Sunday, December 5, 2010

What Domains did ICE Shut Down?

I was curious; which actual sites did the Attorney General shut down?  Well each seized domain has had its name servers' IPs replaced with and  So the closest I could get, was to use a tool to find the A records that aim at a particular IP and see all the names those IPs are going by.  (Looking up the PTR doesn't work, so you gotta be a little sneaky.)

If you do this on NS1, you get a list of ns1.somedomain.tld entries in the resulting web page, and if you copy and paste the list into a text file you can clean it up like this

  ` cat textfile | awk {'print $1'} | grep -i ns1 `

Which currently (Sunday, December 5, 2010, 23:30 GMT) results in only thirty seized domains' name servers and itself:

I am definitely doing something wrong -- that's significantly less than the 82 being reported by most bloggers.  Naturally, the government has no comments on what domains they've seized.  (I'm not sure I like the sekrit-p0lice implications of that.)  Also interesting to note, they're running both google analytics and piwik on their take-down notice page.

No comments:

Post a Comment