nettime's_deadman_switch on Thu, 24 Jul 2008 03:48:35 +0200 (CEST) |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: <nettime> Karadzic's website digest [x3: Spaink, Wilson, Young] |
Re: <nettime> Karadzic's website Karin Spaink <[email protected]> "Matthew Wilson" <[email protected]> John Young <[email protected]> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - From: Karin Spaink <[email protected]> Subject: Re: <nettime> Karadzic's website Date: Wed, 23 Jul 2008 13:20:32 +0200 On Jul 23, 2008, at 04:53 , t byfield wrote: > <http://dragandabic.com/> > [..] > > Archive.org has never heard of it, and Dreamhost will very likely > dump it soon, so I've archived a copy at the URL below. I'm not sure the site is authentic. Look at the registration date: Domain Name: DRAGANDABIC.COM Registrar: ENOM, INC. Whois Server: whois.enom.com Referral URL: http://www.enom.com Name Server: NS1.DREAMHOST.COM Name Server: NS2.DREAMHOST.COM Name Server: NS3.DREAMHOST.COM Status: clientTransferProhibited Updated Date: 22-jul-2008 Creation Date: 22-jul-2008 Expiration Date: 22-jul-2009 >>> Last update of whois database: Wed, 23 Jul 2008 07:16:56 EDT <<< - K - [Woman embraces Christina] Christina: Ow. Ow. Ehm. Ow. Woman: Whoops. Sorry. Am I hurting you? Christina: Ehm, no. You're _touching_ me. - Grey's Antomy, s2e15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Date: Wed, 23 Jul 2008 17:06:37 +0200 From: "Matthew Wilson" <[email protected]> Subject: Re: <nettime> Karadzic's website Domain Name: DRAGANDABIC.COM Registrar: ENOM, INC. Whois Server: whois.enom.com Referral URL: http://www.enom.com Name Server: NS1.DREAMHOST.COM Name Server: NS2.DREAMHOST.COM Name Server: NS3.DREAMHOST.COM Status: clientTransferProhibited Updated Date: 22-jul-2008 Creation Date: 22-jul-2008 Expiration Date: 22-jul-2009 On 7/23/08, t byfield <[email protected]> wrote: > > <http://dragandabic.com/> <...> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Date: Wed, 23 Jul 2008 19:32:48 -0400 From: John Young <[email protected]> Subject: Re: <nettime> Karadzic's website A writes to Cryptome 23 July 2008: regarding the supposed dragan website, is it really a coincidence that it expires 22.09.2009 - was it registered yesterday for 1 year? A quick inspection of the HTTP headers show us that my request for his face: GET http://dragandabic.com/dragan-dabic.jpg HTTP/1.1 Host: dragandabic.com User-Agent: Mozilla/5.0 Accept: image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Charset:utf-8 Keep-Alive: 300 Proxy-Connection: keep-alive Referer: http://paranoia.no/ Gives this response: HTTP/1.1 200 OK Date: Wed, 23 Jul 2008 22:20:11 GMT Server: Apache/2.0.61 (Unix) PHP/4.4.7 mod_ssl/2.0.61 OpenSSL/0.9.7e mod_fastcgi/2.4.2 DAV/2 SVN/1.4.2 Last-Modified: Tue, 22 Jul 2008 13:49:36 GMT ETag: "2c68807-3ed2-18303c00" Accept-Ranges: bytes Content-Length: 16082 Content-Type: image/jpeg Last-Modified being the timestamp from the file on the server. And that it's registered to an obvious front for what looks like a registrar service, but whos webpages are all full of google ads for other registrars? Domain name: dragandabic.com Registrant Contact: Whois Privacy Protection Service, Inc. Whois Agent PMB 368, 14150 NE 20th St - F1 C/O dragandabic.com Bellevue, WA 98007 US Administrative Contact: Whois Privacy Protection Service, Inc. Whois Agent ([email protected]) +1.4252740657 Fax: +1.4256960234 PMB 368, 14150 NE 20th St - F1 C/O dragandabic.com Bellevue, WA 98007 US Technical Contact: Whois Privacy Protection Service, Inc. Whois Agent ([email protected]) +1.4252740657 Fax: +1.4256960234 PMB 368, 14150 NE 20th St - F1 C/O dragandabic.com Bellevue, WA 98007 US Status: Locked Name Servers: ns1.dreamhost.com ns2.dreamhost.com ns3.dreamhost.com Creation date: Expiration date: 22 Jul 2009 13:25:00 .. $ host -t mx whoisprivacyprotect.com whoisprivacyprotect.com mail is handled by 5 eforwardct.name-services.com. whoisprivacyprotect.com mail is handled by 10 eforward3.name-services.com. The web pages of name-services.com contains the same google ads farm as whoisprivacyprotect.com $ host eforwardct.name-services.com eforwardct.name-services.com has address 216.163.188.58 $ whois 216.163.188.58 OrgName: Commtouch Software Inc. OrgID: COMMTO Address: 2029 Stierlin Court City: Mountain View StateProv: CA PostalCode: 94303 Country: US NetRange: 216.163.176.0 - 216.163.191.255 CIDR: 216.163.176.0/20 NetName: COMMTOUCH-INC NetHandle: NET-216-163-176-0-1 Parent: NET-216-0-0-0-0 NetType: Direct Assignment NameServer: NS1.CTMAIL.COM NameServer: NS2.CTMAIL.COM Comment: RegDate: 1999-09-01 Updated: 2002-03-25 and as a final correlation for the theory of the whole thing being put together yesterday: $ host -t soa dragandabic.com dragandabic.com has SOA record ns1.dreamhost.com. hostmaster.dreamhost.com. 2008072202 16220 1800 1814400 14400 That's when dreamhost last edited the dns zone, 2008 07 22. And it was modified twice before on that day too - hence the "02" at the end, instead of "00" which would be the first edit of the day. A blatant hoax and nothing else. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # distributed via <nettime>: no commercial use without permission # <nettime> is a moderated mailing list for net criticism, # collaborative text filtering and cultural politics of the nets # more info: http://mail.kein.org/mailman/listinfo/nettime-l # archive: http://www.nettime.org contact: [email protected]