Saturday, September 21, 2013

Domain: kiddy3233655.ru

89.248.174.54

Source:

Observed the first requests for this domain on September 21th from:

89.248.174.54 - Ecatel !


Response:

About 257 A records in the 204.46.43.x range.


IPtables rule:

iptables --insert INPUT -p udp --dport 53 -m u32 --u32 "0x28&0xFFDFDFDF=0x0c4b4944 && 0x2c&0xDFDFFFFF=0x44593332 && 0x30&0xFFFFFFFF=0x33333635 && 0x34&0xFFFFDFDF=0x35025255" -j DROP -m comment --comment "DROP DNS Q kiddy3233655.ru"

More rules here

Name servers:

kiddy3233655.ru.        43200   IN      NS      ns1.reg.ru.
kiddy3233655.ru.        43200   IN      NS      ns2.reg.ru.

;; ADDITIONAL SECTION:
ns1.reg.ru.             86399   IN      AAAA    2a00:f940::25
ns1.reg.ru.             86399   IN      A       31.31.205.39
ns2.reg.ru.             86399   IN      A       88.212.207.122
ns1.reg.ru.             86399   IN      A       31.31.204.37
ns2.reg.ru.             86399   IN      AAAA    2a00:f940::37
ns1.reg.ru.             86399   IN      A       31.31.205.55
ns1.reg.ru.             86399   IN      A       31.31.204.52
ns2.reg.ru.             86399   IN      A       144.76.40.132
ns2.reg.ru.             86399   IN      A       31.31.205.56
ns2.reg.ru.             86399   IN      A       198.100.149.22
ns1.reg.ru.             86399   IN      A       31.31.204.25
ns2.reg.ru.             86399   IN      A       31.31.205.74
ns1.reg.ru.             86399   IN      A       31.31.205.73


Whois:

domain:        KIDDY3233655.RU
nserver:       ns1.reg.ru.
nserver:       ns2.reg.ru.
state:         REGISTERED, DELEGATED, UNVERIFIED
person:        Private Person
registrar:     REGRU-REG-RIPN
admin-contact: http://www.reg.ru/whois/admin_contact
created:       2013.01.27
paid-till:     2014.01.27
free-date:     2014.02.27
source:        TCI

Last updated on 2013.09.22 00:56:37 MSK



Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)