Sunday, December 5, 2010

What Domains did ICE Shut Down?

I was curious; which actual sites did the Attorney General shut down?  Well each seized domain has had its name servers' IPs replaced with 74.81.170.109 and 74.81.170.108.  So the closest I could get, was to use a tool to find the A records that aim at a particular IP and see all the names those IPs are going by.  (Looking up the PTR doesn't work, so you gotta be a little sneaky.)

If you do this on NS1, you get a list of ns1.somedomain.tld entries in the resulting web page, and if you copy and paste the list into a text file you can clean it up like this

  ` cat textfile | awk {'print $1'} | grep -i ns1 `

Which currently (Sunday, December 5, 2010, 23:30 GMT) results in only thirty seized domains' name servers and ns1.seizedservers.com itself:

ns1.2009jerseys.com
ns1.51607.com
ns1.amoyhy.com
ns1.bishoe.com
ns1.borntrade.com
ns1.boxedtvseries.com
ns1.boxset4less.com
ns1.burberryoutlet-us.com
ns1.burberryoutletshop.com
ns1.cartoon77.com
ns1.coachoutletfactory.com
ns1.dajaz1.com
ns1.dvdorderonline.com
ns1.dvdprostore.com
ns1.handbag9.com
ns1.handbagcom.com
ns1.jersey-china.com
ns1.lifetimereplicas.com
ns1.louis-vuitton-outlet-store.com
ns1.mydreamwatches.com
ns1.oebags.com
ns1.realtimberland.com
ns1.rmx4u.com
ns1.seizedservers.com
ns1.skyergolf.com
ns1.sunogolf.com
ns1.throwbackguy.com
ns1.tieonsale.com
ns1.topabuy.com
ns1.torrent-finder.com
ns1.usaoutlets.net

I am definitely doing something wrong -- that's significantly less than the 82 being reported by most bloggers.  Naturally, the government has no comments on what domains they've seized.  (I'm not sure I like the sekrit-p0lice implications of that.)  Also interesting to note, they're running both google analytics and piwik on their take-down notice page.

No comments:

Post a Comment