fkkkeh.gx.cn
18557 200.77.213.15     cman_id-25727960.bbt.com.otyee.in
18558 200.77.213.15     id-51392.citizensbankmoneymanagergps.com.otyee.in
18559 200.77.213.15     id-2334329.citizensbankmoneymanagergps.com.fkkkeh.gx.cn
18560 200.77.213.15     id-598496.citizensbankmoneymanagergps.com.miloe4r.gz.cn
18566 62.101.170.125(10) securelogin-15572641.moneymanagergps.com.int29.com
18567 219.253.140.172   id-643357.citizensbankmoneymanagergps.com.dancre3.bz
18568 219.253.140.172   cman_id-7010576392.bbt.com.vnjjfrt.in
18573 id-04216.citizensbankmoneymanagergps.com.hhduuf.zj.cn
18574 24.7.36.14(10)    securelogin-48365412.moneymanagergps.com.spk87.com
18575 id-01810126.citizensbankmoneymanagergps.com.dancre3.bz
18577 id-280239.citizensbankmoneymanagergps.com.fe3fkj.xz.cn
18578 id-259958420.citizensbankmoneymanagergps.com.fkiifkkf.gx.cn
18579 24.7.36.14(10)    securelogin-70329355.moneymanagergps.com.spk87.com
 

affer66.in      Good Luck Domains       10/02/2007
bnt73.com       REGISTER.COM            10/01/2007 (cancelled)
cmt38.com       REGISTER.COM            10/01/2007
dancre3.bz      NamesBeyond             10/02/2007
dls84.com       REGISTER.COM            10/01/2007
fe3fkj.xz.cn    www.cnnic.net.cn        10/03/2007
fgs45.com       REGISTER.COM            10/01/2007
fkiieik4.gx.cn  www.cnnic.net.cn        10/02/2007
fkiifkkf.gx.cn  www.cnnic.net.cn        10/02/2007
fkkkeh.gx.cn    www.cnnic.net.cn        10/02/2007
fkrrkk5.gx.cn   www.cnnic.net.cn        10/02/2007
hhduuf.zj.cn    www.cnnic.net.cn        10/02/2007
int29.com       REGISTER.COM            10/01/2007
jdg82.com       REGISTER.COM            10/01/2007
kdiie.mn        unknown                 10/01/2007?
miloe1r.gz.cn   www.cnnic.net.cn        10/02/2007
miloe3r.gz.cn   www.cnnic.net.cn        10/03/2007
miloe4r.gz.cn   www.cnnic.net.cn        10/03/2007
opkrie.in       Good Luck Domains       10/01/2007
otyee.in        Good Luck Domains       10/01/2007
spk87.com       REGISTER.COM            10/02/2007
vnjjfrt.in      Good Luck Domains       10/02/2007

abc-tgc.com     REGISTER.COM            9/11/2007
bar-bar-com.com BIZCN.COM               9/18/2007 (cancelled)
dsluptimes.com  INFO AVENUE             8/30/2007
realtextonline.com INFO AVENUE          9/12/2007

Rock phish report Oct 04, 2007

18583 24.178.69.4(10)   securelogin-95645315.moneymanagergps.com.int29.com
18584 24.178.69.4(10)   securelogin-29224666.moneymanagergps.com.kjw29.com
18590 24.178.69.4(10)   securelogin-73356206.moneymanagergps.com.fcf18.com
18610 200.77.213.15     id-552054.citizensbankmoneymanagergps.com.xlpow2.yn.cn
18611 200.77.213.15     id-362114928.citizensbankmoneymanagergps.com.oili34.gz.cn
18612 24.10.178.50(10)  securelogin-06307899.moneymanagergps.com.bkn49.com
18613 200.77.213.15     id-99007496.citizensbankmoneymanagergps.com.mofer1.yn.cn
18614 200.77.213.15     id-45422.citizensbankmoneymanagergps.com.fkiieik4.gx.cn
18615 24.10.178.50(10)  securelogin-34103470.moneymanagergps.com.gkx23.com
18616 200.77.213.15     id-6387009.citizensbankmoneymanagergps.com.miloe5r.gz.cn
18617 200.77.213.15     id-212839875.citizensbankmoneymanagergps.com.fkiifkkf.gx.cn
18618 200.77.213.15     id-705257699.citizensbankmoneymanagergps.com.homer1.yn.cn
18620 24.10.178.50(10)  securelogin-00810800.moneymanagergps.com.kvr46.com
18621 74.13.153.20(10)  securelogin-78689821.moneymanagergps.com.bkl54.com
18623 74.13.153.20(10)  securelogin-44963337.moneymanagergps.com.bkl54.com
18624 24.178.69.4(10)   securelogin-53806092.moneymanagergps.com.bkn49.com
18625 24.224.187.118(10) securelogin-58106361.moneymanagergps.com.qrt73.com
18626 24.224.187.118(10) securelogin-22700335.moneymanagergps.com.fls87.com
18627 200.77.213.15     id-98132777.citizensbankmoneymanagergps.com.ring1.xz.cn
18628 200.77.213.15     id-04338.citizensbankmoneymanagergps.com.minf2.xz.cn
18629 24.224.187.118(10) securelogin-15824881.moneymanagergps.com.jms49.com
18631 24.7.36.14(10)    securelogin-64408862.moneymanagergps.com.npd84.com
18633 200.77.213.15     id-208342159.citizensbankmoneymanagergps.com.mondel.in
18634 200.77.213.15     id-137604108.citizensbankmoneymanagergps.com.mofer1.yn.cn
 

bkl54.com       REGISTER.COM            10/02/2007
bkn49.com       REGISTER.COM            10/02/2007
fcf18.com       REGISTER.COM            10/02/2007
fkiieik4.gx.cn  www.cnnic.net.cn        10/02/2007
fkiifkkf.gx.cn  www.cnnic.net.cn        10/02/2007
fls87.com       REGISTER.COM            10/02/2007
gkx23.com       REGISTER.COM            10/02/2007
homer1.yn.cn    www.cnnic.net.cn        10/04/2007
int29.com       REGISTER.COM            10/01/2007
jms49.com       REGISTER.COM            10/02/2007
kjw29.com       REGISTER.COM            10/01/2007
kvr46.com       REGISTER.COM            10/02/2007
miloe5r.gz.cn   www.cnnic.net.cn        10/03/2007
minf2.xz.cn     www.cnnic.net.cn        10/03/2007
mofer1.yn.cn    www.cnnic.net.cn        10/04/2007
mondel.in       Good Luck Domains       10/04/2007
npd84.com       REGISTER.COM            10/02/2007
oili34.gz.cn    www.cnnic.net.cn        10/03/2007
qrt73.com       REGISTER.COM            10/02/2007
ring1.xz.cn     www.cnnic.net.cn        10/03/2007
xlpow2.yn.cn    www.cnnic.net.cn        10/04/2007

abc-tgc.com     REGISTER.COM            9/11/2007
bar-bar-com.com BIZCN.COM               9/18/2007 (cancelled)
dsluptimes.com  INFO AVENUE             8/30/2007
hardensite.com  INFO AVENUE             7/19/2007
realtextonline.com INFO AVENUE          9/12/2007

Rock phish report Oct 05, 2007

18646 24.224.187.118(10) securelogin-51048669.moneymanagergps.com.fls87.com
18647 24.224.187.118(10) securelogin-05053156.moneymanagergps.com.bkn49.com
18657 200.77.213.15     id-149962.citizensbankmoneymanagergps.com.elrlote.hk
18660 200.77.213.15     id-57546.citizensbankmoneymanagergps.com.gkiier.hk
18661 200.77.213.15     id-89996.citizensbankmoneymanagergps.com.nookrtt.hk
18662 200.77.213.15     id-390091981.citizensbankmoneymanagergps.com.nafert.in
18663 200.77.213.15     hiring-id0646153048.monster.com.jack666.in
18664 200.77.213.15     id-3369041666.citizensbankmoneymanagergps.com.glooe.gx.cn
18665 200.77.213.15     id-190781260.citizensbankmoneymanagergps.com.miloe4r.gz.cn
18666 NXDOMAIN          id-5992386005.citizensbankmoneymanagergps.com.neruiw.hn
18667 NXDOMAIN          id-6555219.citizensbankmoneymanagergps.com.oio333.yn.cn
18668 200.77.213.15     id-429228838.citizensbankmoneymanagergps.com.letoer.hn
18669 NXDOMAIN          id-325307398.citizensbankmoneymanagergps.com.bnjdk2.gz.cn
 

bkn49.com       REGISTER.COM            10/02/2007
bnjdk2.gz.cn    unknown                 10/04/2007? (cancelled?)
elrlote.hk      HKDNR                   10/05/2007
fls87.com       REGISTER.COM            10/02/2007
gkiier.hk       HKDNR                   10/05/2007
glooe.gx.cn     www.cnnic.net.cn        10/02/2007
jack666.in      Good Luck Domains       10/04/2007
letoer.hn       NamesBeyond             10/05/2007
miloe4r.gz.cn   www.cnnic.net.cn        10/03/2007
nafert.in       unknown                 10/04/2007? (cancelled?)
neruiw.hn       NamesBeyond             10/05/2007
nookrtt.hk      HKDNR                   10/05/2007
oio333.yn.cn    unknown                 10/04/2007? (cancelled?)

bar-bar-com.com BIZCN.COM               9/18/2007 (cancelled)
hardensite.com  INFO AVENUE             7/19/2007
lo1-prt.com     BIZCN.COM               9/05/2007 (cancelled)
maritanna.com   ESTDOMAINS              8/14/2007 (suspended)

Rock phish report Oct 06, 2007

18685 200.77.213.15     id-976894.citizensbankmoneymanagergps.com.hekirty.net.nz
 

hekirty.net.nz  Aust Domains            10/06/2007

bar-bar-com.com BIZCN.COM               9/18/2007 (cancelled)

Rock phish report Oct 07, 2007

18713 200.77.213.15     id-3189516343.citizensbankmoneymanagergps.com.gfstepid.ch
18716 200.77.213.15     id-93285976.citizensbankmoneymanagergps.com.oitiert.hk
18717 200.77.213.15     hiring-id142055.monster.com.bk4ft.zj.cn
18718 200.77.213.15     id-964675171.citizensbankmoneymanagergps.com.ddmode.ch
18719 200.77.213.15     id-7754430833.citizensbankmoneymanagergps.com.miloe1r.gz.cn
18720 200.77.213.15     hiring-id409920490.monster.com.bk4ft.zj.cn
18721 200.77.213.15     id-2575465.citizensbankmoneymanagergps.com.nookrtt.hk
18722 200.77.213.15     hiring-id2409542.monster.com.fiueur.hk
18724 200.77.213.15     hiring-id087496.monster.com.miloe5r.gz.cn
18725 200.77.213.15     hiring-id09619399.monster.com.dofoer.hk
18726 200.77.213.15     id-2161655.citizensbankmoneymanagergps.com.fiueur.hk
18727 200.77.213.15     id-3218126126.citizensbankmoneymanagergps.com.elrlote.hk
18728 200.77.213.15     id-7007860427.citizensbankmoneymanagergps.com.kfiiwrf.hk
18729 200.77.213.15     hiring-id2101785.monster.com.lciokei.co.nz
18730 dns_temp_fail     hiring-id5055797.monster.com.joiirr.hk
18731 200.77.213.15     hiring-id79469.monster.com.feprre3.hk
18732 200.77.213.15     id-892066240.citizensbankmoneymanagergps.com.hekirty.org.nz
18733 200.77.213.15     id-8096691.citizensbankmoneymanagergps.com.timwer.hk
18734 200.77.213.15     id-6259831935.citizensbankmoneymanagergps.com.miloe3r.gz.cn
18735 200.77.213.15     id-93486117.citizensbankmoneymanagergps.com.looeort.hk
18736 200.77.213.15     id-764639.citizensbankmoneymanagergps.com.kfiiwrf.hk
18737 NXDOMAIN          id-395826.citizensbankmoneymanagergps.com.hekirty.net.nz
18738 200.77.213.15     id-222419883.citizensbankmoneymanagergps.com.nookrtt.hk
18739 200.77.213.15     id-300180.citizensbankmoneymanagergps.com.elriite.hk
18747 200.77.213.15     id-11533277.citizensbankmoneymanagergps.com.dottop1.pl
18748 200.77.213.15     id-48157.citizensbankmoneymanagergps.com.danfoe.bz
18749 200.77.213.15     hiring-id51546551.monster.com.lotofid.ch
18750 200.77.213.15     id-560667472.citizensbankmoneymanagergps.com.joiirr.hk
18751 200.77.213.15     id-191887.citizensbankmoneymanagergps.com.dottop1web.pl
18753 200.77.213.15     id-98831334.citizensbankmoneymanagergps.com.miloe5r.gz.cn
 

bk4ft.zj.cn     www.cnnic.net.cn        10/02/2007
danfoe.bz       NamesBeyond             10/05/2007
ddmode.ch       www.switch.ch           10/06/2007?
dofoer.hk       HKDNR                   10/06/2007
dottop1.pl      AZ.pl                   10/06/2007
dottop1web.pl   AZ.pl                   10/06/2007
elriite.hk      HKDNR                   10/05/2007
elrlote.hk      HKDNR                   10/05/2007
feprre3.hk      HKDNR                   10/06/2007
fiueur.hk       HKDNR                   10/06/2007
gfstepid.ch     www.switch.ch           10/06/2007?
hekirty.net.nz  Aust Domains            10/06/2007 (suspended?)
hekirty.org.nz  Aust Domains            10/06/2007 (suspended?)
joiirr.hk       HKDNR                   10/06/2007
kfiiwrf.hk      HKDNR                   10/05/2007
lciokei.co.nz   Aust Domains            10/06/2007 (suspended?)
looeort.hk      HKDNR                   10/05/2007
lotofid.ch      www.switch.ch           10/06/2007?
miloe1r.gz.cn   www.cnnic.net.cn        10/02/2007
miloe3r.gz.cn   www.cnnic.net.cn        10/03/2007
miloe5r.gz.cn   www.cnnic.net.cn        10/03/2007
nookrtt.hk      HKDNR                   10/05/2007
oitiert.hk      HKDNR                   10/05/2007
timwer.hk       HKDNR                   10/06/2007

bar-bar-com.com BIZCN.COM               9/18/2007 (cancelled)
lo1-prt.com     BIZCN.COM               9/05/2007 (cancelled)
maritanna.com   ESTDOMAINS              8/14/2007 (suspended)
polo456.com     TODAYNIC.COM            9/17/2007

Rock phish report Oct 08, 2007

18760 200.77.213.15     hiring-id97122.monster.com.lciokei.co.nz
18771 200.77.213.15     hiring-id86019.monster.com.dottop1web.pl
18772 200.77.213.15     hiring-id6598277.monster.com.gotouin.li
18773 200.77.213.15     id-98586641.citizensbankmoneymanagergps.com.wwwmode.cn
18774 200.77.213.15     id-48647869.citizensbankmoneymanagergps.com.juferw.hk
18775 200.77.213.15     hiring-id16765182.monster.com.kfiiwrf.hk
18776 200.77.213.15     id-362711.citizensbankmoneymanagergps.com.dofoer.hk
18777 200.77.213.15     hiring-id749632463.monster.com.elriite.hk
18778 200.77.213.15     hiring-id731384500.monster.com.dottop1web.pl
18779 200.77.213.15     hiring-id03947779.monster.com.gfstepid.li
18780 200.77.213.15     hiring-id438001715.monster.com.pontnet5.cn
18781 200.77.213.15     hiring-id653966971.monster.com.dofoer.hk
18782 200.77.213.15     hiring-id0860001122.monster.com.lotofid.li
18789 200.77.213.15     hiring-id4058357920.monster.com.jfuuer.hk
18790 200.77.213.15     id-56297648.citizensbankmoneymanagergps.com.roiier.hk
18791 200.77.213.15     id-472844412.citizensbankmoneymanagergps.com.toolnns.cn
18792 200.77.213.15     hiring-id6240540.monster.com.kfiiwrf.hk
18793 200.77.213.15     hiring-id331136.monster.com.soloip3.ch
 

dofoer.hk       HKDNR                   10/06/2007
dottop1web.pl   AZ.pl                   10/06/2007
elriite.hk      HKDNR                   10/05/2007
gfstepid.li     www.switch.ch           10/06/2007?
gotouin.li      www.switch.ch           10/06/2007?
jfuuer.hk       HKDNR                   10/08/2007
juferw.hk       HKDNR                   10/05/2007
kfiiwrf.hk      HKDNR                   10/05/2007 (suspended)
lciokei.co.nz   Aust Domains            10/06/2007 (suspended?)
lotofid.li      www.switch.ch           10/06/2007?
pontnet5.cn     www.cnnic.net.cn        10/06/2007
roiier.hk       HKDNR                   10/08/2007
soloip3.ch      www.switch.ch           10/06/2007? (cancelled)
toolnns.cn      www.cnnic.net.cn        10/06/2007
wwwmode.cn      www.cnnic.net.cn        10/06/2007

bar-bar-com.com BIZCN.COM               9/18/2007 (cancelled)
dottop1web.pl   AZ.pl                   10/06/2007
lo1-prt.com     BIZCN.COM               9/05/2007 (cancelled)
maritanna.com   ESTDOMAINS              8/14/2007 (suspended)
polo456.com     TODAYNIC.COM            9/17/2007

Rock phish report Oct 09, 2007

18808 200.77.213.15     id-0449314927.citizensbankmoneymanagergps.com.loploper.hk
18809 200.77.213.15     id-98510254.citizensbankmoneymanagergps.com.roiier.hk
18810 200.77.213.15     hiring-id962192.monster.com.kkkmode.cn
18811 200.77.213.15     hiring-id476093.monster.com.kveit4.co.nz
18812 200.77.213.15     hiring-id8458026.monster.com.dottop1.pl
18813 200.77.213.15     hiring-id59018330.monster.com.edottop1.pl
18814 200.77.213.15     id-61045424.citizensbankmoneymanagergps.com.pontnet5.cn
18815 NXDOMAIN          hiring-id195935.monster.com.soloip3.ch
18816 200.77.213.15     id-632915.citizensbankmoneymanagergps.com.edottop1.pl
18817 200.77.213.15     hiring-id4436085591.monster.com.jjmode.cn
18818 NXDOMAIN          hiring-id61236.monster.com.verpo3.hk
18825 219.253.140.172   id-02047.citizensbankmoneymanagergps.com.edottop1.pl
18826 219.253.140.172   hiring-id21827.monster.com.krii2k.hk
18830 24.7.36.14(10)    user09992843.hnbview.huntington.webcm.logon.abs48.com
 

abs48.com       REGISTER.COM            10/07/2007
dottop1.pl      AZ.pl                   10/06/2007
edottop1.pl     AZ.pl                   10/08/2007
jjmode.cn       www.cnnic.net.cn        10/06/2007
kkkmode.cn      www.cnnic.net.cn        10/06/2007
krii2k.hk       HKDNR                   10/08/2007 (suspended)
kveit4.co.nz    unknown                 10/07/2007? (cancelled?)
loploper.hk     HKDNR                   10/08/2007
pontnet5.cn     www.cnnic.net.cn        10/06/2007
roiier.hk       HKDNR                   10/08/2007 (suspended)
soloip3.ch      www.switch.ch           10/06/2007? (cancelled)
verpo3.hk       HKDNR                   10/06/2007 (suspended)

abc-tgc.com     REGISTER.COM            9/11/2007
bar-bar-com.com BIZCN.COM               9/18/2007 (cancelled)
dottop1web.pl   AZ.pl                   10/06/2007
lo1-prt.com     BIZCN.COM               9/05/2007 (cancelled)
polo456.com     TODAYNIC.COM            9/17/2007

Rock phish report Oct 10, 2007

18835 NXDOMAIN          www.citizensbankmoneymanagergps.com.cid88768.oirooe.hk
18853 221.0.188.8       www.citizensbankmoneymanagergps.com.site243644.brrlop15.hk
18856 63.245.155.222(10) user71031373.hnbview.huntington.webcm.logon.svb32.com
18858 63.245.155.222(10) securelogin-62783300.moneymanagergps.com.skr37.com
18865 221.0.188.8       id-704182746.citizensbankmoneymanagergps.com.gocti.hk
 

brrlop15.hk     HKDNR                   10/10/2007
gocti.hk        HKDNR                   10/09/2007
oirooe.hk       HKDNR                   10/08/2007 (suspended)
skr37.com       REGISTER.COM            10/02/2007
svb32.com       REGISTER.COM            10/02/2007

abc-tgc.com     REGISTER.COM            9/11/2007
bar-bar-com.com BIZCN.COM               9/18/2007 (cancelled)
realtextonline.com INFO AVENUE          9/12/2007

Rock phish report Oct 11, 2007

18883 dns_temp_fail     securelogin-16540200.moneymanagergps.com.sim38.com
18885 67.166.213.41(10) securelogin-34215094.moneymanagergps.com.pdv56.com
18900 63.245.155.222(10) securelogin-27270117.moneymanagergps.com.gbw78.com
18901 67.166.213.41(10) securelogin-16595808.moneymanagergps.com.bms43.com
18903 67.166.213.41(10) securelogin-37792731.moneymanagergps.com.bsc98.com
18909 61.223.163.17(10) securelogin-98252807.moneymanagergps.com.bsc98.com
 

bms43.com       REGISTER.COM            10/07/2007
bsc98.com       REGISTER.COM            10/07/2007
gbw78.com       REGISTER.COM            10/07/2007
pdv56.com       REGISTER.COM            10/07/2007
sim38.com       REGISTER.COM            10/02/2007

abc-tgc.com     REGISTER.COM            9/11/2007
realtextonline.com INFO AVENUE          9/12/2007

Rock phish report Oct 12, 2007

18914 63.245.155.222(10) securelogin-77367175.moneymanagergps.com.sis32.com
18921 70.234.210.156(10) securelogin-53676253.moneymanagergps.com.ars34.com
18923 24.226.197.117(10) securelogin-81841773.moneymanagergps.com.ars34.com
18924 221.12.43.189     rbsdigital-id003763000.rbs.co.uk.baccet3.hk
18925 209.62.20.175     securelogin-15094602.moneymanagergps.com.amn49.com
18926 dns_temp_fail     securelogin-40061945.moneymanagergps.com.rpb58.com
 

amn49.com       REGISTER.COM            10/02/2007
ars34.com       REGISTER.COM            10/07/2007
baccet3.hk      HKDNR                   10/11/2007
rpb58.com       REGISTER.COM            10/02/2007
sis32.com       REGISTER.COM            10/07/2007

abc-tgc.com     REGISTER.COM            9/11/2007
bar-bar-com.com BIZCN.COM               9/18/2007 (cancelled)
BNMQ.COM        RESELLERCLUB            8/03/2004 (in use by rockphish)
realtextonline.com INFO AVENUE          9/12/2007

Rock phish report Oct 15, 2007

18987 219.253.140.172   onlinesession-540651.natwest.com.g4iiirrr.xz.cn
19001 71.192.111.168(10) securelogin-25524476.moneymanagergps.com.mns42.com
19002 NXDOMAIN          hiring-id6964486.monster.com.naic3er.xz.cn
19003 NXDOMAIN          hiring-id1257307821.monster.com.chival1.xz.cn
19004 NXDOMAIN          hiring-id776462695.monster.com.chival4.xz.cn
19005 219.253.140.172   hiring-id69112192.monster.com.go1oliv.xz.cn
19006 219.253.140.172   hiring-id919143352.monster.com.deeper2.gx.cn
19007 68.55.185.103(10) securelogin-51674482.moneymanagergps.com.mns42.com
19015 24.7.36.14(10)    securelogin-09841061.moneymanagergps.com.jus83.com
19016 24.7.36.14(10)    securelogin-53896845.moneymanagergps.com.fks18.com
19017 219.253.140.172   www.citizensbankmoneymanagergps.com.site327.deeper3.gx.cn
 

chival1.xz.cn   unknown                 10/14/2007?
chival4.xz.cn   unknown                 10/14/2007?
deeper2.gx.cn   www.cnnic.net.cn        10/12/2007
deeper3.gx.cn   www.cnnic.net.cn        10/12/2007
fks18.com       REGISTER.COM            10/14/2007
g4iiirrr.xz.cn  www.cnnic.net.cn        10/12/2007
go1oliv.xz.cn   www.cnnic.net.cn        10/12/2007
jus83.com       REGISTER.COM            10/14/2007
mns42.com       REGISTER.COM            10/14/2007
naic3er.xz.cn   unknown                 10/14/2007?

abc-tgc.com     REGISTER.COM            9/11/2007
bar-bar-com.com BIZCN.COM               9/18/2007 (cancelled)

Rock phish report Oct 16, 2007

19039 dns_temp_fail     securelogin-57033285.moneymanagergps.com.bfg65.com
19040 dns_temp_fail     securelogin-60844338.moneymanagergps.com.bib49.com
19041 dns_temp_fail     securelogin-65581548.moneymanagergps.com.bib49.com
19043 dns_temp_fail     securelogin-14577949.moneymanagergps.com.tkb54.com
19048 dns_temp_fail     securelogin-45277814.moneymanagergps.com.bfg65.com
19050 NXDOMAIN          hiring-id5678057380.monster.com.tomder2.xz.cn
19051 dns_temp_fail     securelogin-06522666.moneymanagergps.com.bib49.com
19052 dns_temp_fail     securelogin-03273562.moneymanagergps.com.fks18.com
19060 79.212.197.135(10) e-access65383780.compassbank.com.ibscompass.cmserver.welcome.default.verify.cfm.xtr48.biz
19066 24.147.48.162(10) e-access59346371.compassbank.com.ibscompass.cmserver.welcome.default.verify.cfm.trf54.biz
19067 24.147.48.162(10) e-access07345258.compassbank.com.ibscompass.cmserver.welcome.default.verify.cfm.xtr48.biz
19070 24.147.48.162(10) e-access32667923.compassbank.com.ibscompass.cmserver.welcome.default.verify.cfm.ams76.us
19080 24.7.36.14(10)    e-access07448147.compassbank.com.ibscompass.cmserver.welcome.default.verify.cfm.bts48.info
19081 NXDOMAIN          hiring-id976865311.monster.com.a382415.xz.cn
19082 211.60.129.140    hiring-id48878524.monster.com.deeper3.gx.cn
 

a382415.xz.cn   www.cnnic.net.cn        10/11/2007
ams76.us        REGISTER.COM            10/15/2007
bfg65.com       REGISTER.COM            10/14/2007
bib49.com       REGISTER.COM            10/14/2007
bts48.info      REGISTER.COM            10/15/2007
deeper3.gx.cn   www.cnnic.net.cn        10/12/2007
fks18.com       REGISTER.COM            10/14/2007
tkb54.com       REGISTER.COM            10/14/2007
tomder2.xz.cn   unknown                 10/14/2007? (cancelled?)
trf54.biz       REGISTER.COM            10/15/2007
xtr48.biz       REGISTER.COM            10/15/2007

abc-tgc.com     REGISTER.COM            9/11/2007
bar-bar-com.com BIZCN.COM               9/18/2007 (cancelled)
dinovod.com     TODAYNIC.COM            10/16/2007

Rock phish report Oct 17, 2007

19083 24.7.36.14(10)    e-access54033417.compassbank.com.ibscompass.cmserver.welcome.default.verify.cfm.rtm64.info
19103 121.247.93.148    e-access49673960.compassbank.com.ibscompass.cmserver.welcome.default.verify.cfm.fgt79.biz
19104 64.131.251.173    e-access04312350.compassbank.com.ibscompass.cmserver.welcome.default.verify.cfm.ams76.us
19105 82.53.90.126      e-access49088767.compassbank.com.ibscompass.cmserver.welcome.default.verify.cfm.uip32.info
19106 64.131.251.173    e-access79477928.compassbank.com.ibscompass.cmserver.welcome.default.verify.cfm.mnr37.us
19110 211.60.129.140    hiring-id7146560180.monster.com.portland5.xz.cn
19116 67.166.209.253(10) wcma.businesscenter.bcprivate.asp68662234.wcmaloginea.aspx.tms72.info
19116 67.166.209.253(10) wcma.businesscenter.bcprivate.asp62124676.wcmaloginea.aspx.ind76.info
19116 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp02851988.wcmaloginea.aspx.fds32.net
19117 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp50876787.wcmaloginea.aspx.fds32.net
19117 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp40859746.wcmaloginea.aspx.knr57.biz
19117 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp18561442.wcmaloginea.aspx.mdq28.biz
19144 67.166.209.253(10) wcma.businesscenter.bcprivate.asp30395914.wcmaloginea.aspx.ucx43.us
19144 67.166.209.253(10) wcma.businesscenter.bcprivate.asp17048739.wcmaloginea.aspx.ucx43.us
19144 67.166.209.253(10) wcma.businesscenter.bcprivate.asp15474189.wcmaloginea.aspx.ucx43.us
19145 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp53567270.wcmaloginea.aspx.tms72.info
19145 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp69683557.wcmaloginea.aspx.ntr55.biz
19145 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp32809992.wcmaloginea.aspx.rfc92.info
19146 phish_is_down     wcma.businesscenter.bcprivate.asp53811061.wcmaloginea.aspx.rsf39.us
19146 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp95258794.wcmaloginea.aspx.gwy87.net
19146 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp81865619.wcmaloginea.aspx.knr57.biz
19147 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp77923633.wcmaloginea.aspx.ntr55.biz
19147 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp40485483.wcmaloginea.aspx.nbt68.us
19147 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp08549393.wcmaloginea.aspx.nbt68.us
19148 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp65897775.wcmaloginea.aspx.knr57.biz
19148 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp59158011.wcmaloginea.aspx.ind76.info
19148 58.39.68.70(10)   wcma.businesscenter.bcprivate.asp81110168.wcmaloginea.aspx.tms72.info
19149 85.105.182.6      hiring-id954472813.monster.com.noiptool.cn
19150 85.105.182.6      hiring-id19126492.monster.com.reer34.xz.cn
19151 85.105.182.6      hiring-id50042894.monster.com.girafa.hk
19152 85.105.182.6      hiring-id75393726.monster.com.111shtorm.cn
 

111shtorm.cn    www.cnnic.net.cn        10/11/2007
ams76.us        REGISTER.COM            10/15/2007
fds32.net       REGISTER.COM            10/16/2007 (suspended)
fgt79.biz       REGISTER.COM            10/15/2007
girafa.hk       HKDNR                   10/16/2007
gwy87.net       REGISTER.COM            10/16/2007 (suspended)
ind76.info      REGISTER.COM            10/16/2007 (suspended)
knr57.biz       REGISTER.COM            10/16/2007 (suspended)
mdq28.biz       REGISTER.COM            10/16/2007 (suspended)
mnr37.us        REGISTER.COM            10/15/2007
nbt68.us        REGISTER.COM            10/16/2007 (suspended)
noiptool.cn     www.cnnic.net.cn        10/11/2007
ntr55.biz       REGISTER.COM            10/16/2007 (suspended)
portland5.xz.cn unknown                 10/15/2007? (cancelled)
reer34.xz.cn    unknown                 10/15/2007? (cancelled)
rfc92.info      REGISTER.COM            10/16/2007 (suspended)
rsf39.us        REGISTER.COM            10/16/2007 (suspended)
rtm64.info      REGISTER.COM            10/15/2007
tms72.info      REGISTER.COM            10/16/2007 (suspended)
ucx43.us        REGISTER.COM            10/16/2007
uip32.info      REGISTER.COM            10/15/2007

2ndzero.com     INFO AVENUE             10/06/2007
abc-tgc.com     REGISTER.COM            9/11/2007
bar-bar-com.com BIZCN.COM               9/18/2007 (cancelled)
bestlightyear.com REGISTER.COM          10/11/2007
dinovod.com     TODAYNIC.COM            10/16/2007
polo456.com     TODAYNIC.COM            9/17/2007
realtextonline.com INFO AVENUE          9/12/2007

Rock phish report Oct 18, 2007

19156 68.85.133.53(10)  wcma.businesscenter.bcprivate.asp40496449.wcmaloginea.aspx.ucx43.us
19156 68.85.133.53(10)  wcma.businesscenter.bcprivate.asp90452945.wcmaloginea.aspx.ucx43.us
19156 68.85.133.53(10)  wcma.businesscenter.bcprivate.asp90860921.wcmaloginea.aspx.ucx43.us
19160 68.85.133.53(10)  wcma.businesscenter.bcprivate.asp19200766.wcmaloginea.aspx.ucx43.us
19160 68.85.133.53(10)  wcma.businesscenter.bcprivate.asp02133381.wcmaloginea.aspx.ucx43.us
19160 68.85.133.53(10)  wcma.businesscenter.bcprivate.asp86684504.wcmaloginea.aspx.ucx43.us
19164 68.85.133.53(10)  wcma.businesscenter.bcprivate.asp90444524.wcmaloginea.aspx.ojs73.com
19164 68.85.133.53(10)  wcma.businesscenter.bcprivate.asp71993139.wcmaloginea.aspx.ojs73.com
19164 68.85.133.53(10)  wcma.businesscenter.bcprivate.asp95310048.wcmaloginea.aspx.brd58.com
19165 68.85.133.53(10)  wcma.businesscenter.bcprivate.asp03417610.wcmaloginea.aspx.gnw49.com
19165 68.85.133.53(10)  wcma.businesscenter.bcprivate.asp47352096.wcmaloginea.aspx.dse43.com
19165 68.85.133.53(10)  wcma.businesscenter.bcprivate.asp82506613.wcmaloginea.aspx.gnw49.com
19168 24.7.36.14(10)    wcma.businesscenter.bcprivate.asp56057309.wcmaloginea.aspx.trc43.net
19168 24.7.36.14(10)    wcma.businesscenter.bcprivate.asp60357243.wcmaloginea.aspx.trc43.net
19168 24.7.36.14(10)    wcma.businesscenter.bcprivate.asp91918864.wcmaloginea.aspx.lkh21.net
19170 24.7.36.14(10)    wcma.businesscenter.bcprivate.asp47646814.wcmaloginea.aspx.dse43.com
19170 24.7.36.14(10)    wcma.businesscenter.bcprivate.asp06142062.wcmaloginea.aspx.dse43.com
19170 24.7.36.14(10)    wcma.businesscenter.bcprivate.asp25829160.wcmaloginea.aspx.dse43.com
19175 81.181.175.39(10) wcma.businesscenter.bcprivate.asp69447226.wcmaloginea.aspx.gvs86.net
19175 81.181.175.39(10) wcma.businesscenter.bcprivate.asp23998546.wcmaloginea.aspx.qsr93.net
19175 81.181.175.39(10) wcma.businesscenter.bcprivate.asp83028608.wcmaloginea.aspx.gvs86.net
19190 NXDOMAIN          wcma.businesscenter.bcprivate.asp97243412.wcmaloginea.aspx.ucx43.us
19190 NXDOMAIN          wcma.businesscenter.bcprivate.asp84197879.wcmaloginea.aspx.ucx43.us
19190 NXDOMAIN          wcma.businesscenter.bcprivate.asp93590149.wcmaloginea.aspx.ucx43.us
19191 NXDOMAIN          wcma.businesscenter.bcprivate.asp56727378.wcmaloginea.aspx.dse43.com
19191 NXDOMAIN          wcma.businesscenter.bcprivate.asp50394519.wcmaloginea.aspx.dse43.com
19191 79.112.29.32(10)  wcma.businesscenter.bcprivate.asp95499647.wcmaloginea.aspx.gnw49.com
19192 85.105.182.6      hiring-id285268037.monster.com.orocin3.gx.cn
19193 dns_temp_fail     wcma.businesscenter.bcprivate.asp82618557.wcmaloginea.aspx.45gsd.com
19193 dns_temp_fail     wcma.businesscenter.bcprivate.asp57581352.wcmaloginea.aspx.45gsd.com
19193 dns_temp_fail     wcma.businesscenter.bcprivate.asp89601745.wcmaloginea.aspx.try42.com
19196 79.178.21.85(10)  wcma.businesscenter.bcprivate.asp83216809.wcmaloginea.aspx.urd68.biz
19196 79.178.21.85(10)  wcma.businesscenter.bcprivate.asp71285567.wcmaloginea.aspx.jda53.biz
19196 79.178.21.85(10)  wcma.businesscenter.bcprivate.asp15432351.wcmaloginea.aspx.urd68.biz
19198 79.178.21.85(10)  wcma.businesscenter.bcprivate.asp81267939.wcmaloginea.aspx.yfw79.biz
19198 79.178.21.85(10)  wcma.businesscenter.bcprivate.asp49747275.wcmaloginea.aspx.jvq56.biz
19198 79.178.21.85(10)  wcma.businesscenter.bcprivate.asp56242990.wcmaloginea.aspx.yfw79.biz
19199 79.178.21.85(10)  wcma.businesscenter.bcprivate.asp02450253.wcmaloginea.aspx.trc43.net
19199 79.178.21.85(10)  wcma.businesscenter.bcprivate.asp95897893.wcmaloginea.aspx.trc43.net
19199 79.178.21.85(10)  wcma.businesscenter.bcprivate.asp72661895.wcmaloginea.aspx.lkh21.net
19200 79.178.21.85(10)  wcma.businesscenter.bcprivate.asp09183779.wcmaloginea.aspx.gnw49.com
19200 79.178.21.85(10)  wcma.businesscenter.bcprivate.asp65007058.wcmaloginea.aspx.gnw49.com
19200 79.178.21.85(10)  wcma.businesscenter.bcprivate.asp20191240.wcmaloginea.aspx.gnw49.com
19201 dns_temp_fail     wcma.businesscenter.bcprivate.asp08479329.wcmaloginea.aspx.ucx43.us
19201 dns_temp_fail     wcma.businesscenter.bcprivate.asp58819237.wcmaloginea.aspx.ucx43.us
19201 dns_temp_fail     wcma.businesscenter.bcprivate.asp80077091.wcmaloginea.aspx.ucx43.us
 

45gsd.com       REGISTER.COM            10/18/2007 (suspended)
brd58.com       REGISTER.COM            10/17/2007 (cancelled)
dse43.com       REGISTER.COM            10/17/2007 (cancelled)
gnw49.com       REGISTER.COM            10/17/2007 (cancelled)
gvs86.net       unknown                 10/17/2007? (cancelled?)
jda53.biz       REGISTER.COM            10/17/2007 (suspended)
jvq56.biz       unknown                 10/17/2007? (cancelled?)
lkh21.net       REGISTER.COM            10/17/2007 (cancelled)
ojs73.com       REGISTER.COM            10/17/2007 (cancelled)
orocin3.gx.cn   www.cnnic.net.cn        10/17/2007
qsr93.net       unknown                 10/17/2007? (cancelled?)
trc43.net       REGISTER.COM            10/17/2007 (cancelled)
try42.com       REGISTER.COM            10/18/2007 (suspended)
ucx43.us        REGISTER.COM            10/16/2007 (cancelled)
urd68.biz       REGISTER.COM            10/17/2007 (suspended)
yfw79.biz       unknown                 10/17/2007? (cancelled?)

bar-bar-com.com BIZCN.COM               9/18/2007 (cancelled)
bestlightyear.com REGISTER.COM          10/11/2007
ebigstep.com    INFO AVENUE             9/27/2007
goldbigstar.com INFO AVENUE             10/06/2007
lo1-prt.com     BIZCN.COM               9/05/2007 (cancelled)
mbhold.com      REGISTER.COM            10/04/2007 (suspended)