DNS Lookup

Discussion in 'Useful Things' started by Miyuki, Feb 1, 2007.

  1. Ben

    Ben Samurai

  2. Mr Unnatural

    Mr Unnatural New Member

  3. De Master Yoda

    De Master Yoda Administrator Staff Member

    nirsoft.net.


    Website nirsoft.net
    Domain Hash ff396ff6f62ad65a4b0315efe84a5a8d
    IP Address 69.73.166.124 [SCAN]
    IP Hostname static-124-166-73-69.nocdirect.com
    IP Country US (United States)
    AS Number 3595
    AS Name GNAXNET-AS - Global Net Access, LLC
    Detections 1 / 23 (4 %)
    Status SUSPICIOUS


    Scanning site with: VSCAN DETECTED WARNING.
     
  4. De Master Yoda

    De Master Yoda Administrator Staff Member

    hxxp://headertool.apelord.com/ Is no longer active as far as I am aware.

    Its security was in question so it is best not to use it even if it comes back.
     
  5. Techmaster

    Techmaster Ninja


    Sorry Master Yoda, but this is one time I have to disagree. I think you might be getting a false positive somewhere, as I've been using Ipnetinfo for three years now, along with quite a few of their other tools. There could be a piece of software on their site that might be suspicious, but it would be something that might have slipped by them accidentally. All in all, I believe the site is on the level and nothing there is intended to be malicious. They have been around for a long time and if their intentions were less than wholesome, they wouldn't be around today. Just my honest opinion.
     
  6. De Master Yoda

    De Master Yoda Administrator Staff Member

    It may be, so I did another scan with the same result.

    Report 2011-08-30 08:01:08 (GMT 1)
    Website nirsoft.net
    Domain Hash ff396ff6f62ad65a4b0315efe84a5a8d
    IP Address 69.73.166.124 [SCAN]
    IP Hostname static-124-166-73-69.nocdirect.com
    IP Country US (United States)
    AS Number 3595
    AS Name GNAXNET-AS - Global Net Access, LLC
    Detections 1 / 23 (4 %)
    Status SUSPICIOUS
    Scanning site with: VSCAN DETECTED.
    The date is not todays but should still be relevant.


    I then did a scan of the IP

    Report 2011-09-17 07:29:09 (GMT 1)
    IP Address 69.73.166.124
    IP Hostname static-124-166-73-69.nocdirect.com
    IP Country US
    AS Number N/A
    AS Name N/A
    Detections 1 / 26 (4 %)
    Status SUSPICIOUS

    Scanning IP with: MyWOT DETECTED

    Maybe we need to do further checks, I can only report the results that I found.
     
  7. Mr Unnatural

    Mr Unnatural New Member

    Some of their tools do get picked up by some antivirus software but I suspect it's because of their behaviour in ferretting out info rather than true viral activity.

    I hope so anyway: for one thing I use a lot of the tools and for another, how good would it look if my first post sent everyone to a virus site! :)
     
  8. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

  9. Techmaster

    Techmaster Ninja

    I understand completely, due to the outrageous number of web sites out there that are viral. I stumble across infected sites all the time, and the new safe search shield in the newly released AVG 2012 (I use the free edition) has been doing a remarkable job in stopping exploit codes from executing. But I still think there is nothing to be feared with this particular site. However, it always pays to be cautious. It's common for criminals to hack into clean web sites and inject their viral codes into them.
     
  10. Dick H Box

    Dick H Box Samurai

    Passive Recon

    This is a Firefox add-on that loads & searches the URL of the target site using several different tools, e.g. CentralOps, Netcraft, DomainTools, Robtex, amongst other sites, all with the click of a mouse on the PR icon. Simple, safe & quick, it saves having to copy-&-paste anything, & does not communicate with the target site at all from your machine.


    https://addons.mozilla.org/en-US/firefox/addon/passiverecon
     
  11. Reverandwheelspin

    Reverandwheelspin New Member

    Here is a good link to check the domain host for scam domains setup, to look like banks for example. Report them and hopefully watch the domain get suspended. Great feeling....

    http://www.domainwhitepages.com/
     

Share This Page