lxle.net currently exists in multiple public blocklists
-
FYI, I'm not sure why but when doing some server testing today I accidentally discovered that lxle.net was blocked by several blacklists, and therefore I could not access the site from those systems:
hphosts_emd: hpHosts malware sites listed in the hpHosts database.
hphosts_fsa: hpHosts fraud sites listed in the hpHosts database.
hphosts_psh: hpHosts phishing sites listed in the hpHosts database.
dyndns_ponmocup: DynDNS.org Ponmocup. The malware powering the botnet has been around since 2006 and it’s known under various names, including Ponmocup, Vundo, Virtumonde, Milicenso and Swisyn. It has been used for ad fraud, data theft and downloading additional threats to infected systems. Ponmocup is one of the largest currently active and, with nine consecutive years, also one of the longest running, but it is rarely noticed as the operators take care to keep it operating under the radar.
An exhaustive list of other blocklists can be sourced from here.
-
I just scanned all of them and found lxle.net no where...
-
I just checked it again, and I did find it. The IP address I'm getting for lxle.net is 66.96.149.32, if that makes any difference. Here is a link to the dyndns list where you can find the IP there: http://security-research.dyndns.org/pub/malware-feeds/ponmocup-infected-domains-shadowserver.csv
-
It looks like your IP may be been assigned to a previously malicious domain, which looks like timelessimagesmi (.com) from what I see in the dyndns document.
-
I just went through the list you provided and there is no lxle.net
-
You need to search by IP address on the lists.
-
http://www.timelessimagesmi.com/
is the url with seemingly the same ip address... must be a result of shared hosting.
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!