[AfrICANN-discuss] U.S. Government Seizes BitTorrent Search Engine Domain and More

Alex Gakuru gakuru at gmail.com
Sat Nov 27 06:52:05 SAST 2010 

Don't if you're still on NCUC list? anyway here goes...

On Sat, Nov 27, 2010 at 7:34 AM, Robin Gross <robin at ipjustice.org> wrote:

> The latest info that I've seen is that Verisign assigned new DNS servers
> at the Registry level, and then locked the domain so that even the Registrar
> can't update it.  So now it looks like it may have been VeriSign who
> "seized" them.  No word on ICANN's role in this situation, if any.
>
>
>
> On Nov 26, 2010, at 8:29 PM, Marc Perkel wrote:
>
> So was it ICANN that actually did the seizing?
>
>
On Sat, Nov 27, 2010 at 7:13 AM, McTim <dogwallah at gmail.com> wrote:

> Morning Alex,
>
> I find this very curious.
>
> We all know (or should know) that ICANN or more properly (the IANA)
> cannot physically make this change, as they do not have access to the
> .com zone file to physically make this change.
>
> So, either GoDaddy is lying aboout ICANN making the change, or they
> meant that the order came from ICANN, which, as we all know is not the
> way things should be done.  If GoDaddy has an order from ICANN, I
> would love to see it, more likely, GoDaddy got an order from a court
> ordering them to do this.
>
> There is another possibility, this is possibly a hoax, or social
> engineering attack.
>
> Looking in the DNS I see that whois shows that the original
> registrant, torrent finder still owns the domain, so the domain was
> not "seized", but the DNS was redirected seemingly by a private
> company whose domain (seized Domain.com) was registed on 24 Nov,
> seemingly by a private company.  If you lok at the IP address whois,
> that block is registered to another private company, so there is no
> evidence that this was done by a USG body....very curious indeed.
> Does the USG outsource  "seizures" of this kind??  I would think they
> would use their own IP ranges and web servers.  It looks very fishy to
> me!!
>
> anyway here is the DNS and whois data:
>
> dig torrent-finder.com
>
> ; <<>> DiG 9.3.2 <<>> torrent-finder.com
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 168
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;torrent-finder.com.            IN      A
>
> ;; ANSWER SECTION:
> torrent-finder.com.     15089   IN      A       74.81.170.110
>
> ;; AUTHORITY SECTION:
> torrent-finder.com.     15089   IN      NS      ns2.torrent-finder.com.
> torrent-finder.com.     15089   IN      NS      ns1.torrent-finder.com.
>
> ;; ADDITIONAL SECTION:
> ns1.torrent-finder.com. 15089   IN      A       74.81.170.109
> ns2.torrent-finder.com. 15089   IN      A       74.81.170.108
>
> ;; Query time: 234 msec
> ;; SERVER: 196.200.16.2#53(196.200.16.2)
> ;; WHEN: Sat Nov 27 06:41:35 2010
> ;; MSG SIZE  rcvd: 120
>
> dig @ns1.torrent-finder.com ANY torrent-finder.com
>
> ; <<>> DiG 9.3.2 <<>> @ns1.torrent-finder.com ANY torrent-finder.com
> ; (1 server found)
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1312
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;torrent-finder.com.            IN      ANY
>
> ;; ANSWER SECTION:
> torrent-finder.com.     86400   IN      A       74.81.170.110
> torrent-finder.com.     86400   IN      SOA     torrent-finder.com.
> noreply.seizeddomain. 2010111801 86400 3600 604800 10800
> torrent-finder.com.     86400   IN      NS      ns2.torrent-finder.com.
> torrent-finder.com.     86400   IN      NS      ns1.torrent-finder.com.
>
> ;; ADDITIONAL SECTION:
> ns1.torrent-finder.com. 86400   IN      A       74.81.170.109
> ns2.torrent-finder.com. 86400   IN      A       74.81.170.108
>
> ;; Query time: 437 msec
> ;; SERVER: 74.81.170.109#53(74.81.170.109)
> ;; WHEN: Sat Nov 27 06:42:34 2010
> ;; MSG SIZE  rcvd: 176
>
>
> C:\Documents and Settings\Administrator>whois -h whois.arin.net 74.81.170.110
> #
> # Query terms are ambiguous.  The query is assumed to be:
> #     "n 74.81.170.110"
>
>
> CaroNet Managed Hosting, Inc. CI-74-81-170-0-23 (NET-74-81-170-0-1)
> 74.81.170.0 - 74.81.171.255
> Carolina Internet, Ltd. CARO-NET-ARIN-4 (NET-74-81-160-0-1)
> 74.81.160.0 - 74.81.191.255
>
>
> #
> # ARIN WHOIS data and services are subject to the Terms of Use
> # available at: https://www.arin.net/whois_tou.html
> #
>
>
> C:\Documents and Settings\Administrator>dig @ns1.torrent-finder.com
> ANY SEIZEDSERVERS.COM
>
> ; <<>> DiG 9.3.2 <<>> @ns1.torrent-finder.com ANY SEIZEDSERVERS.COM
> ; (1 server found)
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 740
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;SEIZEDSERVERS.COM.             IN      ANY
>
> ;; ANSWER SECTION:
> SEIZEDSERVERS.COM.      86400   IN      A       74.81.170.110
> SEIZEDSERVERS.COM.      86400   IN      SOA     SEIZEDSERVERS.COM.
> noreply.seizeddomain. 2010111801 86400 3600 604800 10800
> SEIZEDSERVERS.COM.      86400   IN      NS      ns1.SEIZEDSERVERS.COM.
> SEIZEDSERVERS.COM.      86400   IN      NS      ns2.SEIZEDSERVERS.COM.
>
> ;; ADDITIONAL SECTION:
> ns1.SEIZEDSERVERS.COM.  86400   IN      A       74.81.170.109
> ns2.SEIZEDSERVERS.COM.  86400   IN      A       74.81.170.108
>
> ;; Query time: 500 msec
> ;; SERVER: 74.81.170.109#53(74.81.170.109)
> ;; WHEN: Sat Nov 27 06:53:13 2010
> ;; MSG SIZE  rcvd: 175
>
>
>
>
> whois -h whois.networksolutions.com SEIZEDSERVERS.COM
>
> Registrant:
> immixGroup IT Solutions
>   ATTN SEIZEDSERVERS.COM
>   care of Network Solutions
>   PO Box 459
>   Drums, PA.  US  18222
>
>
>   Domain Name: SEIZEDSERVERS.COM
>
>
>   Administrative Contact, Technical Contact:
>      immixGroup IT Solutions
> ha3cf8td8vj at networksolutionsprivateregistration.com
>      ATTN SEIZEDSERVERS.COM
>      care of Network Solutions
>      PO Box 459
>      Drums, PA 18222
>      US
>      570-708-8780
>
>
>   Record expires on 24-Nov-2011.
>   Record created on 24-Nov-2010.
>   Database last updated on 26-Nov-2010 22:38:17 EST.
>
>   Domain servers in listed order:
>
>   NS1.SEIZEDSERVERS.COM        74.81.170.109
>   NS2.SEIZEDSERVERS.COM        74.81.170.108
>
>
>
> --
> Cheers,
>
> McTim
> "A name indicates what we seek. An address indicates where it is. A
> route indicates how we get there."  Jon Postel
> _______________________________________________
> AfrICANN mailing list
> AfrICANN at afrinic.net
> https://lists.afrinic.net/mailman/listinfo.cgi/africann
>



-- 
regards,

Alex Gakuru
http://www.mwenyeji.com
Hosting, surprise yourself!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.afrinic.net/pipermail/africann/attachments/20101127/a386ece3/attachment-0001.htm

More information about the AfrICANN mailing list