Nemesis Our Projects Forums Extra Controls
  RegMe

        IP changes for the blacklisted domains posted on F-Secure blog for february were also logged with DNScheck.

Download


File nameSizeLast updateDescription
Downadup_Domain_Blocklist_February.txt
 96493 
2009-01-30, 21:10
[2009-01-30] The list with Downadup domains for 2009-02-01 - 2009-02-28 from F-Secure
30-24.zip
 765411 
2009-02-25, 18:22
[2009-02-25] Log with IP changes for all Downadup domains from 2009-01-30 to 2009-02-24
DNScheck.zip
 8232 
2009-01-29, 22:26
[2009-01-29] A simple logger for DNS changes including source code (Creative Commons, Attribution-NonCommercial-ShareAlike 3.0 license)

There are 3 files and 0 directories
for a total of 870136 bytes.



        After filtering IP changes for known "sinkhole" IPs in the log for february, these are some results:

[2009-01-30 22:18:51] The address bjums.com ( bjums.com ) resolves to:
        69.64.155.121 =
[2009-01-30 22:19:54] The address boksm.com ( boksm.com ) resolves to:
        213.188.129.183 = miranda.activeisp.com
[2009-01-30 22:24:14] The address ccida.org ( ccida.org ) resolves to:
        38.113.1.116 = ip38-113-1-116.yourhostingaccount.com
[2009-01-30 22:26:35] The address cnlqi.cn ( cnlqi.cn ) resolves to:
        202.165.98.232 = dm.p4p.vip.cnb.yahoo.com
[2009-01-30 22:30:13] The address ddkss.cn ( ns.1w.cn , ddkss.cn ) resolves to:
        221.130.201.9 =
[2009-01-30 22:32:25] The address dogri.net ( dogri.net ) resolves to:
        74.208.26.102 = perfora.net
[2009-01-30 22:32:36] The address dpies.com ( dpies.com ) resolves to:
        211.9.58.163 = ns2.g-serve.net , 163.58.9.211.in-addr.arpa
[2009-01-30 22:35:09] The address ealdor.org ( ealdor.org ) resolves to:
        68.178.232.100 = parkwebwin-v01.prod.mesa1.secureserver.net
[2009-01-30 22:44:26] The address fodda.biz ( fodda.biz ) resolves to:
        70.85.228.70 = 70-1-reddwarf.1st4domains.co.uk
[2009-01-30 22:49:10] The address gival.com ( gival.com ) resolves to:
        212.67.202.8 = jupiter.hosteurope.com
[2009-01-30 23:10:59] The address jxxjj.cn ( ns.1w.cn , jxxjj.cn ) resolves to:
        221.130.201.9 =
[2009-01-30 23:27:23] The address mstpa.com ( mstpa.com ) resolves to:
        38.113.1.116 = ip38-113-1-116.yourhostingaccount.com
[2009-01-30 23:33:22] The address nwech.com ( nwech.com ) resolves to:
        69.89.17.9 = box9.bluehost.com
[2009-01-30 23:46:04] The address qjofdixzldq.com ( qjofdixzldq.com ) resolves to:
        62.213.110.9 =
[2009-01-30 23:47:30] The address qrlnw.info ( qrlnw.info ) resolves to:
        216.104.161.117 =
        216.104.161.217 =
[2009-01-30 23:53:21] The address rrwjj.cn ( ns.1w.cn , rrwjj.cn ) resolves to:
        221.130.201.9 =
[2009-01-30 23:55:39] The address sandi.org ( sandi.org ) resolves to:
        69.46.228.32 = 69-46-228-32.parked.com
[2009-01-30 23:56:56] The address shavy.cn ( shavy.cn ) resolves to:
        218.61.204.206 =
[2009-01-30 23:57:23] The address siluo.cn ( siluo.cn ) resolves to:
        75.126.238.193 = nuo.cn
[2009-01-30 23:59:34] The address ssomoo.com ( ssomoo.com ) resolves to:
        218.145.71.194 = zero02.nayana.kr
[2009-01-31 00:01:22] The address tavac.com ( tavac.com ) resolves to:
        217.113.244.80 = dns13.grupoitnet.com
[2009-01-31 00:05:00] The address ttjii.cn ( ns.1w.cn , ttjii.cn ) resolves to:
        221.130.201.9 =
[2009-01-31 00:17:04] The address vrxen.com ( vrxen.com ) resolves to:
        216.21.239.197 = futuresite.register.com
[2009-01-31 00:26:25] The address xinnv.cn ( xinnv.cn ) resolves to:
        218.244.147.129 =
[2009-01-31 14:10:12] The address sbilhpphnk.com ( ERROR ) was changed to:
        62.213.110.9 =
[2009-01-31 14:53:01] The address wvsqjknnv.com ( ERROR ) was changed to:
        62.213.110.9 =
[2009-01-31 15:30:34] The address cjtcbdegmn.com ( ERROR ) was changed to:
        62.213.110.9 =
[2009-01-31 16:02:18] The address hjuninikba.com ( ERROR ) was changed to:
        62.213.110.9 =
[2009-01-31 16:04:33] The address hvwhnogvlph.com ( ERROR ) was changed to:
        62.213.110.9 =
[2009-01-31 16:18:28] The address kggnzotkewf.com ( ERROR ) was changed to:
        62.213.110.9 =
[2009-01-31 18:04:43] The address cnlqi.cn ( 202.165.98.232 ) was changed to:
        59.60.148.154 =
        59.60.150.170 =
[2009-02-01 05:40:08] The address cnlqi.cn ( 59.60.148.154 / 59.60.150.170 ) was changed to:
        59.60.148.154 =
[2009-02-01 11:59:16] The address cnlqi.cn ( 59.60.148.154 ) was changed to:
        59.60.148.154 =
        59.60.150.170 =
[2009-02-01 12:52:08] The address jqicrmy.com ( ERROR ) was changed to:
        68.178.232.100 = parkwebwin-v01.prod.mesa1.secureserver.net
[2009-02-01 16:10:09] The address jqicrmy.com ( 68.178.232.100 ) was changed to:
        83.68.16.6 =
[2009-02-02 07:21:45] The address iopca.com ( ERROR ) was changed to:
        174.137.132.45 =
[2009-02-02 15:38:23] The address ydglzvb.com ( ERROR ) was changed to:
        68.178.232.100 = parkwebwin-v01.prod.mesa1.secureserver.net
[2009-02-02 16:33:11] The address hvbbdplo.com ( ERROR ) was changed to:
        83.68.16.6 =
[2009-02-02 16:52:48] The address lcnomkjdmhe.com ( ERROR ) was changed to:
        83.68.16.6 =
[2009-02-02 16:57:27] The address lxwcgsuz.com ( ERROR ) was changed to:
        83.68.16.6 =
[2009-02-02 17:14:35] The address orrpuexbmpy.com ( ERROR ) was changed to:
        83.68.16.6 =
[2009-02-02 17:27:16] The address qzooymslxej.com ( ERROR ) was changed to:
        83.68.16.6 =
[2009-02-02 17:35:58] The address snpminjjim.com ( ERROR ) was changed to:
        83.68.16.6 =
[2009-02-02 18:08:15] The address ydglzvb.com ( 68.178.232.100 ) was changed to:
        83.68.16.6 =
[2009-02-03 00:13:51] The address aaqzxqrwba.cn ( ERROR ) was changed to:
        69.64.147.243 =
[2009-02-03 00:15:39] The address aimmuemd.cn ( ERROR ) was changed to:
        69.64.147.243 =
[2009-02-03 00:15:56] The address ajrtspspa.cn ( ERROR ) was changed to:
        69.64.147.243 =
[2009-02-03 00:34:01] The address dkkblaw.cn ( ERROR ) was changed to:
        69.64.147.243 =
[2009-02-03 01:04:58] The address ikvcb.org ( ERROR ) was changed to:
        199.2.137.252 =
[2009-02-03 01:20:27] The address kylolwnmj.org ( ERROR ) was changed to:
        199.2.137.252 =
[2009-02-03 01:23:37] The address llbifif.org ( ERROR ) was changed to:
        199.2.137.252 =
[2009-02-03 01:51:27] The address qhoinnw.org ( ERROR ) was changed to:
        199.2.137.252 =
[2009-02-03 02:00:57] The address rwxmjsptq.org ( ERROR ) was changed to:
        199.2.137.252 =
[2009-02-03 02:52:02] The address aaqzxqrwba.cn ( 69.64.147.243 ) was changed to: ERROR
[2009-02-03 02:54:29] The address aimmuemd.cn ( 69.64.147.243 ) was changed to: ERROR
[2009-02-03 02:54:44] The address ajrtspspa.cn ( 69.64.147.243 ) was changed to: ERROR
[2009-02-03 03:17:31] The address dkkblaw.cn ( 69.64.147.243 ) was changed to: ERROR
[2009-02-03 04:14:42] The address kpuxelzixhf.cn ( ERROR ) was changed to:
        69.64.155.127 =
[2009-02-03 04:20:45] The address ligztnjq.cn ( ERROR ) was changed to:
        69.64.155.120 =
[2009-02-03 04:26:04] The address matlmuftmd.cn ( ERROR ) was changed to:
        69.64.147.21 =
[2009-02-03 04:27:57] The address mgepx.cn ( ERROR ) was changed to:
        69.64.155.124 =
[2009-02-03 04:28:56] The address mgyeqxmja.cn ( ERROR ) was changed to:
        69.64.155.121 =
[2009-02-03 04:33:42] The address mxkrwbyzsax.cn ( ERROR ) was changed to:
        69.64.155.127 =
[2009-02-03 04:42:09] The address ofuvcfiw.cn ( ERROR ) was changed to:
        69.64.155.119 =
[2009-02-03 04:48:35] The address plprt.cn ( ERROR ) was changed to:
        69.64.155.120 =
[2009-02-03 05:04:30] The address sahjbzm.cn ( ERROR ) was changed to:
        69.64.155.125 =
[2009-02-03 05:04:37] The address saqxofwayc.cn ( ERROR ) was changed to:
        69.64.155.123 =
[2009-02-03 05:06:12] The address sjavozdtlq.cn ( ERROR ) was changed to:
        69.64.155.122 =
[2009-02-03 05:13:30] The address tpkbumd.cn ( ERROR ) was changed to:
        69.64.147.21 =
[2009-02-03 05:17:51] The address ujdomf.cn ( ERROR ) was changed to:
        69.64.155.126 =
[2009-02-03 05:18:11] The address uldhoic.cn ( ERROR ) was changed to:
        69.64.147.14 =
[2009-02-03 05:22:35] The address uzvnheey.cn ( ERROR ) was changed to:
        69.64.155.119 =
[2009-02-03 05:25:20] The address vlbmfokvnne.cn ( ERROR ) was changed to:
        69.64.147.18 =
[2009-02-03 05:29:52] The address wepvixvkqg.cn ( ERROR ) was changed to:
        69.64.155.123 =
[2009-02-03 05:33:21] The address wuiatp.cn ( ERROR ) was changed to:
        69.64.147.17 =
[2009-02-03 05:33:41] The address wwfelzbr.cn ( ERROR ) was changed to:
        69.64.147.20 =
[2009-02-03 05:35:29] The address xeembzial.cn ( ERROR ) was changed to:
        69.64.155.125 =
[2009-02-03 05:38:49] The address xsdprttq.cn ( ERROR ) was changed to:
        69.64.147.19 =
[2009-02-03 06:59:40] The address krffyfbjum.cn ( ERROR ) was changed to:
        69.64.155.124 =
[2009-02-03 07:06:29] The address luhkv.cn ( ERROR ) was changed to:
        69.64.155.119 =
[2009-02-03 07:14:09] The address mylecqfa.cn ( ERROR ) was changed to:
        69.64.147.16 =
[2009-02-03 08:02:56] The address ujrnewgru.cn ( ERROR ) was changed to:
        69.64.155.121 =
[2009-02-03 23:00:06] The address ikvcb.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-03 23:04:02] The address jbhkow.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-03 23:04:57] The address jduyjssm.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-03 23:17:06] The address kylolwnmj.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-03 23:20:30] The address llbifif.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-03 23:21:13] The address lpjks.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-03 23:27:29] The address mnllujfn.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-03 23:50:10] The address qhoinnw.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-04 00:00:15] The address rwxmjsptq.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-04 00:06:24] The address sykqsbjrva.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-04 00:12:04] The address tyhxxp.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-04 00:12:34] The address uafls.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-04 00:17:30] The address utpqpy.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-04 00:30:06] The address wvchktbkwl.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-04 00:33:36] The address xlyks.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-04 00:47:52] The address zudeixyz.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-04 00:56:27] The address bfruay.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-04 01:07:30] The address ddouvboz.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-04 01:07:44] The address dehaogphg.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-04 01:09:52] The address dpcnfgrwfai.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-04 07:13:48] The address llbifif.org ( ERROR ) was changed to:
        199.2.137.252 =
[2009-02-04 08:27:24] The address rrwjj.cn ( ns.1w.cn , rrwjj.cn / 221.130.201.9 ) was changed to: ERROR
[2009-02-04 14:02:20] The address rrwjj.cn ( ERROR ) was changed to: ns.1w.cn , rrwjj.cn
        221.130.201.9 =
[2009-02-04 17:49:33] The address llbifif.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-05 07:07:27] The address wuwssqh.org ( 199.2.137.252 ) was changed to: ERROR
[2009-02-05 08:12:42] The address boksm.com ( 213.188.129.183 ) was changed to:
        213.188.129.184 = asp-demo.activeisp.com
[2009-02-05 18:44:44] The address rrwjj.cn ( ns.1w.cn , rrwjj.cn / 221.130.201.9 ) was changed to: ERROR
[2009-02-05 21:39:31] The address rrwjj.cn ( ERROR ) was changed to: ns.1w.cn , rrwjj.cn
        221.130.201.9 =
[2009-02-06 20:04:09] The address iopca.com ( 174.137.132.45 ) was changed to: ERROR
[2009-02-09 09:36:03] The address iopca.com ( 174.137.132.45 ) was changed to: ERROR
[2009-02-09 09:48:22] The address jxxjj.cn ( ns.1w.cn , jxxjj.cn / 221.130.201.9 ) was changed to: ERROR
[2009-02-09 12:51:13] The address xmlpihy.net ( ERROR ) was changed to:
        69.16.116.94 =
        72.34.4.115 = dunlaprb-pool1-115.mtco.com
        69.10.155.222 = peopleschurchofmontreal.org
        204.94.86.74 = sprint-204-94-86-74.smf.ragingwire.net
[2009-02-09 13:08:10] The address zuyviu.org ( ERROR ) was changed to:
        75.126.137.166 = domaincontext.com
        212.158.162.5 = node-212-158-162-5.caravan.ru
[2009-02-09 15:41:55] The address jxxjj.cn ( ERROR ) was changed to: ns.1w.cn , jxxjj.cn
        221.130.201.9 =
[2009-02-11 17:27:06] The address eexlifooo.com ( ERROR ) was changed to:
        74.55.100.7 = 7.64.374a.static.theplanet.com
[2009-02-11 23:55:29] The address qrtrfgr.com ( ERROR ) was changed to:
        74.55.100.7 = 7.64.374a.static.theplanet.com
[2009-02-12 01:49:27] The address uldhoic.cn ( 69.64.147.14 ) was changed to:
        69.64.147.210 =
[2009-02-12 13:41:41] The address shavy.cn ( 218.61.204.206 ) was changed to:
        218.61.204.215 =
[2009-02-12 23:41:14] The address mylecqfa.cn ( 69.64.147.16 ) was changed to:
        69.64.147.208 =
[2009-02-13 04:12:44] The address wuiatp.cn ( 69.64.147.17 ) was changed to:
        69.64.147.207 =
[2009-02-14 04:04:12] The address hjuninikba.com ( 62.213.110.9 ) was changed to: ERROR
[2009-02-14 07:10:38] The address hjuninikba.com ( ERROR ) was changed to:
        62.213.110.9 =
[2009-02-14 09:42:28] The address ddkss.cn ( ns.1w.cn , ddkss.cn / 221.130.201.9 ) was changed to: ERROR
[2009-02-14 12:44:26] The address ddkss.cn ( ERROR ) was changed to: ns.1w.cn , ddkss.cn
        221.130.201.9 =
[2009-02-15 11:06:07] The address cnlqi.cn ( 59.60.148.154 / 59.60.150.170 ) was changed to:
        74.208.167.98 = u15335338.onlinehome-server.com
[2009-02-16 08:21:38] The address uldhoic.cn ( 69.64.147.210 ) was changed to:
        69.64.147.14 =
[2009-02-16 09:23:16] The address ddkss.cn ( ns.1w.cn , ddkss.cn / 221.130.201.9 ) was changed to: ERROR
[2009-02-16 11:22:53] The address uldhoic.cn ( 69.64.147.14 ) was changed to:
        69.64.147.210 =
[2009-02-16 12:21:39] The address cnlqi.cn ( 74.208.167.98 ) was changed to: ERROR
[2009-02-16 12:25:43] The address ddkss.cn ( ERROR ) was changed to: ns.1w.cn , ddkss.cn
        221.130.201.9 =
[2009-02-16 15:30:47] The address cnlqi.cn ( ERROR ) was changed to:
        74.208.167.98 = u15335338.onlinehome-server.com
[2009-02-17 12:59:13] The address mylecqfa.cn ( 69.64.147.208 ) was changed to:
        69.64.147.16 =
[2009-02-17 16:02:47] The address mylecqfa.cn ( 69.64.147.16 ) was changed to:
        69.64.147.208 =
[2009-02-18 02:17:41] The address uldhoic.cn ( 69.64.147.210 ) was changed to:
        69.64.147.14 =
[2009-02-18 05:18:05] The address uldhoic.cn ( 69.64.147.14 ) was changed to:
        69.64.147.210 =
[2009-02-18 06:15:07] The address cnlqi.cn ( 74.208.167.98 ) was changed to:
        74.208.158.33 = www.enamelabs.com
[2009-02-19 10:36:00] The address cnlqi.cn ( 74.208.167.98 ) was changed to:
        74.208.158.33 = www.enamelabs.com
[2009-02-19 18:59:53] The address uldhoic.cn ( 69.64.147.210 ) was changed to:
        69.64.147.14 =
[2009-02-19 22:21:46] The address uldhoic.cn ( 69.64.147.14 ) was changed to:
        69.64.147.210 =
[2009-02-20 05:32:16] The address cnlqi.cn ( 74.208.158.33 ) was changed to:
        121.205.91.240 =
        121.205.91.241 =
[2009-02-20 11:46:49] The address cnlqi.cn ( 121.205.91.240 / 121.205.91.241 ) was changed to:
        74.208.164.251 =
[2009-02-21 10:11:07] The address cnlqi.cn ( 74.208.167.98 ) was changed to:
        74.208.164.251 =
[2009-02-21 15:35:50] The address uldhoic.cn ( 69.64.147.210 ) was changed to:
        69.64.147.14 =
[2009-02-21 18:52:47] The address uldhoic.cn ( 69.64.147.14 ) was changed to:
        69.64.147.210 =



No Comments


You need to be logged in to be able to post comments