Investigating domain names your unsure of

CallMeCurious · March 14, 2021, 12:02pm

I apologize if there is thread out there on this. I couldn't find one in the search.

I'm looking for some community guidance on determining what could be whitelisted or should be blacklisted. Its a broad question I know. I'm trying to understand what processes / tools are helpul in making that decision. Currently its just a block and watch approach to see if the site breaks. I have started to use nslookup with whois but its pretty broad info. One site I saw this morning:

prd-collector-anon.ex.co

The name, and the number of hits caught my attention. I left my PC on overnight with one website up and this was hitting several hundred times an hour. I've not seen it before and all I can see is that it belongs to Amazon. I have it currently blocked.

Is there anything else can can be ran / looked up to provide better info?

Thanks.

jfb · March 14, 2021, 1:58pm

There are a few tools you can use here.

(1) This online tool to show which blocklists contain a specific domain. In your case, a few blocklists contain that domain, so somebody thinks that is a domain to be blocked.

(2) Web search for that domain name. This usually shows some results from security sites, etc and you will likely find some discussion about the domain.

Where do you see this?

CallMeCurious · March 14, 2021, 4:45pm

I did an nslookup on the site and then checked the IPs using whois.

system · March 21, 2021, 4:46pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.