Honeypot DNS and amplification attacks

Last update: 2016-08-24 22:07:01 UTC

Low bandwidth open resolver server to observe DNS amplification attacks automatically, providing IP addresses target.
Warning: the table contains false positives and legitimate domains (ie. google.com, openresolverproject.org etc.).

Documentation | Target map | Latest attacks | Top 10 target IPs address | Top 10 target countries | Latest distinct FQDN collected | Top 100 FQDN collected

Documentation:

Target countries map



Latest DNS reflection attacks (see all)

Dateins IP ATTACKED ASN ASN org DNS Geo
2016-06-28 06:03:18104.85.165.120940AKAMAI-ASN1 , USa104-85-165-1.deploy.static.akamaitechnologies.comUS
2016-05-31 21:03:35202.106.83.1254808CHINA169-BJ China Unicom ...64.83.106.202.icbc.com.cnCN
2016-05-26 15:03:34219.142.91.1254847CNIX-AP China Networks In...n/aCN
2016-05-23 17:28:3560.247.99.2454847CNIX-AP China Networks In...0.99.247.60.icbc.com.cnCN
2016-05-21 01:48:34185.27.134.16234119WILDCARD-AS Wildcard UK L...16213427185.ifastnet.orgGB
2016-04-08 22:03:3485.111.30.1119121TTNET Turk Telekomunikasy...www.sahibinden.comTR
2016-03-31 07:33:33176.32.37.25151659ASBAXET LLC BAXET,RUn/aRU
2016-03-22 13:13:3346.252.194.18826496AS-26496-GO-DADDY-COM-LLC...ip-46-252-194-188.ip.secureserver.netNL
2016-03-16 15:38:3362.210.90.312876AS12876 ONLINE S.A.S.,FR62-210-90-3.rev.poneytelecom.euFR
2016-03-07 04:23:33109.163.224.343223VOXILITY Voxility S.R.L.,ROwww.voxility.comRO

Top 10 target IPs

# IP ATTACKED ASN ASN org DNS Geo
1669.31.20.7835994AKAMAI-AS Akamai Technolo...n/aUS
1269.31.20.7635994AKAMAI-AS Akamai Technolo...n/aUS
724.27.236.1377843TWCABLE-BACKBONE Time War...n/aUS
569.31.20.7535994AKAMAI-AS Akamai Technolo...n/aUS
5185.130.5.228203569SILK-AS Sindicate Group Ltd,LTn/aUNK
4186.2.164.30262254DANCOM LTDddos-guard.netRU
4104.255.67.21146664VOLUMEDRIVE VolumeDrive,USn/aUNK
4109.163.224.343223VOXILITY Voxility S.R.L.,ROwww.voxility.comRO
3104.96.1.5220940AKAMAI-ASN1 Akamai Intern...a104-96-1-52.deploy.static.akamaitechnologies.comUNK
3104.85.165.120940AKAMAI-ASN1 Akamai Intern...a104-85-165-1.deploy.static.akamaitechnologies.comUNK

Top 10 target countries

# Tld Geo
110USUS
38RURU
26NLNL
24UNKUNK
22FRFR
18CNCN
12BZBZ
12CACA
11DEDE
9GBGB

Latest distinct FQDN collected

FQDN Size Dateins
ycge.a7e60457.wc.syssec.rub.de (robtex, urlquery, urlvoid, virustotal, wot)752016-08-19
w046.1106324f.wc.syssec.rub.de (robtex, urlquery, urlvoid, virustotal, wot)752016-08-13
1p38.e7a70557.wc.syssec.rub.de (robtex, urlquery, urlvoid, virustotal, wot)752016-07-30
69jx.e7a70557.wc.syssec.rub.de (robtex, urlquery, urlvoid, virustotal, wot)752016-07-23
11244357-0-2081296634-722188061.ns.124-14-16-250-ns.dns-spider.ffdns.net (robtex, urlquery, urlvoid, virustotal, wot)1352016-07-19
11244354-0-2081296634-722188061.ns.124-14-16-250-ns.dns-spider.ffdns.net (robtex, urlquery, urlvoid, virustotal, wot)1352016-07-19
11244346-0-2081296634-722188061.ns.124-14-16-250-ns.dns-spider.myxns.cn (robtex, urlquery, urlvoid, virustotal, wot)1342016-07-19
11244353-0-2081296634-722188061.ns.124-14-16-250-ns.dns-spider.ffdns.net (robtex, urlquery, urlvoid, virustotal, wot)1352016-07-19
11244358-0-2081296634-722188061.ns.124-14-16-250-ns.dns-spider.ffdns.net (robtex, urlquery, urlvoid, virustotal, wot)1352016-07-19
11244359-0-2081296634-722188061.ns.124-14-16-250-ns.dns-spider.ffdns.net (robtex, urlquery, urlvoid, virustotal, wot)1352016-07-19

FQDN collected and corresponding amplification (Top 100)

+/- recursion, S signed, E EDNS0, D DNSSEC, CD/C checking
FQDN Size # Address Class Type Flags Dateins
lolwhatabeautifuldomain.btnpl.net (robtex, urlquery, urlvoid, virustotal, wot)3777613INANY+E2014-07-08
web3.ikrizzy.cu.cc (robtex, urlquery, urlvoid, virustotal, wot)266840INANY+E2014-07-16
downboot.xyz (robtex, urlquery, urlvoid, virustotal, wot)217451345INANY+E2016-05-31
thebestdomainintheworld.cloudns.eu (robtex, urlquery, urlvoid, virustotal, wot)217391344INANY+E2013-11-15
inboot.eu (robtex, urlquery, urlvoid, virustotal, wot)2026530INA+E2014-05-28
amp.crack-zone.ru (robtex, urlquery, urlvoid, virustotal, wot)92790INANY+E2013-12-22
remix-developement.com (robtex, urlquery, urlvoid, virustotal, wot)87111INANY+E2014-07-09
magas.bslrpg.com (robtex, urlquery, urlvoid, virustotal, wot)8263510INANY+E2014-05-15
ahuyehue.info (robtex, urlquery, urlvoid, virustotal, wot)8067490INANY+E2014-03-09
svist21.cz (robtex, urlquery, urlvoid, virustotal, wot)70681INANY+E2014-07-14
commerce.gov (robtex, urlquery, urlvoid, virustotal, wot)69741INANY+E2015-02-21
globe.gov (robtex, urlquery, urlvoid, virustotal, wot)69712INANY+E2014-12-15
067.cz (robtex, urlquery, urlvoid, virustotal, wot)67541INANY+E2014-07-10
gransy.com (robtex, urlquery, urlvoid, virustotal, wot)62701INANY+E2014-11-27
1x1.cz (robtex, urlquery, urlvoid, virustotal, wot)61711INANY+E2013-09-27
census.gov (robtex, urlquery, urlvoid, virustotal, wot)59371INANY+E2014-05-16
doc.gov (robtex, urlquery, urlvoid, virustotal, wot)59201INANY+E2013-10-12
amp2.hornyhf.cu.cc (robtex, urlquery, urlvoid, virustotal, wot)58120INANY+E2014-07-13
test.zong.co.ua (robtex, urlquery, urlvoid, virustotal, wot)57700INANY+E2014-06-04
zzxz.com.ru (robtex, urlquery, urlvoid, virustotal, wot)54251INANY+E2014-08-25
psg.com (robtex, urlquery, urlvoid, virustotal, wot)49451INANY+E2015-04-05
httrack.com (robtex, urlquery, urlvoid, virustotal, wot)48651INANY+E2015-03-09
sema.cz (robtex, urlquery, urlvoid, virustotal, wot)48551INANY+E2013-12-30
lalka.com.ru (robtex, urlquery, urlvoid, virustotal, wot)48511INANY+E2014-07-07
energystar.gov (robtex, urlquery, urlvoid, virustotal, wot)48111INANY+E2014-08-18
sandia.gov (robtex, urlquery, urlvoid, virustotal, wot)45461INANY+E2013-11-06
ietf.org (robtex, urlquery, urlvoid, virustotal, wot)45161INANY+E2013-10-11
infoblox.com (robtex, urlquery, urlvoid, virustotal, wot)44981INANY+E2014-05-22
ic3.gov (robtex, urlquery, urlvoid, virustotal, wot)44891INANY+E2015-06-05
bang.zong.co.ua (robtex, urlquery, urlvoid, virustotal, wot)4475270INANY+E2014-06-13
inboot.co (robtex, urlquery, urlvoid, virustotal, wot)44611INANY+E2015-02-20
cpsc.gov (robtex, urlquery, urlvoid, virustotal, wot)44541INANY+E2015-07-12
hajjamservices.us (robtex, urlquery, urlvoid, virustotal, wot)4432242INANY+E2016-06-18
socrata.com (robtex, urlquery, urlvoid, virustotal, wot)44311INANY+E2015-03-11
eda.gov (robtex, urlquery, urlvoid, virustotal, wot)44071INANY+E2015-04-09
vlch.net (robtex, urlquery, urlvoid, virustotal, wot)435116INTXT+E2014-12-09
hotpujcka.cz (robtex, urlquery, urlvoid, virustotal, wot)43451INANY+E2015-06-04
siska1.com (robtex, urlquery, urlvoid, virustotal, wot)4336257INANY+E2013-11-10
wapa.gov (robtex, urlquery, urlvoid, virustotal, wot)43171ANYANY+E2016-06-18
access-board.gov (robtex, urlquery, urlvoid, virustotal, wot)42891INANY+2015-10-09
36088.info (robtex, urlquery, urlvoid, virustotal, wot)4239256INANY+E2013-10-13
37349.info (robtex, urlquery, urlvoid, virustotal, wot)4239256INANY+E2013-10-16
io (robtex, urlquery, urlvoid, virustotal, wot)42181ANYANY+E2015-06-09
aa3247.com (robtex, urlquery, urlvoid, virustotal, wot)4167256INA+E2013-09-27
30259.info (robtex, urlquery, urlvoid, virustotal, wot)4166256INA+E2013-10-09
www.jrdga.info (robtex, urlquery, urlvoid, virustotal, wot)4154255INA+E2014-02-27
web.ikrizzy.cu.cc (robtex, urlquery, urlvoid, virustotal, wot)41500INANY+E2014-07-15
umad.nothink.cu.cc (robtex, urlquery, urlvoid, virustotal, wot)41500INANY+E2014-08-28
try.ikrizzy.cu.cc (robtex, urlquery, urlvoid, virustotal, wot)41500INANY+E2014-07-31
hek.heckbro.cu.cc (robtex, urlquery, urlvoid, virustotal, wot)41500INANY+E2014-10-10
bmw.digmehl.cu.cc (robtex, urlquery, urlvoid, virustotal, wot)41490INANY+E2014-10-28
bangtest.zong.co.ua (robtex, urlquery, urlvoid, virustotal, wot)4136250INANY+E2014-06-05
web.asdasd.cu.cc (robtex, urlquery, urlvoid, virustotal, wot)41300INANY+E2014-07-17
hold.mybig.mobi (robtex, urlquery, urlvoid, virustotal, wot)4126252INANY+E2014-07-10
fema.gov (robtex, urlquery, urlvoid, virustotal, wot)41091INANY+E2014-05-01
sukapadla.com.ru (robtex, urlquery, urlvoid, virustotal, wot)41081INANY+E2014-11-27
pizdaizda.com.ru (robtex, urlquery, urlvoid, virustotal, wot)41081INANY+E2014-12-08
fkfkfkfc.biz (robtex, urlquery, urlvoid, virustotal, wot)4107236INANY+E2014-03-08
rukojop.com.ru (robtex, urlquery, urlvoid, virustotal, wot)41061INANY+E2014-12-14
basjuk.com.ru (robtex, urlquery, urlvoid, virustotal, wot)41051INANY+E2014-12-03
pidarastik.ru (robtex, urlquery, urlvoid, virustotal, wot)41041INANY+E2015-01-13
a.packetdevil.com (robtex, urlquery, urlvoid, virustotal, wot)41030INANY+E2013-11-25
uzuzuu.ru (robtex, urlquery, urlvoid, virustotal, wot)41001INANY+E2015-01-14
martinimedianetwork.com (robtex, urlquery, urlvoid, virustotal, wot)40971INANY+E2015-06-04
ttrs.spb.ru (robtex, urlquery, urlvoid, virustotal, wot)40921INANY+E2014-11-20
lrc-pipec.com (robtex, urlquery, urlvoid, virustotal, wot)4083241INANY+E2013-11-16
sunrisecx.com (robtex, urlquery, urlvoid, virustotal, wot)4082250INA+E2015-05-05
reanimator.in (robtex, urlquery, urlvoid, virustotal, wot)4082240INA+E2013-11-01
ms08067.com (robtex, urlquery, urlvoid, virustotal, wot)4081250INA+E2015-05-16
sswew.co.uk (robtex, urlquery, urlvoid, virustotal, wot)4081242INANY+E2014-05-15
q1w.in (robtex, urlquery, urlvoid, virustotal, wot)4078250INA+E2015-07-08
amp.hornyhf.cu.cc (robtex, urlquery, urlvoid, virustotal, wot)40760INANY+E2014-07-13
somethingstrange.netfirms.com (robtex, urlquery, urlvoid, virustotal, wot)4073248INANY+E2014-07-07
admin.wilyee.com (robtex, urlquery, urlvoid, virustotal, wot)40731INTXT+E2014-04-15
eschenemnogo.com (robtex, urlquery, urlvoid, virustotal, wot)4070245INANY+E2013-11-21
dk (robtex, urlquery, urlvoid, virustotal, wot)40701INANY+E2015-10-29
cdnmyhost.com (robtex, urlquery, urlvoid, virustotal, wot)40591INANY+E2015-02-18
www.djcgrafix.netfirms.com (robtex, urlquery, urlvoid, virustotal, wot)4048248INA+E2014-08-16
jerusalem.netfirms.com (robtex, urlquery, urlvoid, virustotal, wot)4044248INA+E2014-08-05
pipcvsemnaher.com (robtex, urlquery, urlvoid, virustotal, wot)4039239INANY+E2013-10-18
defcon.org (robtex, urlquery, urlvoid, virustotal, wot)40391INANY+E2015-02-01
webpanel.sk (robtex, urlquery, urlvoid, virustotal, wot)40381INANY+E2014-07-31
gerdar3.ru (robtex, urlquery, urlvoid, virustotal, wot)40341INANY+E2014-02-19
onlyforyoumydear.btnpl.net (robtex, urlquery, urlvoid, virustotal, wot)40320INANY+E2014-07-14
zing.zong.co.ua (robtex, urlquery, urlvoid, virustotal, wot)4027242INANY+E2014-02-27
4khdtv.btnpl.net (robtex, urlquery, urlvoid, virustotal, wot)40220INANY+E2014-07-10
viareality.cz (robtex, urlquery, urlvoid, virustotal, wot)40191INANY+E2015-03-09
z4w.ru (robtex, urlquery, urlvoid, virustotal, wot)4016247INA+E2015-05-17
6z2.ru (robtex, urlquery, urlvoid, virustotal, wot)4016247INA+E2015-11-01
vizit-gamepro.ru (robtex, urlquery, urlvoid, virustotal, wot)40141INANY+ED2015-05-10
lifemotodrive.ru (robtex, urlquery, urlvoid, virustotal, wot)40141INANY+E2015-04-22
ironmen-style.ru (robtex, urlquery, urlvoid, virustotal, wot)40141INANY+ED2015-05-11
restorclub.ru (robtex, urlquery, urlvoid, virustotal, wot)40111INANY+ED2015-08-01
nhl.msk.su (robtex, urlquery, urlvoid, virustotal, wot)40101INANY+E2015-07-17
hajjamservices.xyz (robtex, urlquery, urlvoid, virustotal, wot)4010242INANY+E2015-10-13
mg1.pw (robtex, urlquery, urlvoid, virustotal, wot)4005245INA+E2015-04-25
r3a.es (robtex, urlquery, urlvoid, virustotal, wot)4005245INA+ED2015-03-21
jong.zong.co.ua (robtex, urlquery, urlvoid, virustotal, wot)4004242INANY+E2014-02-02
dong.zong.co.ua (robtex, urlquery, urlvoid, virustotal, wot)4004242INANY+E2014-01-13
fkfkfkfa.co.uk (robtex, urlquery, urlvoid, virustotal, wot)4004242INANY+E2014-01-15