I get a valid answer as well: Tracing to phishtank.com[a] via 127.0.0.1, maximum of 3 retries 127.0.0.1 (127.0.0.1) |\___ auth3.opendns.com [phishtank.com] (208.69.39.2) Got authoritative answer |\___ auth2.opendns.com [phishtank.com] (208.67.219.54) Got authoritative answer \___ auth1.opendns.com [phishtank.com] (38.99.14.20) Got authoritative answer
auth1.opendns.com (38.99.14.20) phishtank.com -> 66.135.40.79 auth2.opendns.com (208.67.219.54) phishtank.com -> 66.135.40.79 auth3.opendns.com (208.69.39.2) phishtank.com -> 66.135.40.79 What'd I'd do is throw it in your hosts file temporarily until DNS behaves On Sunday 25 March 2007 15:53, Tim wrote: > Looks fine for me: > > ------------ > > ; <<>> DiG 9.3.4 <<>> phishtank.com > ;; global options: printcmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26391 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;phishtank.com. IN A > > ;; ANSWER SECTION: > phishtank.com. 42 IN A 66.135.40.79 > > ;; Query time: 4 msec > ;; SERVER: 10.0.1.1#53(10.0.1.1) > ;; WHEN: Sun Mar 25 15:49:29 2007 > ;; MSG SIZE rcvd: 47 > > ------------- > > Do some of you happen to have a poisoned MS or Symantec DNS cache > upstream of you? (See [1] fmi.) > > tim > > > 1. http://www.incidents.org/presentations/dnspoisoning.html > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
