Sponsored by..

Tuesday, 23 July 2013

Something evil on 91.233.244.102

These following domains are hosted on 91.233.244.102 (Olborg Ltd, Russia). This IP is implicated in Runforestrun infectors, has several malware detections on VirusTotal plus a few on URLquery. Google has flagged several domains as being malicious (marked in red below).

Obviously there's quite a concentration of evil on this IP address and the simplest thing to do would be to banish it from your network, in fact I would personally recommend blocking the whole 91.233.244.0/23 block at least 91.233.244.96/28 (see why) . However, a (probably incomplete) list of suspect domains on this IP are as follows:


aabgxpqayus.com
adcjhjpalcljihgw.info
adwwlwgfgefmzcwg.info
aefbydtsxloe.org
anzku-bqe.net
aodpcm-foub.com
aodpcm-foubfkmp.info
aoflkpshxeoa.org
apsnxeyafofkqfql.ru
apvvkrodqlouyoso.ru
aydpgzxzyidbeqoq.ru
ayxksipvqfxvlfaq.ru
bhigmqckbqhleqlo.ru
cqfreoz-qwd.info
cqfreoz-qwdhmor.com
cuojshtbohnt.com
cuojshtbohnt.info
dfglsfvdyus.com
dgjrfwiwpgjrwdcg.info
dgmcaaliawgewghp.info
donotwantyou787.ru
dppukpdhxloa.org
drgsfp-irxei.com
dspukpshxeoa.org
dwofvs-jdoyhpe.in
eaxrm-xnesh.org
fafogzpvzbvorqkk.ru
fexwxvogrgvfqxzk.ru
feyvxryisqafrssy.ru
fiwiziccefirihhh.info
fjzgpahrgwrzcwle.info
ftiuhrc-tzgk.info
fwcfpfwggjgmfwhw.info
fwdgffzethwhgffp.info
fyqhxu-lfq.in
gffqihioodwfteii.info
ggprgzwfapwdwold.info
gooogleadsense.org
hccakpdhxloa.org
hcnvidjkpytou.com
hhmsobscuoxgqwkhtugpnr.com
hivqwbnkasisil.com
hmcakpshxeoa.org
igicpiipggljcwaf.info
ihwwwhwipfarwrtf.info
ijxsncuprepwqzlt.ru
iprdjrhfporqpgcg.info
ipwfwtdwgiwwehie.info
jdiiffgfgg.com
jecvydtsxloe.org
jeuvkpdhxloa.org
jyuvkpshxeoa.org
kdvmczv-k.in
kkagkpshxeoa.org
kkyqexfzsqzysrkl.ru
knuidyekzkyuhtpi.ru
kxpgydtsxloe.org
kynzmwh-y.info
kynzmwh-yelpu.com
lalcjrdwrqwgwerf.info
ljfwwtftwgiltwwp.info
ljhfhwgiwiwhpwrf.info
lomxtgmgrswlgrrn.ru
mapbo-jra.com
mapbo-jragnrw.info
mfgqnlbmyus.com
mpmeezpmowrgihzc.info
nealkpdhxloa.org
newlydtsxloe.org
nsjosicxuhpidhlp.ru
nwalkpshxeoa.org
ocunydtsxloe.org
ocurkpdhxloa.org
odzbgxfiipvkrqfa.ru
oghwrfhoyus.com
oiicmtkpkaocnm.com
peawrwfgtewchzjc.info
peijgfhwhoffgorf.info
powwrwllojfjgrfg.info
pqueaafqaeoqrqxq.ru
psknwsqsqognrpoo.ru
qablspvqyus.com
qflqqfqqwzazqzrw.ru
qqzewquorqiuqviv.ru
r5z7yy68.com
rfffnahfiywyd.com
rfffnahfiywyd.info
rgdgkpshxeoa.org
rpdgkpdhxloa.org
rpdtydtsxloe.org
rrilffoowjcrqpdw.info
rrrmpfqrgfgfmthj.info
rseibvaoopvkvxyp.ru
sdfsfjkhewsdfe.com
sodsvsyxfzelkknq.ru
soopqzxleaqlqqfi.ru
sownoyqkaqxpqqkp.ru
thwiv-qyhnuydf.info
twctqwaggdwfwhzd.info
uivh-cltqmhb.org
uquqlyyuivkogxyr.ru
vbkfrqqfovaqyeio.ru
viqtkpshxeoa.org
vjykxh-ajp.info
vjykxh-ajpwafh.com
vogxnkg-vgqz.in
vpftydtsxloe.org
vvteeuevhpbpepfi.ru
vxvhwcixcxqxd.com
walfyqoslwfzgxxf.ru
wcrcwwzwercejjjp.info
wfcwhhrfoacawllf.info
wfigeegwffwgoffj.info
wgfdwfhejieeppeo.info
wiafokpwyus.com
wqllweihhwawzctg.info
wwfcfpmfwpompwow.info
xlamzju-lr.com
xlamzju-lrychj.info
xloeydtsxloe.org
xwaqllqvdovqikyn.ru
xweexxdyiaoaskfy.ru
yalkzsvudybexfgd.ru
yirxzxffiedeqddo.ru
ylaqdsoorlrrfyke.ru
ylbaugjnfutivfupbojcybabmrax.com
ypfuidx-i.com
yqgeqwxyfqowoiko.ru
yrjaq-jeyjtckzn.in
zkafwwiilgszbeps.ru
zkzuqobzowqyuixg.ru
zvswwossogquwrfs.ru
zyvskwylixxfswkq.ru

2 comments:

Antonio Pais said...

Com um serviço antispam P2T nunca me iria preocupar com isto. Aliás, eles é que teriam de se preocupar. LOL

Antonio Pais said...

With a service antispam P2T would never worry about it. In fact, it is they who have to worry about. LOL