The DNS-BH project creates and maintains a listing of domains that are known to be used to propagate malware and spyware. This project creates the Bind and Windows zone files required to serve fake replies to localhost for any requests to these, thus preventing many spyware installs and reporting.
Malware and spyware blocklist.
- Website
http://www.malwaredomains.com/
- Source
http://mirror2.malwaredomains.com/files/domains.txt
- Data
- Domain Name
- Format
- Text
- API/Token
- None
- Status
- Ok
- Comments
- No comment
{
"classification": {
"type": "malware"
},
"event_description": {
"text": "phishing"
},
"source": {
"fqdn": "amazon.co.uk.security-check.ga"
},
"time": {
"source": "2016-05-27T00:00:00+00:00",
"observation": "2016-07-07T13:30:14+00:00"
},
"raw": "CQlhbWF6b24uY28udWsuc2VjdXJpdHktY2hlY2suZ2EJcGhpc2hpbmcJb3BlbnBoaXNoLmNvbQkyMDE2MDUyNwkyMDE2MDEwOA==",
"feed": {
"url": "http://mirror2.malwaredomains.com/files/domains.txt",
"accuracy": 100.0,
"name": "MalwareDomains"
}
}There's only Domain information in in http://mirror2.malwaredomains.com/files/domains.txt. It looks like:
## if you do not accept these terms, then do not use this information.
## for noncommercial use only. using this information indicates you agree to be bound by these terms.
## nextvalidation domain type original_reference-why_it_was_listed
## notice notice duplication is not permitted #=comment
amazon.co.uk.security-check.ga phishing openphish.com 20160527 20160108
autosegurancabrasil.com phishing openphish.com 20160527 20160108
christianmensfellowshipsoftball.org phishing openphish.com 20160527 20160108
dadossolicitado-antendimento.sad879.mobi phishing openphish.com 20160527 20160108
hitnrun.com.my phishing openphish.com 20160527 20160108