Historical OSINT - Gmail's CAPTCHA Under Fire

http://www.castlecops.com/t192663-http_69_61_99_66_3_php.html
http://www.robtex.com/cnet/208.72.168.html

http://www.secureworks.com/research/threats/ozdok/?threat=ozdok
aaauaa.info - same netblock

faq.890m.com

208.72.168.140 8181
http://threatexpert.com/reports.aspx?find=208.72.168.40

208.72.168.40 on port 533

http://threatexpert.com/reports.aspx?find=208.72.168

208.72.168.40/404.txt
208.72.168.40/cr.dat

Result: 22/28 (78.58%) Trojan.Proxy.Saturn.F
File size: 36864 bytes
MD5: 49e23bdba56e0a52578341181b4faf7b
SHA1: 50fb2726dec1efb15723d93db8dce1a60df676a5

208.72.169.54
208.72.169.55
208.72.169.15
208.72.168.52
208.72.168.97
208.72.169.15
208.72.168.164
208.72.168.76

centerkras-tv.tv
iloveeverybody.kz
iloveeverybody.tj
lansetcommunication.info
lansetcommunication.biz
lanset2007.com
centerkras-tv.name
centerkras-tv.info
centerkras-tv.biz

vaznyjdomen.info
http://vaznyjdomen.info/affcgi/online.fcgi?20199:0
http://vaznyjdomen.info/gallery20199/xpsystem/rxs.ini.php
http://lyalyabum.info/affcgi/online.fcgi?20199:0
http://lyalyabum.info/gallery20199/xpsystem/rxs.ini.php
http://lohotronschik.info/affcgi/online.fcgi?20199:0
http://lohotronschik.info/gallery20199/xpsystem/rxs.ini.php
http://lyalyabum.info/affcgi/try.fcgi?20199
http://vaznyjdomen.info/affiliate/interface3.php?userid=20199
http://vaznyjdomen.info/affiliate/interface3.php?userid=20199
http://vaznyjdomen.info/affcgi/online.fcgi?20199:1
http://vaznyjdomen.info/xxmm.exe
http://lyalyabum.info/affcgi/online.fcgi?20199:1
http://lyalyabum.info/xxmm.exe
http://lohotronschik.info/affcgi/online.fcgi?20199:1
http://lohotronschik.info/xxmm.exe