Blackhole exploit kit on yhs.aws.intellij.net ?

A firewall gave a "red flag" for ip: 50.18.126.249:80

Jan 20 14:37    EXPLOIT-KIT Blackhole landing page with specific structure - prototype catch

with a url to this
http://community.websense.com/blogs/securitylabs/pages/black-hole-exploit-kit.aspx

"The Blackhole exploit kit is an "off-the-shelf" Web application that facilitates the delivery of malicious payloads."

$ host 50.18.126.249
249.126.18.50.in-addr.arpa domain name pointer yhs.aws.intellij.net.

Any reason for this ?

Please sign in to leave a comment.