Sponsored by..

Tuesday 29 October 2013

Something evil on 82.211.31.147

Still investigating this one, but 82.211.31.147 (IP-Projects, Germany) appears to be a completely rogue server hosting exploit kits and malware [1] [2].

The following domains and subdomains are associated with with IP address. I recommend blocking them, or more easily the IP address itself.

(Note, this is an updated and shorter version that in the original post)

civuxedajijo.biz
civuxedajijo.com
civuxedajijo.info
civuxedajijo.net
civuxedajijo.org
cytisyzahafo.info
cytisyzahafo.org
dedukoxejyki.info
dedukoxejyki.org
dihepopylira.info
dihepopylira.org
fagowemocule.net
ferehehusaro.info
ferehehusaro.org
geqybucubep.biz
geqybucubep.com
geqybucubep.info
geqybucubep.net
geqybucubep.org
herufexejinu.org
hozibojadygu.biz
hozibojadygu.com
hozibojadygu.info
hozibojadygu.net
hozibojadygu.org
kywyjolahoq.info
kywyjolahoq.net
kywyjolahoq.org
lugifosuwap.info
lugifosuwap.org
lunyhoqagotu.biz
lunyhoqagotu.com
lunyhoqagotu.info
lunyhoqagotu.net
lunyhoqagotu.org
nisahybonub.biz
nisahybonub.com
nisahybonub.info
nisahybonub.net
rycarimijoje.biz
rycarimijoje.com
rycarimijoje.info
rycarimijoje.net
rycarimijoje.org
sinigumawup.info
sinigumawup.org
vumytataciza.biz
vumytataciza.com
vumytataciza.info
vumytataciza.net
vumytataciza.org
zepykedaluto.biz
zepykedaluto.com
zepykedaluto.info
zepykedaluto.net
zepykedaluto.org
cassetewrt.biz
cassetewrt.com
cassetewrt.info
cassetewrt.net
cassetewrt.org
childho.com
childho.info
childho.net
childho.org
childhoodhnj.biz
childhoodhnj.com
childhoodhnj.info
childhoodhnj.net
childhoodhnj.org
cytisyzahafo.com
cytisyzahafo.net
delitenaryx.net
delitenaryx.us
dihepopylira.biz
dihepopylira.com
dihepopylira.net
dusixibanej.info
dusixibanej.net
dusixibanej.org
dusixibanej.us
fagowemocule.com
fagowemocule.info
ferehehusaro.biz
ferehehusaro.com
ferehehusaro.net
foqanapybiq.biz
foqanapybiq.com
foqanapybiq.info
foqanapybiq.net
foqanapybiq.org
geqybucube.biz
geqybucube.com
geqybucube.net
gonohulovene.net
guxulekabac.biz
guxulekabac.com
guxulekabac.info
guxulekabac.net
guxulekabac.org
hiluposukux.net
hiluposukux.org
hogyverysopi.biz
hogyverysopi.com
hogyverysopi.info
hogyverysopi.net
hogyverysopi.org
identitysdf.biz
identitysdf.com
identitysdf.info
identitysdf.net
identitysdf.org
kyqozozijugy.com
kyqozozijugy.info
kyqozozijugy.net
kyqozozijugy.org
letecaqawuxa.com
letecaqawuxa.info
letecaqawuxa.net
letecaqawuxa.org
lugifosuwap.biz
lugifosuwap.com
lugifosuwap.net
qegihugob.com
qegihugob.info
qegihugob.net
qegihugob.org
qegihugobag.com
qegihugobag.info
qegihugobag.net
qegihugobag.org
qynekugajyj.com
qynekugajyj.info
qynekugajyj.net
qynekugajyj.org
rekarunezyvi.net
signingnm.biz
signingnm.com
signingnm.info
signingnm.net
signingnm.org
sinigumawup.com
sinigumawup.net
tabletbvn.biz
tabletbvn.com
tabletbvn.net
tabletbvn.org
zobecokiloca.biz
zobecokiloca.com
zobecokiloca.info
efuvwguvoum.mine.nu
brbhogbfxxgu.mine.nu
ydmxkkyiqhiu.mine.nu
cppeklsmuexss.mine.nu
fhqfohlvdihxk.mine.nu
feqbesisuqi.blogdns.net
qhghiflvncq.blogdns.net
tilhuvmdefwu.gotdns.org
xjjfgjljivir.gotdns.org
dohotbiyotfx.blogdns.net
rqbiyiidrcrj.blogdns.net
ulchtvrwuvtnl.gotdns.org
pcowstdlxmd.for-our.info
dbgjkrymwqhgwcrxs.mine.nu
iykhbgluscjlbt.gotdns.org
tpvdjxyneijvwhlpxw.mine.nu
nomojmvmkmloxc.blogdns.net
kvworynoybhmxhv.gotdns.org
kwxlmthghilglps.gotdns.org
yibjilgetfssusp.gotdns.org
wnhsslxbrwtwc.for-our.info
cnlfdlfttgnmgks.blogdns.net
eyrdiygbcwkssld.blogdns.net
syieiqlwijppljs.blogdns.net
qjkmgebqexfgwyhe.gotdns.org
cwxqkwglydvwvnigepnf.mine.nu
kudtgttrrlyxibqhttgv.mine.nu
kxtrkjpihconmvhwfsps.mine.nu
wgsdqrgmpcbxhenujrub.mine.nu
hdledvwqiiyektoq.blogdns.net
huxvcjbdkycohlkg.blogdns.net
jlhyrfjbnwfcuyhd.blogdns.net
rkbyifuckfvgjqqk.blogdns.net
vfnxdwquisqdyxjk.blogdns.net
xhipdqfcvlukkgbj.blogdns.net
eimvggsifelgrmh.for-our.info
swlhtfbvqyjspng.for-our.info
mggkitlimroemebpnxobd.mine.nu
ershitlccewsljyou.blogdns.net
yqvvsfvsiswkjjipq.blogdns.net
gmldxogembxcuftnpo.gotdns.org
sljrowpdwiydhesmtx.gotdns.org
xkykencovusmcgxefn.gotdns.org
fxnbonjidwnsrpwp.for-our.info
puywylsnmkjuculhuo.blogdns.net
ubkdjenlfqiwdrvrmy.blogdns.net
gxtvostqmdlnvdvshmp.gotdns.org
imhsupwkkqcshqtowwd.gotdns.org
ptgssluejuimsnqljtf.gotdns.org
rprylexfclxbfdwffru.gotdns.org
xrffskqnesvosqydnwo.gotdns.org
enbiumecswjwbudrh.for-our.info
jrlqfbdtjppvbdhocjo.blogdns.net
nykqxjyihvcibbdwedp.blogdns.net
sbvhhiqnhxfutfktvet.blogdns.net
tgiglyojdggtsfevfvx.blogdns.net
jcgosegivocugffhhx.for-our.info
ucexdvultugwnnigkt.for-our.info
rhdsenonxuohknxhkrlg.blogdns.net
kxjhuuvdnguhwhxhqkmuk.gotdns.org
msxtfwbcupycminnlfihr.gotdns.org
pwhwjmbdrtummlxwhulxt.gotdns.org
rvfyeqfpgxleppjibyues.gotdns.org
xocxtcgbdujvvlphskrtq.gotdns.org
ffemcdevbudrefxswcx.for-our.info
hqoubobqtbowsceoyyqib.blogdns.net
wsbexuveyriuqurvjpxgg.blogdns.net
kecnbcjdtnirgfsekqrrk.for-our.info
trdhhkkkyjkwmyiqnlwyy.for-our.info
tkjesdouypdw.is-a-personaltrainer.com
cchllttcnxvur.is-a-personaltrainer.com
xxoyqcpvhhjycp.is-a-personaltrainer.com
sbhmdtlxodrnnbsd.is-a-personaltrainer.com
gbhenbnngbsnqggqm.is-a-personaltrainer.com
hurvqrlsoihvmsdge.is-a-personaltrainer.com
thdrugkitlcwbhwhll.is-a-personaltrainer.com
xljgonmwrxntjygnghp.is-a-personaltrainer.com
niflgslwubsdiddjrfdd.is-a-personaltrainer.com

No comments: