Sponsored by..

Wednesday 24 April 2013

Something evil on 151.248.123.170

151.248.123.170 (Reg.Ru, Russia) is currently hosting a number of malicious sites being used in injection attacks (example 1, example 2). These domains appear to be almost all dynamic DNS domains which I would recommend blocking, I also recommend blocking the IP address. Trying to block individual domains would probably be ineffective.

Recommended blocklist:
151.248.123.170
ns3.name
zapto.org
hopto.org
no-ip.org
changeip.org
myftp.org
servemp3.com
dns04.com
itemdb.com
ikwb.com
myvnc.com
mefound.com
servehalflife.com
servequake.com
servecounterstrike.com
servegame.com
youdontcare.com
4mydomain.com
otzo.com
organiccrap.com
serveftp.com
dsmtp.com
servehttp.com
servebeer.com
servepics.com
3utilities.com
freeddns.com
mysecondarydns.com
jetos.com
serveusers.com
4pu.com
ocry.com
xxuz.com
ns01.info
mypicture.info
no-ip.info
ddns.ms
ns02.us
ddns.us
myfw.us
redirectme.net
serveblog.net
lflinkup.net
sytes.net
dynamic-dns.net
no-ip.biz

Detected domains (almost all of these are marked as unsafe by Google)
1aj1l2.redirectme.net
2l9cy2.myftp.org
3lejjwtbog.no-ip.info
4g8v7cg.no-ip.org
598l7qdz.3utilities.com
71dalp61hx.servequake.com
78mudv.redirectme.net
7fht7r.redirectme.net
81jtjlit.3utilities.com
8bqve7sn.servebeer.com
8mau1o8kl7.servepics.com
93rpglw.servequake.com
agapcpaa.ns01.info
ahbedbxyo.myfw.us
aivcdizhr.myfw.us
akkly1t.servemp3.com
aqbpswfpj.myfw.us
arhecexdij.mypicture.info
aturlejd.dns04.com
aupmbeutcbr.myfw.us
azxbxx.organiccrap.com
bdkvtjss.mysecondarydns.com
bdtrehpi.dsmtp.com
bfmkeke.servebeer.com
bgmya4t.no-ip.biz
bietzhsh.mefound.com
biirnrxhz.mypicture.info
bksthi5.servegame.com
briirddzbn.myfw.us
bzyphcsjcrhs.myfw.us
ckbqvlouqe.serveusers.com
ckowva.mypicture.info
clwjaqmz.ocry.com
ctgqrapvt.4pu.com
cxubqrtqv.dynamic-dns.net
cybaqwzoai.jetos.com
cyt4n83.zapto.org
djrarpcpp.organiccrap.com
dousvpd.mysecondarydns.com
dwsfdgem.mysecondarydns.com
ecrbtc.mefound.com
efterbiwkc.freeddns.com
ehvrwxyev.ns3.name
elxvpf6prq.myvnc.com
eojriwvpt.serveusers.com
esmiqsq.mysecondarydns.com
exrjzleph.myfw.us
fgcnxamjp.ddns.us
fm7vxw.serveblog.net
fmdetqh.dsmtp.com
fqguhzwcasmj.myfw.us
fxbjpg.itemdb.com
fyuccxbvon.jetos.com
fz1a9crr7i.no-ip.info
gbeonh.servehttp.com
gclpzkt.mefound.com
gcojpbiwb.mefound.com
getbwoedccls.myfw.us
gipjuqnyp.mysecondarydns.com
gpbqicpq.ns01.info
gpqhomgo.ocry.com
gtpjrnkte.itemdb.com
gwhwyvf.ocry.com
gykobwnn.ddns.ms
gyxjclzy.dsmtp.com
hbjadoipd.mefound.com
hdbbzvxejqn.myfw.us
hdygywog.youdontcare.com
hidzgz.otzo.com
hiweya.lflinkup.net
hmkdmjn.ikwb.com
hsqyvzz.ddns.ms
iolwnr.freeddns.com
iuvrmzszjx.ns02.us
j7h9c34fip.servehalflife.com
jayrkypqxx.ns02.us
jkjehvt4k6.servegame.com
jnsvbykd.ns02.us
joukprhng.ocry.com
jpwhgfrc.dynamic-dns.net
jwufzame.youdontcare.com
jxrxuuqs.ddns.ms
jxxaoeufjs.serveusers.com
k05c1jx3lm.sytes.net
k23901iiv.no-ip.org
k40q5bx.servemp3.com
k6fgu8.hopto.org
klmgaqrtem.jetos.com
kmxxvdey.dsmtp.com
krnwhhhtwvh.myfw.us
kuebyfoh.ddns.us
kukxizdui.4mydomain.com
kunwxont.ikwb.com
kzbeyyvkl.jetos.com
kzfxvrz.ns02.us
ladmbbwxmm.no-ip.info
lrymhkrah.dsmtp.com
m938c18.no-ip.info
meaymayetx.organiccrap.com
meuquma.ddns.us
mfbovxps.serveftp.com
mgz0bf6g46.servehttp.com
mpqeydocoiq.myfw.us
mpwtwer.ns01.info
mrnmqdsxfyze.myfw.us
mvdqmecbf.myfw.us
mztlzbd.dynamic-dns.net
ncopbisrmn.xxuz.com
ndmvpgslci.itemdb.com
ngyuwfpaa.dsmtp.com
nmwikbwrxia.myfw.us
nngbpjevv.mefound.com
nuzmis.itemdb.com
nxcgynyedfs.myfw.us
odybreg.ikwb.com
ojew5yj.servecounterstrike.com
okbriapkfb.mefound.com
opxphpg.dns04.com
oqpslwchym.ns3.name
ortqptto.organiccrap.com
ou5hiad9.redirectme.net
owljtjpwb.myfw.us
ozyiivww.youdontcare.com
pbsezsidc.ns01.info
peifdnc.4pu.com
pmjqkxgxz.ddns.us
pmkihqq.mypicture.info
ppmdbwqxcrv.myfw.us
pwemctzvq.ns02.us
pwkwxztpaj.myfw.us
pzcbqmnxv.ddns.ms
qfnisv1h.servehttp.com
qgfs3q0.redirectme.net
qntfwt.changeip.org
qnwycifjfl.myfw.us
qsbmgof.ns3.name
qtbxjkot.ocry.com
quludwdcaq.mypicture.info
qzlkluald.myfw.us
r6x4yz.no-ip.org
rbnumsmbygqb.myfw.us
rcezlgb.ns3.name
rcumgx.jetos.com
rkaseooypl.myfw.us
rkhcyhk4o3.servecounterstrike.com
rnrbdynkblyb.myfw.us
rpbdqzdemsu.myfw.us
seronwzic.myfw.us
sgcdujudgzm.myfw.us
sglrpbgnvl.freeddns.com
sjsw9ne.servecounterstrike.com
slcvzheogxph.myfw.us
sozsybvook.myfw.us
sppbfcemw.jetos.com
synvmclp.dynamic-dns.net
tfqvhdg.otzo.com
tgckjiq.mysecondarydns.com
tin57d1.sytes.net
tlq8aw7lxc.servequake.com
tlvayh.4mydomain.com
tmipoitnfj.myfw.us
tnfzfdd.mypicture.info
trgcrumzlo.xxuz.com
tuewfxrwos.xxuz.com
uegnytqslcm.myfw.us
uftmrikaydi.myfw.us
umhlefsfo.dynamic-dns.net
uniomlciyi.otzo.com
uttptbyvgr.organiccrap.com
uucnwdbptssb.myfw.us
uureflcf.lflinkup.net
vbhxqbwpt.myfw.us
vesooyzw.serveusers.com
vewvfb.ikwb.com
vgyxuawyxb.myfw.us
voskghrg.ns3.name
vpogbb.ns01.info
vpxnbn.organiccrap.com
wdpyffpv.dsmtp.com
whaumhrm.organiccrap.com
whpiiimwpodx.myfw.us
wmnrrskry.myfw.us
wobxsdlv5r.no-ip.info
wrnkzkxjea.servemp3.com
wtriylabiccu.myfw.us
wucsutja.servecounterstrike.com
wwrhxrrvx2.serveftp.com
wywiapwvh.dns04.com
xkfrazfa.changeip.org
xlumergew.ns02.us
xugjnwfw.dsmtp.com
xxyneb.4pu.com
xygvilyksie.myfw.us
xzbqujbaj.ocry.com
ybdrgilms.4pu.com
ybywobw.mysecondarydns.com
yywgvpqrpeym.myfw.us
zakiie.ocry.com
zhudyeczk.myfw.us
zihoqd.ns3.name
zkgctmm4h.myftp.org
znhkad.xxuz.com
zqieuqgwt.ns3.name
zylzvbn.ns02.us
zyzniusdlq.ns01.info
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)