Anyone ever hear of this top-level domain -> .sjdc ???


V

Virus Guy

If you do an rdns on 150.70.75.28, you'll see that it points to
wtp-g3-maya2.sjdc.

So my question is - what the heck is the .sjdc TLD?

It looks like it's located in Japan.

Like my previous post regarding the sdi.trendnet.org web-proxy (which is
also in Japan, and for which nobody here has indicated what sort of
Trendnet product could be behind that proxy), the above IP address is
also performing what looks like web-proxy services for what I think is
an instutional entity.
 
Ad

Advertisements

F

FromTheRafters

Virus said:
If you do an rdns on 150.70.75.28, you'll see that it points to
wtp-g3-maya2.sjdc.

So my question is - what the heck is the .sjdc TLD?

It looks like it's located in Japan.

Like my previous post regarding the sdi.trendnet.org web-proxy (which is
also in Japan, and for which nobody here has indicated what sort of
Trendnet product could be behind that proxy), the above IP address is
also performing what looks like web-proxy services for what I think is
an instutional entity.
San Jose.
 
F

FromTheRafters

Virus said:
If you do an rdns on 150.70.75.28, you'll see that it points to
wtp-g3-maya2.sjdc.

So my question is - what the heck is the .sjdc TLD?

It looks like it's located in Japan.

Like my previous post regarding the sdi.trendnet.org web-proxy (which is
also in Japan, and for which nobody here has indicated what sort of
Trendnet product could be behind that proxy), the above IP address is
also performing what looks like web-proxy services for what I think is
an instutional entity.
http://extremetracking.com/vdf011.htm?antoner&&18 Jul, Mon, 11:24:00,,150.70.75.28,,wtp-g3-maya2.sjdc,,TREND MICRO INCORPORATED,,North America,,United States,,us,,California,,San Jose,,Unknown,,ie,,MSIE 6,,xp,,Windows XP,,1920x1200,,32 Bit (16.7M),,Enabled,,,,,,,,13,,37
 
Ad

Advertisements

V

Virus Guy

FromTheRafters said:
San Jose.
Asia Pacific Network Information Centre APNIC-ERX-150-1-0-0
(NET-150-1-0-0-1) 150.1.0.0 - 150.101.255.255

Asia Pacific Network Information Centre APNIC-ERX-150
(NET-150-0-0-0-0) 150.0.0.0 - 150.255.255.255

ip2location.com says 150.70.75.28 is Tokyo (Japan).

And still - nobody knows what the hell .sjdc is as a TLD?
 
F

FromTheRafters

Virus said:
Asia Pacific Network Information Centre APNIC-ERX-150-1-0-0
(NET-150-1-0-0-1) 150.1.0.0 - 150.101.255.255

Asia Pacific Network Information Centre APNIC-ERX-150
(NET-150-0-0-0-0) 150.0.0.0 - 150.255.255.255

ip2location.com says 150.70.75.28 is Tokyo (Japan).

And still - nobody knows what the hell .sjdc is as a TLD?
It's a mystery. :blush:\
 
V

Virus Guy

So it's just a bullshit rDNS record.

Traceroute to 150.70.75.28 gives this IP as the last hop:

216.99.132.117

Guess who owns that ip. Yup - Trend Micro.

For some reason, Trend Micro likes to operate their web-proxy security
products (if that's what this is) on servers located in Japan...
 
V

Virus Guy

IIRC, Trend is a Japanese company. Perhaps *that* is the reason! ;-)

This might help! http://en.wikipedia.org/wiki/Trend_Micro
Huh.

And I thought Trend Micro was a US company.

It looks like I'm seeing the behavior of this product:

http://www.scmagazine.com/trend-micro-interscan-web-security/review/2672/

=======
1/7/2009

The InterScan Web Security Virtual Appliance (IWSVA) is a gateway
solution providing protection for web-based threats via HTTP and FTP.
The product is delivered as a CD, but installs as a purpose built
virtual appliance.

Price: $13,450 (1,000 users)
======

From your wikipedia entry:

======
Website administrators however report abusive behavior from the Trend
Micro Network that is displaying malware characteristics. Reported
behavior[7] indicates security risks for users of Trend Micro Internet
Security who access internet banking facilities.
======
 
Ad

Advertisements

V

Virus Guy

David H. Lipman said:
Try this one on for size...

xn----jtbewcdgkdy.xn--p1ai --> 81.177.139.173
DNS xn----jtbewcdgkdy.xn--p1ai --> 81.177.139.173

rDNS 81.177.139.173 --> srv68-h-st.jino.ru

===================

The domain name ?? (romanized as rf [2]) is Cyrillic country code
top-level domain in the Domain Name System of the Internet for the
Russian Federation. In the Domain Name System it has the ASCII DNS name
xn--p1ai. The domain accepts only Cyrillic subdomain applications, and
is the first Cyrillic implementation of the Internationalizing Domain
Names in Applications (IDNA) system. The domain became operational on
May 13, 2010.[3]

The domain has an ascii representation of xn--p1ai derived as Punycode
for use in the Domain Name System.
 
Ad

Advertisements


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top