These people should run Split-horizon DNS;
| Host | Wrong IP address | Reason |
|---|---|---|
| 2a04-6ec0-231-bef0-8144-fa26-7a52-6bff.dynamic6.isp.ropa.net | :: | IPv6 Unconfigured |
| none.underplatform.com | 192.168.6.177 | RFC 1918 |
| ns1.chirkom.uz | 192.168.20.159 | RFC 1918 |
| ns1.dynamic.canonical.com | 10.141.90.243 | RFC 1918 |
| ns1.mftrdns.com | ::ffff:103.220.89.34 | IPv4-mapped IPv6 addresses |
| ns1.nettally.com | fd41:a5ab:fd39:809e:7cd3:2c3a:42c2:bb55 | IPv6 Unique Local |
| ns2.chirkom.uz | 192.168.20.38 | RFC 1918 |
| ns2.nettally.com | fd41:a5ab:fd39:809e:3db4:ec9b:a0a3:5866 | IPv6 Unique Local |
| rdns02.yyz.d-zone.ca | 10.153.14.24 | RFC 1918 |
| resolv-ixc-1.hoztnode.net | 172.31.112.229 | RFC 1918 |
| resolv-ixc-2.hoztnode.net | 172.31.112.230 | RFC 1918 |
| sas-1d4.yndx.net | 10.212.18.22 | RFC 1918 |
| sas-e2.yndx.net | 10.212.9.2 | RFC 1918 |
Last update: Tue 12 May 06:02:01 UTC 2026
You can block answers like these with Bind's 'deny-answer-addresses' feature;
deny-answer-addresses {
// Unconfigured
0.0.0.0;
// RFC 1918
10.0.0.0/8;
172.16.0.0/12;
192.168.0.0/16;
// RFC 3927
169.254.0.0/16;
// IPv6
// :: to ::ffff:ffff:ffff.
// Includes ::, ::1, IPv4-Compatible IPv6 Addresses ::/96,
// and IPv4-mapped IPv6 addresses ::ffff:0:0/96
::/80;
// RFC 6052
64:ff9b::/96;
// Reserved for Documentation
2001:db8::/32;
// IPv6 Unique Local
fc00::/7;
// IPv6 Link local
fe80::/10;
// IPv6 Site local
fec0::/10;
// Your IPv6 address range(s)
Net/Mask
} except-from { "Your.Domain"; };
deny-answer-aliases { "Your.Domain"; };
The produces log entries like;
Aug 21 19:31:01 sput named[1601]: answer address 10.0.0.100 denied for spacefon.com/A/IN
Not blocking these addresses can be a serious security risk.