Nope, it would be pretty straightforward to set up a stateful dns server that serves the "real" ip on first request from a new client, and then ever subsequent request returns a local IP. That one dns server would enable an attack on anyone who visits the malicious site.
