Investigating domain names your unsure of

I apologize if there is thread out there on this. I couldn't find one in the search.

I'm looking for some community guidance on determining what could be whitelisted or should be blacklisted. Its a broad question I know. I'm trying to understand what processes / tools are helpul in making that decision. Currently its just a block and watch approach to see if the site breaks. I have started to use nslookup with whois but its pretty broad info. One site I saw this morning:

prd-collector-anon.ex.co

The name, and the number of hits caught my attention. I left my PC on overnight with one website up and this was hitting several hundred times an hour. I've not seen it before and all I can see is that it belongs to Amazon. I have it currently blocked.

Is there anything else can can be ran / looked up to provide better info?

Thanks.

There are a few tools you can use here.

(1) This online tool to show which blocklists contain a specific domain. In your case, a few blocklists contain that domain, so somebody thinks that is a domain to be blocked.

https://blocklist-tools.developerdan.com/entries/search?q=prd-collector-anon.ex.co

(2) Web search for that domain name. This usually shows some results from security sites, etc and you will likely find some discussion about the domain.

Where do you see this?

I did an nslookup on the site and then checked the IPs using whois.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.