Thursday, August 22, 2013

Domain: 2soe.ru

Observed a scan for this domain on: 22-Aug-2013

Source:


89.248.172.121 AS29073 Ecatel Network

Seen this IP before:

      1 hackwhatlol.cc
      1 edelion.su
      1 2soe.ru

IPtables Rule:

iptables --insert INPUT -p udp --dport 53 -m u32 --u32 "0x28&0xFFFFDFDF=0x0432534f && 0x2c&0xDFFFDFDF=0x45025255" -j DROP -m comment --comment "DROP DNS Q 2soe.ru"

See here for more rules.


Response:


238 A records in the 204.46.43.x range.


Name servers:


;; ANSWER SECTION:
2soe.ru. 43200 IN NS ns2.reg.ru.
2soe.ru. 43200 IN NS ns1.reg.ru.

;; ADDITIONAL SECTION:
ns1.reg.ru. 86400 IN A 31.31.205.55
ns2.reg.ru. 86400 IN A 31.31.205.56
ns1.reg.ru. 86400 IN A 31.31.204.52
ns1.reg.ru. 86400 IN A 144.76.40.132
ns1.reg.ru. 86400 IN A 31.31.205.39
ns2.reg.ru. 86400 IN A 31.31.204.37
ns2.reg.ru. 86400 IN A 88.212.207.122
ns1.reg.ru. 86400 IN A 88.212.207.121
ns2.reg.ru. 86400 IN A 31.31.204.25


Whois:

domain:        2SOE.RU
nserver:       ns1.reg.ru.
nserver:       ns2.reg.ru.
state:         REGISTERED, DELEGATED, UNVERIFIED
person:        Private Person
registrar:     REGRU-REG-RIPN
admin-contact: http://www.reg.ru/whois/admin_contact
created:       2013.08.06
paid-till:     2014.08.06
free-date:     2014.09.06
source:        TCI

Last updated on 2013.08.22 21:11:35 MSK



Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)