On Thursday, May 25, 2006, 7:09:26 AM, Chris Santerre wrote:
Thanks, I actually sent this to the wrong list :) But does anyone know how to read er... yugoslavian? I don't want to Blacklist without knowing more about the site. Could be a free hoster or something.
I usually look at whois or DNS, but in this case there's nothing too useful:
Domain Name: ZORKA-OPEKA.CO.YU Namespace: ICANN Country Code Top Level Domain - http://www.icann.org TLD Info: See IANA Whois - http://www.iana.org/root-whois/yu.htm Registry: Registry information not yet configured Registrar: Registry information not yet configured Whois Server: (none) Name Server[from dns, dns ip]: NS3.LOOPIA.SE 194.9.94.245 Name Server[from dns, dns ip]: NS4.LOOPIA.SE 194.9.95.245
[DNS Information for ZORKA-OPEKA.CO.YU] Trying "ZORKA-OPEKA.CO.YU" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58580 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION: ;ZORKA-OPEKA.CO.YU. IN ANY
;; ANSWER SECTION: ZORKA-OPEKA.CO.YU. 59 IN NS ns4.loopia.se. ZORKA-OPEKA.CO.YU. 59 IN NS ns3.loopia.se.
;; AUTHORITY SECTION: ZORKA-OPEKA.CO.YU. 59 IN NS ns4.loopia.se. ZORKA-OPEKA.CO.YU. 59 IN NS ns3.loopia.se.
;; ADDITIONAL SECTION: ns3.loopia.se. 3599 IN A 194.9.94.245 ns4.loopia.se. 3599 IN A 194.9.95.245
Received 140 bytes from 216.151.192.1#53 in 3 ms
Non-authoritative answer: ZORKA-OPEKA.CO.YU origin = ns3.loopia.se mail addr = registry.loopia.se serial = 1146743921 refresh = 10800 retry = 3600 expire = 25200 minimum = 86400
Authoritative answers can be found from: ZORKA-OPEKA.CO.YU nameserver = ns3.loopia.se. ZORKA-OPEKA.CO.YU nameserver = ns4.loopia.se. ns3.loopia.se internet address = 194.9.94.245 ns4.loopia.se internet address = 194.9.95.245
Non-authoritative answer: Name: ZORKA-OPEKA.CO.YU Address: 195.178.52.202
Looks like it has about 7 google hits, so it's probably not a huge loss if blacklisted, especially if it's un-blacklisted when the phishing site goes away.
BTW, while the Soviet Union no longer exists, the .su domain still does, though we thought some of the domains on it were dubious.
Jeff C. -- Don't harm innocent bystanders.