Hello,
do you know if are the uceprotect's servers compromised?
I see these strange results:
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>>
42.215.85.209.dnsbl-3.uceprotect.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28044
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 11
;; QUESTION SECTION:
;42.215.85.209.dnsbl-3.uceprotect.net. IN A
;; ANSWER SECTION:
42.215.85.209.dnsbl-3.uceprotect.NET. 428316 IN A 176.107.178.7
;; AUTHORITY SECTION:
dnsbl-3.uceprotect.NET. 2249 IN NS
dns-cluster-5.uceprotect.net.
dnsbl-3.uceprotect.NET. 2249 IN NS
dns-cluster-1.uceprotect.net.
dnsbl-3.uceprotect.NET. 2249 IN NS
dns-cluster-2.uceprotect.net.
dnsbl-3.uceprotect.NET. 2249 IN NS
dns-cluster-3.uceprotect.net.
dnsbl-3.uceprotect.NET. 2249 IN NS
dns-cluster-4.uceprotect.net.
;; ADDITIONAL SECTION:
dns-cluster-4.uceprotect.NET. 1797 IN A 95.211.237.210
dns-cluster-4.uceprotect.NET. 1797 IN A 204.13.169.44
dns-cluster-4.uceprotect.NET. 1797 IN A 208.77.218.114
dns-cluster-4.uceprotect.NET. 1797 IN A 209.126.213.95
dns-cluster-5.uceprotect.NET. 372668 IN A 176.107.178.7
dns-cluster-1.uceprotect.NET. 372668 IN A 176.107.178.7
dns-cluster-2.uceprotect.NET. 372668 IN A 176.107.178.7
dns-cluster-3.uceprotect.NET. 1797 IN A 70.38.37.139
dns-cluster-3.uceprotect.NET. 1797 IN A 193.138.29.11
dns-cluster-3.uceprotect.NET. 1797 IN A 199.187.241.194
dns-cluster-3.uceprotect.NET. 1797 IN A 66.240.236.50
Many records resolve to 176.107.178.7, like
84.105.105.38.dnsbl-3.uceprotect.net.
Sorry, I know this is not uceprotect list, but I don't know how to
contact uceprotect, their contact form is unavailable.
It seems the problem starts on 30 october. Did you have noticed too
something about?
I think if you use uceprotect it's better to test the answer in
127.x.x.x address class...
Best Regards
Marco
