[SURBL-Discuss] Start an IP list to block?

Chris Santerre csanterre at merchantsoverseas.com
Thu Sep 9 22:56:33 CEST 2004


OK, this isn't the first time we've had this discussion, but Raymond and I
felt this should be made public again. He ran thru some tests of 1500+
domains and found the following data. Looks like they maybe send from
zombies, and never their hosts. IPs are similar across the board. 

So is there a way to use the IP info in a good way? Could SA or SURBL do a
quick ping of the URL and match against a URL? This would allow us to simply
list 1 IP instead of all these domains.

(I'm well aware of virtual hosts! So only the filthiest of spammers would be
put on this IP list. Then their IP better boot them or anyone hosted on that
box would feel the rath of SURBL.)

--Chris


>
>See this list, most of them all use the same IP, pill spammers...
>
>abducted2550pirrs.com has address 219.254.32.111
>acdfiaj.info has address 219.254.32.69
>agronomy9603dryg.com has address 219.254.32.111
>arrowhead2272tads.com has address 219.254.32.111
>asdeczxa.com has address 219.254.32.97
>atonement9529pirrs.com has address 219.254.32.111
>auguring7087pirrs.com has address 219.254.32.111
>authorise5969rneds.us has address 219.254.32.111
>baby29.com has address 219.254.32.99
>baby30.com has address 219.254.32.99
>baby31.com has address 219.254.32.99
>baby32.com has address 219.254.32.99
>baby33.com has address 219.254.32.99
>baby34.com has address 219.254.32.99
>bankloanunitedtrust.com has address 219.254.32.115
>baroque9879biz.com has address 219.254.32.111
>baste7039tads.com has address 219.254.32.111
>befalling7627tads.com has address 219.254.32.111
>benzine6086dryg.com has address 219.254.32.111
>beyond735dryg.com has address 219.254.32.111
>boon3678rx.com has address 219.254.32.111
>boon3678rx.com has address 219.254.32.111
>brutally6279dryg.com has address 219.254.32.111
>bull2903pirrs.com has address 219.254.32.111
>bulrush5448nx.com has address 219.254.32.111
>burnie5422pinn.com has address 219.254.32.111
>buying4212pirrs.com has address 219.254.32.111
>cannery7310pinn.com has address 219.254.32.111
>chapter1224dryg.com has address 219.254.32.111
>childish7509tads.com has address 219.254.32.111
>cleat7228pirrs.com has address 219.254.32.111
>cobra133pirrs.com has address 219.254.32.111
>cocoa7878dryg.com has address 219.254.32.111
>collocutor9120dryg.com has address 219.254.32.111
>comparable6635tads.com has address 219.254.32.111
>crane4522dryg.com has address 219.254.32.111
>destitute6182drygs.com has address 219.254.32.111
>dhl7809tads.com has address 219.254.32.111
>diet33.com has address 219.254.32.99
>disbelief4546pinn.com has address 219.254.32.111
>disjoint5156drygs.com has address 219.254.32.111
>double182dryg.com has address 219.254.32.111
>dsmnfw.com has address 219.254.32.97
>duodenum1797nx.com has address 219.254.32.111
>earwax8995rneds.com has address 219.254.32.111
>edbhadj.info has address 219.254.32.69
>ejebemc.info has address 219.254.32.69
>embodiment6853rneds.com has address 219.254.32.111
>emerge2198dryg.com has address 219.254.32.111
>envumil.com has address 219.254.32.71
>euglena9723biz.us has address 219.254.32.111
>eventual5615tads.com has address 219.254.32.111
>fabled6151dryg.com has address 219.254.32.111
>faintly5417drygs.com has address 219.254.32.111
>faithless4562dryg.com has address 219.254.32.111
>fall3829nx.com has address 219.254.32.111
>fall3829nx.com has address 219.254.32.111
>gait1492pinn.com has address 219.254.32.111
>gjakwfal.com has address 219.254.32.77
>glassy5030nx.com has address 219.254.32.111
>grand2packz.com has address 219.254.32.121
>gui7176biz.com has address 219.254.32.111
>hayfield6948tads.com has address 219.254.32.111
>hayride5669nx.com has address 219.254.32.111
>healing7489biz.com has address 219.254.32.111
>higcijn.info has address 219.254.32.69
>highball9334tads.com has address 219.254.32.111
>home9724dryg.com has address 219.254.32.111
>humpback726pirrs.com has address 219.254.32.111
>imbed3506pinn.com has address 219.254.32.111
>indenting1562pill.com has address 219.254.32.111
>jetskiasl.com has address 219.254.32.77
>joliet5195biz.com has address 219.254.32.111
>kalmyk3865drygs.com has address 219.254.32.111
>kgajgieag.com has address 219.254.32.77
>laziness6976dryg.com has address 219.254.32.111
>lksdns.info has address 219.254.32.72
>luggage3300drygs.com has address 219.254.32.111
>mad1049biz.com has address 219.254.32.111
>madness1926tads.com has address 219.254.32.111
>med12now.com has address 219.254.32.111
>medic7.com has address 219.254.32.111
>medspro7.com has address 219.254.32.111
>mhjgcgd.info has address 219.254.32.69
>microchip9614biz.com has address 219.254.32.111
>milan1517biz.com has address 219.254.32.111
>monotone8601biz.com has address 219.254.32.111
>motto4080nx.com has address 219.254.32.111
>n4zyrtfast.com has address 219.254.32.121
>negater6398tads.com has address 219.254.32.111
>omni8306tads.com has address 219.254.32.111
>oneself5360pirrs.com has address 219.254.32.111
>optimize5129drug.com has address 219.254.32.111
>perigree4124biz.com has address 219.254.32.111
>phoneme6858biz.com has address 219.254.32.111
>pilz2004.com has address 219.254.32.111
>porno7775tads.com has address 219.254.32.111
>pottage6834pirrs.us has address 219.254.32.111
>prairie4725biz.com has address 219.254.32.111
>praise4m3ds.com has address 219.254.32.121
>pressman1177nx.com has address 219.254.32.111
>pretzel3736pills.com has address 219.254.32.111
>primness6560nx.us has address 219.254.32.111
>procuress4029pinn.com has address 219.254.32.111
>profligacy8404nx.com has address 219.254.32.111
>project2089biz.com has address 219.254.32.111
>prototypic6263nx.com has address 219.254.32.111
>qqqwertypoid.com has address 219.254.32.121
>quits8304drygs.com has address 219.254.32.111
>ram7888dryg.com has address 219.254.32.111
>rata2536tads.com has address 219.254.32.111
>recruited2055rneds.com has address 219.254.32.111
>replenish4787nx.com has address 219.254.32.111
>reset3166tads.com has address 219.254.32.111
>resist9528rneds.com has address 219.254.32.111
>rigor7247rneds.com has address 219.254.32.111
>rocked4915dryg.com has address 219.254.32.111
>rounded9866biz.com has address 219.254.32.111
>rustic9925rneds.com has address 219.254.32.111
>sable8898dryg.com has address 219.254.32.111
>safflower170dryg.com has address 219.254.32.111
>sahib5037biz.com has address 219.254.32.111
>saltine3407rneds.com has address 219.254.32.111
>sanguine882rneds.com has address 219.254.32.111
>sarah6314pirrs.com has address 219.254.32.111
>sash4453biz.com has address 219.254.32.111
>sealer6455biz.com has address 219.254.32.111
>sergeancy8489pinn.com has address 219.254.32.111
>sharper7539biz.com has address 219.254.32.111
>showplace1294pirrs.com has address 219.254.32.111
>shying1845biz.com has address 219.254.32.111
>sister31.com has address 219.254.32.99
>situp6764biz.com has address 219.254.32.111
>skunk9827drygs.com has address 219.254.32.111
>sky5490pirrs.com has address 219.254.32.111
>smnsdno.com has address 219.254.32.97
>soaker1916tads.com has address 219.254.32.111
>solaria8488nx.com has address 219.254.32.111
>soluble7830pinn.com has address 219.254.32.111
>speculate2541drygs.com has address 219.254.32.111
>spoilt7777rneds.com has address 219.254.32.111
>squares9697rx.com has address 219.254.32.111
>statutory1625pi11s.us has address 219.254.32.111
>stiffed5912tads.com has address 219.254.32.111
>stony4921rneds.com has address 219.254.32.111
>subjective1648biz.com has address 219.254.32.111
>sublunary1132nx.com has address 219.254.32.111
>sue3483pinn.com has address 219.254.32.111
>sufferable9011rneds.com has address 219.254.32.111
>summit4716drygs.com has address 219.254.32.111
>swaged5905biz.com has address 219.254.32.111
>techspyerase.biz has address 219.254.32.75
>tentative8691pinn.com has address 219.254.32.111
>terminable3646drygs.com has address 219.254.32.111
>them1275pinn.com has address 219.254.32.111
>tidiness6516drygs.com has address 219.254.32.111
>tiled2118rneds.com has address 219.254.32.111
>tingle3751drygs.com has address 219.254.32.111
>toaster7461drygs.com has address 219.254.32.111
>toothsome9441nx.com has address 219.254.32.111
>tragicomic8159drygs.com has address 219.254.32.111
>transient3126drygs.com has address 219.254.32.111
>trihedral2449rneds.com has address 219.254.32.111
>undefended7133pinn.com has address 219.254.32.111
>underload9603pirrs.com has address 219.254.32.111
>vcr1047pinn.com has address 219.254.32.111
>warriors221pinn.com has address 219.254.32.111
>wasserman5540pinn.com has address 219.254.32.111
>weaponless8185biz.com has address 219.254.32.111
>webgreencard.biz has address 219.254.32.75
>wetly3520pirrs.com has address 219.254.32.111
>winning7272tads.com has address 219.254.32.111
>yarmulke7279biz.com has address 219.254.32.111
>zulu5812pinn.com has address 219.254.32.111
>
>akianapikas.org has address 201.12.78.140
>akianapotkasi.org has address 201.12.78.140
>akianasayara.org has address 201.12.78.140
>akianasofikals.org has address 201.12.78.140
>bertikasenofakel.org has address 201.12.78.140
>bertikasfenium.org has address 201.12.78.140
>bertikasfrakles.org has address 201.12.78.140
>bertikaskitaros.org has address 201.12.78.140
>bertikasporchma.org has address 201.12.78.140
>bertikaspotkasi.org has address 201.12.78.140
>bertikassayara.org has address 201.12.78.140
>biscamasornamiolis.org has address 201.12.78.140
>blacomanikas.org has address 201.12.78.140
>bortsimisbortsimis.org has address 201.12.78.140
>bortsimisfenium.org has address 201.12.78.140
>bortsimisinacalo.org has address 201.12.78.140
>bortsimispazda.org has address 201.12.78.140
>bortsimispitovshe.org has address 201.12.78.140
>bortsimispritkeras.org has address 201.12.78.140
>bortsimissimptomps.org has address 201.12.78.140
>bortsimisvaldisimus.org has address 201.12.78.140
>coolorgfunky.org has address 201.12.78.140
>crosstonfalls.org has address 201.12.78.140
>directionasios.org has address 201.12.78.140
>enofakelfrakles.org has address 201.12.78.140
>enofakelinacalo.org has address 201.12.78.140
>enofakelporchma.org has address 201.12.78.140
>enofakelpotkasi.org has address 201.12.78.140
>enofakelsofikals.org has address 201.12.78.140
>enomybertikas.org has address 201.12.78.140
>enomybortsimis.org has address 201.12.78.140
>enomyenofakel.org has address 201.12.78.140
>enomyfenium.org has address 201.12.78.140
>enomynimphos.org has address 201.12.78.140
>enomyownaros.org has address 201.12.78.140
>enomypazda.org has address 201.12.78.140
>enomypoises.org has address 201.12.78.140
>enomyxesros.org has address 201.12.78.140
>fagonyakiana.org has address 201.12.78.140
>fagonyxesros.org has address 201.12.78.140
>fakilafapinatos.org has address 201.12.78.140
>falloutstudios.org has address 201.12.78.140
>fbgba3kglads.org has address 201.12.78.140
>feniuminacalo.org has address 201.12.78.140
>feniumpotkasi.org has address 201.12.78.140
>feniumpritkeras.org has address 201.12.78.140
>feniumsofikals.org has address 201.12.78.140
>feniumtronits.org has address 201.12.78.140
>feniumxesros.org has address 201.12.78.140
>fraklesneynano.org has address 201.12.78.140
>fraklespikas.org has address 201.12.78.140
>fraklestronits.org has address 201.12.78.140
>halepoley.org has address 201.12.78.140
>inacalobertikas.org has address 201.12.78.140
>inacaloenomy.org has address 201.12.78.140
>inacalokitaros.org has address 201.12.78.140
>inacalomipatarios.org has address 201.12.78.140
>inacalopoises.org has address 201.12.78.140
>inacalosayara.org has address 201.12.78.140
>inacalosofikals.org has address 201.12.78.140
>inacalovaldisimus.org has address 201.12.78.140
>indakitosbortsimis.org has address 201.12.78.140
>indakitosenofakel.org has address 201.12.78.140
>indakitosinacalo.org has address 201.12.78.140
>indakitospoises.org has address 201.12.78.140
>indakitosxesros.org has address 201.12.78.140
>katanataropikas.org has address 201.12.78.140
>kitarosfenium.org has address 201.12.78.140
>kitarosmipatarios.org has address 201.12.78.140
>kitarosvaldisimus.org has address 201.12.78.140
>lopikranius.org has address 201.12.78.140
>manicsenofakel.org has address 201.12.78.140
>manicssofikals.org has address 201.12.78.140
>manicsvaldisimus.org has address 201.12.78.140
>mipatariosakiana.org has address 201.12.78.140
>mipatariosbortsimis.org has address 201.12.78.140
>mipatariossimptomps.org has address 201.12.78.140
>mipatariostronits.org has address 201.12.78.140
>neynanopotkasi.org has address 201.12.78.140
>nimphosfrakles.org has address 201.12.78.140
>nimphosinacalo.org has address 201.12.78.140
>nimphosindakitos.org has address 201.12.78.140
>nimphospoises.org has address 201.12.78.140
>nimphosxesros.org has address 201.12.78.140
>noahomakila.org has address 201.12.78.140
>ownarosfrakles.org has address 201.12.78.140
>ownarosneynano.org has address 201.12.78.140
>ownarosownaros.org has address 201.12.78.140
>ownarosporchma.org has address 201.12.78.140
>ownarossofikals.org has address 201.12.78.140
>ownarosxesros.org has address 201.12.78.140
>pazdaenomy.org has address 201.12.78.140
>pazdafrakles.org has address 201.12.78.140
>pazdanimphos.org has address 201.12.78.140
>pazdaownaros.org has address 201.12.78.140
>pazdapikas.org has address 201.12.78.140
>pikasfagony.org has address 201.12.78.140
>pikaskitaros.org has address 201.12.78.140
>pikasownaros.org has address 201.12.78.140
>pikasporchma.org has address 201.12.78.140
>pikassofikals.org has address 201.12.78.140
>pikasxesros.org has address 201.12.78.140
>pitovshebortsimis.org has address 201.12.78.140
>poisesbortsimis.org has address 201.12.78.140
>poisesfenium.org has address 201.12.78.140
>poisesneynano.org has address 201.12.78.140
>poisesnimphos.org has address 201.12.78.140
>poisesownaros.org has address 201.12.78.140
>poisespazda.org has address 201.12.78.140
>poisespikas.org has address 201.12.78.140
>poisespotkasi.org has address 201.12.78.140
>poisespritkeras.org has address 201.12.78.140
>poisesvaldisimus.org has address 201.12.78.140
>polisheneynano.org has address 201.12.78.140
>polishepoises.org has address 201.12.78.140
>porchmafenium.org has address 201.12.78.140
>porchmainacalo.org has address 201.12.78.140
>porchmaindakitos.org has address 201.12.78.140
>porchmamanics.org has address 201.12.78.140
>porchmaownaros.org has address 201.12.78.140
>porchmapikas.org has address 201.12.78.140
>porchmaxesros.org has address 201.12.78.140
>postfallshotels.org has address 201.12.78.140
>potkasimipatarios.org has address 201.12.78.140
>potkasiownaros.org has address 201.12.78.140
>potkasipotkasi.org has address 201.12.78.140
>potkasipritkeras.org has address 201.12.78.140
>pritkerasenofakel.org has address 201.12.78.140
>pritkerasmipatarios.org has address 201.12.78.140
>pritkerasnimphos.org has address 201.12.78.140
>pritkeraspoises.org has address 201.12.78.140
>pritkerassofikals.org has address 201.12.78.140
>pritkerasxesros.org has address 201.12.78.140
>sayaraenofakel.org has address 201.12.78.140
>sayaramipatarios.org has address 201.12.78.140
>sayarapoises.org has address 201.12.78.140
>sayarasofikals.org has address 201.12.78.140
>simptompsakiana.org has address 201.12.78.140
>simptompsfenium.org has address 201.12.78.140
>simptompskitaros.org has address 201.12.78.140
>sofikalsfenium.org has address 201.12.78.140
>sofikalsindakitos.org has address 201.12.78.140
>sofikalsmanics.org has address 201.12.78.140
>sofikalsownaros.org has address 201.12.78.140
>sofikalspikas.org has address 201.12.78.140
>sofikalsvaldisimus.org has address 201.12.78.140
>sopinaskarantinas.org has address 201.12.78.140
>testneworg.org has address 201.12.78.140
>tronitsindakitos.org has address 201.12.78.140
>tronitspolishe.org has address 201.12.78.140
>tronitssayara.org has address 201.12.78.140
>tronitsxesros.org has address 201.12.78.140
>valdisimusbertikas.org has address 201.12.78.140
>valdisimusfenium.org has address 201.12.78.140
>valdisimuspazda.org has address 201.12.78.140
>valdisimuspitovshe.org has address 201.12.78.140
>valdisimusporchma.org has address 201.12.78.140
>valdisimussofikals.org has address 201.12.78.140
>xesrosfrakles.org has address 201.12.78.140
>xesrosnimphos.org has address 201.12.78.140
>xesrospitovshe.org has address 201.12.78.140
>xesrospoises.org has address 201.12.78.140
>xesrosporchma.org has address 201.12.78.140
>
>mypillsbrand.com has address 200.139.104.4
>mypillsvalue.com has address 200.139.104.4
>mypillsvalues.com has address 200.139.104.4
>mypillswebsite.com has address 200.139.104.4
>mythingscentral.com has address 200.139.104.4
>ourpillscomplete.com has address 200.139.104.4
>ourpillscompleted.com has address 200.139.104.4
>ourpillsdirect.com has address 200.139.104.4
>ourpillsforme.com has address 200.139.104.4
>ourpillshome.com has address 200.139.104.4
>ourpillsnet.com has address 200.139.104.4
>ourpillsweb.com has address 200.139.104.4
>ourpillswebsites.com has address 200.139.104.4
>thepillsforall.com has address 200.139.104.4
>thepillsspot.com has address 200.139.104.4
>thepillswebsites.com has address 200.139.104.4
>yourpills2k.com has address 200.139.104.4
>yourthings2k.com has address 200.139.104.4
>yourthingscentral.com has address 200.139.104.4
>
>49fmsas.com has address 221.143.42.199
>49fmsas.com has address 221.143.42.178
>95j63s.com has address 221.143.42.199
>95j63s.com has address 221.143.42.178
>fbb4all.info has address 221.143.42.87
>flhiot.com has address 221.143.42.178
>flhiot.com has address 221.143.42.199
>freeblackberry.info has address 221.143.42.87
>gbhew.com has address 221.143.42.199
>gbhew.com has address 221.143.42.178
>lendingflow.net has address 221.143.42.34
>lqeriod.com has address 221.143.42.199
>lqeriod.com has address 221.143.42.178
>mypills2k.com has address 221.143.42.246
>mypills4all.com has address 221.143.42.50
>mythings2004.com has address 221.143.42.246
>mythings2k.com has address 221.143.42.50
>ourpillsfarm.com has address 221.143.42.246
>ourpillslive.com has address 221.143.42.246
>ourpillsmall.com has address 221.143.42.50
>ourpillswebs.com has address 221.143.42.246
>realfreemobile.us has address 221.143.42.87
>reoigb.com has address 221.143.42.199
>reoigb.com has address 221.143.42.178
>thepillsabsolute.com has address 221.143.42.50
>thepillsforus.com has address 221.143.42.246
>thepillssupply.com has address 221.143.42.246
>thepillswebsitess.com has address 221.143.42.246
>thoweu.com has address 221.143.42.178
>thoweu.com has address 221.143.42.199
>tnjjrtw.com has address 221.143.42.199
>tnjjrtw.com has address 221.143.42.178
>tnoiero.com has address 221.143.42.199
>tnoiero.com has address 221.143.42.178
>yourpillsvalue.com has address 221.143.42.50
>yourpillswebs.com has address 221.143.42.246
>yourthingschoice.com has address 221.143.42.246
>yourthingscompleted.com has address 221.143.42.246
>yourthingsdepot.com has address 221.143.42.50
>yourthingsfarm.com has address 221.143.42.246
>yourthingsspot.com has address 221.143.42.246
>ytuow.com has address 221.143.42.199
>ytuow.com has address 221.143.42.178
>
>attractivebodysite.com has address 219.129.20.250
>beautyherbalimplement.com has address 219.129.20.208
>beautysupporters.com has address 219.129.20.208
>bestofhealthproducts.com has address 219.129.20.250
>bestproductclicks.com has address 219.129.20.250
>bodypamperingproducts.com has address 219.129.20.208
>doomedtobeauty.com has address 219.129.20.250
>everycan.com has address 219.129.20.247
>fitbodyinfo.com has address 219.129.20.250
>galamedicalherbs.com has address 219.129.20.208
>genialsolutionweb.com has address 219.129.20.250
>globalwellnessnews.com has address 219.129.20.250
>glossypharmaproducts.com has address 219.129.20.250
>greatfreeinfoblast.com has address 219.129.20.250
>greenleafshealth.com has address 219.129.20.208
>healthmegasuperstore.com has address 219.129.20.250
>healthorizon.com has address 219.129.20.208
>healthpluswellness.com has address 219.129.20.250
>healthproductslideshow.com has address 219.129.20.208
>healthydayitems.com has address 219.129.20.208
>healthydaymall.com has address 219.129.20.208
>healthydayneccesity.com has address 219.129.20.250
>idvitedtojoinherbsclub.com has address 219.129.20.208
>loudhealthmessage.com has address 219.129.20.250
>masshealthboom.com has address 219.129.20.250
>mosttrustedherbalsite.com has address 219.129.20.208
>newwealthline.com has address 219.129.20.208
>singletrustedsite.com has address 219.129.20.250
>superseductionproducts.com has address 219.129.20.208
>supporthealthproduct.com has address 219.129.20.208
>ultrasumpleproducts.com has address 219.129.20.208
>uniquelifechoice.com has address 219.129.20.250
>vitalhealthitems.com has address 219.129.20.208
>vividimportantitems.com has address 219.129.20.208
>waytoamazefriends.com has address 219.129.20.250
>worldunitedhealth.com has address 219.129.20.250
>yourwellnesscontainer.com has address 219.129.20.250
>
>Bye,
>Raymond.
>


More information about the Discuss mailing list