193.106.174.220 and 91.194.214.66 and are a pair of IP addresses that appear to be involved in injection attacks, possibly distributing the Blackhole exploit kit.
Blocking these two IPs as a precaution is probably a good idea. A full list of the known domains on those two servers is at the bottom of the post, but blocking access to the following domains is an easy shortcut to block most of them:
cu.cc
ddns.me.uk
orge.pl
dyndns-office.com
mrface.com
ns01.us
ns02.us
myftp.name
ddns.name
itsaol.com
port25.biz
Full list:
91.194.214.66
pikapika.cu.cc
adsense-google.cu.cc
mariocart.cu.cc
79574.mynumber.org
ghjgh.ddns.me.uk
rotterdam.osa.pl
1asd-patricia.orge.pl
1benz-pizza.orge.pl
1napoleon-wizard.orge.pl
3mercury-joyce.orge.pl
1pad-george.orge.pl
2melissa-file.orge.pl
1develop-profile.orge.pl
2tomato-june.orge.pl
3fourier-steph.orge.pl
2nagel-earth.orge.pl
1patty-traci.orge.pl
2berliner-mark.orge.pl
3banks-pork.orge.pl
2professor-criminal.orge.pl
1pencil-reagan.orge.pl
3beauty-noreen.orge.pl
3academic-caren.orge.pl
2shuttle-berlin.orge.pl
1gnu-nutrition.orge.pl
1ingrid-eiderdown.orge.pl
1beethoven-uucp.orge.pl
3field-summer.orge.pl
2signature-commrades.orge.pl
3daemon-sharks.orge.pl
1discovery-simpsons.orge.pl
2inna-elephant.orge.pl
3banks-elephant.orge.pl
3surfer-stuttgart.orge.pl
1tammy-nyquist.orge.pl
3memory-new.orge.pl
3kristin-andy.orge.pl
1pork-larry.orge.pl
1arlene-symmetry.orge.pl
1lori-symmetry.orge.pl
1phone-ersatz.orge.pl
zxczxcz.mrface.com
googl933.dyndns-office.com
tested23.acmetoy.com
zelenij.mypicture.info
mobiliti.ns01.us
cxqweq.ns02.us
193.106.174.220
andre12.myftp.name
aswaz.ddns.name
google2.itsaol.com
sw2sa.port25.biz
Leave a reply
