Cybercrime domains on IP?

See: sjfljjd dot com,113.10.172.235,ns2.dns.com dot cn,Criminals,
zgxfdx dot com,113.10.172.235,ns1.myhostadmin dot net,Parked/expired,
cccdu dot org,113.10.172.235,ns2.dns.com dot cn,Parked/expired,
Blacklisted: http://www.websicherheit.at/en/security-tools/web-security-test-scan-results/
web.hyld dot net,113.10.172.235,Parked/expired, → http://urlquery.net/report.php?id=8939776

On same AS: http://urlquery.net/report.php?id=34950 IDS for ET CURRENT_EVENTS CUTE-IE.html CutePack Exploit Kit Iframe for Landing Page Detected
but already gone: cccdu dot org,113.10.172.235,ns2.dns.com dot cn,Parked/expired, → Invalied License For This Domain Name
http://www.sitedossier.com/ip/113.10.172.235 → dns2.hyld do net,113.10.172.235,Criminals,
chinainfow dot com,Not in namespace, etc. etc. http://urlquery.net/report.php?id=8939845 (migrated?)

pol

… ok. So now what? Is this info meant for us or Avast employees?

Hi Propheticus,

Both that is.
I know for instance team member Milos is following my “eruptions” here.

But you can do it yourself on the kraken virustracker server, go here: http://www.kleissner.org/virustracker.html at the bottom of the page is the Classify Domains search form (via data dynamite) and you can give in any url, domain name etc. and the server there will come up with a classification: - either Parked/Expired or Collision or Suspended or FastFlux or Criminals or Sinkhole or Not in Namespace or Ghosted.

Please Note that Criminals note nothing more than active (up and active, not down or closed malcode!).

The search queries are open to the general public online, but in the first place these specific search queries are/were meant for security researchers and malbot analysts. But we all should get educated on website abuse and that is why I give this information here.

I think it is rather handy for those that are in third party website scanning of suspicious and/or malicious websites (cold reconnaissance) to know what they are up against from a classification system. Whether common users need such information is depending on their personal interest. ;D
As avast! av I would like to incorporate such a system apart from their malicious url database. Think of the benefits for blocking!
It is quite different for instance than how DrWeb’s malicious websites list for instance works.

polonus