Re: [swinog] Geldspielgesetz: 404 COMLOT renamed to GESPA? (or did they get hacked!?)

2021-07-07 Diskussionsfäden Jeroen Massar 
A small update: seems that somebody reconfigured it between 2021-06-21 
21:52 and 2021-06-21 22:52 and after that change it is now redirecting 
requests, so that the file is retrievable. (the breaking change was done 
around midnight 2021-06-03 btw), before there where 141 entries, with 
the swap 128 entries stayed, 13 have been removed, and 22 new ones 
addded, thus currently 150 entries, good list of casinos for gamblers 
too visit. Just like the old DMOZ days and other "Internet Directories" :)



$ wget -v https://blacklist.comlot.ch/blacklist.comlot.ch.pub
--2021-07-07 10:17:46--  https://blacklist.comlot.ch/blacklist.comlot.ch.pub
Resolving blacklist.comlot.ch (blacklist.comlot.ch)... 194.187.88.5
Connecting to blacklist.comlot.ch 
(blacklist.comlot.ch)|194.187.88.5|:443... connected.

HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://blocklist.gespa.ch/blocklist.gespa.ch.pub [following]
--2021-07-07 10:17:47--  https://blocklist.gespa.ch/blocklist.gespa.ch.pub
Resolving blocklist.gespa.ch (blocklist.gespa.ch)... 194.187.88.5
Connecting to blocklist.gespa.ch 
(blocklist.gespa.ch)|194.187.88.5|:443... connected.

HTTP request sent, awaiting response... 200 OK
Length: 2874 (2.8K) [application/octet-stream]
Saving to: ‘blacklist.comlot.ch.pub’

blacklist.comlot.ch.pub  100%[===>]   2.81K 
 --.-KB/sin 0s


2021-07-07 10:17:47 (32.7 MB/s) - ‘blacklist.comlot.ch.pub’ saved 
[2874/2874]



Still of course, no official word about this change...

Guess that fixing things is easier than communicating :)

Greets,
 Jeroen

--


On 2021-06-03 08:47, Jeroen Massar wrote:

Hi Folks,

Is there an official announcement that I missed?

Seems that blocklist.gespa.ch is the new place, and that all of 
comlot.ch now points to gespa.ch, but filenames have been renamed too.

(see previous brokeness email in the mailarchive for old details).

Considering neither is under admin.ch, cannot really say it is an 
official website either.


Anybody got an official update about this, or did they just break the 
system again? Cannot find any duckduckgoogle references either.


Why did Swiss Voters vote for this broken system if it is not working 
anyway? (it is not, because otherwise it is a perfect list to find your 
casinos that are 'illegal' or something)


All those poor* casino users that now have access to a bunch of 
unlicensed casinos... what a sad day again.



Greets,
   Jeroen

* = as the house always wins


-

$ wget -v https://blacklist.comlot.ch/blacklist.comlot.ch.pub
--2021-06-03 08:21:02--  
https://blacklist.comlot.ch/blacklist.comlot.ch.pub

Resolving blacklist.comlot.ch (blacklist.comlot.ch)... 194.187.88.5
Connecting to blacklist.comlot.ch 
(blacklist.comlot.ch)|194.187.88.5|:443... connected.

HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://blocklist.gespa.ch//blacklist.comlot.ch.pub [following]
--2021-06-03 08:21:03--  
https://blocklist.gespa.ch//blacklist.comlot.ch.pub

Resolving blocklist.gespa.ch (blocklist.gespa.ch)... 194.187.88.5
Connecting to blocklist.gespa.ch 
(blocklist.gespa.ch)|194.187.88.5|:443... connected.

HTTP request sent, awaiting response... 404 Not Found
2021-06-03 08:21:05 ERROR 404: Not Found.

-


It seems the "official specification" (comlot.ch redirects is gone):

https://www.gespa.ch/download/pictures/9a/e78461lvxuzcv82c505b1kpckd58pf/spezifikationen_fda_v1.pdf 



still have blocklist.comlot.ch in it.

Except for the URL itself, Google also finds nothing about this:
https://www.google.com/search?hl=en=%22blacklist.gespa.ch%22

$ dig +short comlot.ch
194.187.88.3
$ dig +short comlot.ch 

$ dig +short comlot.ch mx
10 mx.cmsbox.com.
$ dig +short comlot.ch ns
ns3.netstyle.ch.
ns1.netstyle.ch.
ns2.netstyle.ch.

$ dig +short gespa.ch a
194.187.88.3
$ dig +short gespa.ch 
2a00:c38:2:9f62::2:3
dig +short comlot.ch mx
10 mx.cmsbox.com.
$ dig +short gespa.ch ns
ns3.netstyle.ch.
ns2.netstyle.ch.
ns1.netstyle.ch.

I also gotta love the generic wildcard Let's Encrypt cert, though 
comlot.ch did that too


https://crt.sh/?q=gespa.ch
https://crt.sh/?q=comlot.ch

Looks like a rather generic hoster. Maybe the whole domain got hacked?





___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Geldspielgesetz: 404 COMLOT renamed to GESPA? (or did they get hacked!?)

2021-07-07 Diskussionsfäden Matthias Leisi 
> Still of course, no official word about this change...
> 
> Guess that fixing things is easier than communicating :)

And the list is still hilariously stupid.

It contains interwetten1.com  through 
interwetten10.com , but not interwetten10.com 
 through interwetten24.com 
, which all exist (at least in DNS). Many similar 
schemes in the list.

— Matthias


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] Geldspielgesetz: 404 COMLOT renamed to GESPA? (or did they get hacked!?)

2021-06-03 Diskussionsfäden Jeroen Massar 

Hi Folks,

Is there an official announcement that I missed?

Seems that blocklist.gespa.ch is the new place, and that all of 
comlot.ch now points to gespa.ch, but filenames have been renamed too.

(see previous brokeness email in the mailarchive for old details).

Considering neither is under admin.ch, cannot really say it is an 
official website either.


Anybody got an official update about this, or did they just break the 
system again? Cannot find any duckduckgoogle references either.


Why did Swiss Voters vote for this broken system if it is not working 
anyway? (it is not, because otherwise it is a perfect list to find your 
casinos that are 'illegal' or something)


All those poor* casino users that now have access to a bunch of 
unlicensed casinos... what a sad day again.



Greets,
  Jeroen

* = as the house always wins


-

$ wget -v https://blacklist.comlot.ch/blacklist.comlot.ch.pub
--2021-06-03 08:21:02--  https://blacklist.comlot.ch/blacklist.comlot.ch.pub
Resolving blacklist.comlot.ch (blacklist.comlot.ch)... 194.187.88.5
Connecting to blacklist.comlot.ch 
(blacklist.comlot.ch)|194.187.88.5|:443... connected.

HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://blocklist.gespa.ch//blacklist.comlot.ch.pub [following]
--2021-06-03 08:21:03--  https://blocklist.gespa.ch//blacklist.comlot.ch.pub
Resolving blocklist.gespa.ch (blocklist.gespa.ch)... 194.187.88.5
Connecting to blocklist.gespa.ch 
(blocklist.gespa.ch)|194.187.88.5|:443... connected.

HTTP request sent, awaiting response... 404 Not Found
2021-06-03 08:21:05 ERROR 404: Not Found.

-


It seems the "official specification" (comlot.ch redirects is gone):

https://www.gespa.ch/download/pictures/9a/e78461lvxuzcv82c505b1kpckd58pf/spezifikationen_fda_v1.pdf

still have blocklist.comlot.ch in it.

Except for the URL itself, Google also finds nothing about this:
https://www.google.com/search?hl=en=%22blacklist.gespa.ch%22

$ dig +short comlot.ch
194.187.88.3
$ dig +short comlot.ch 

$ dig +short comlot.ch mx
10 mx.cmsbox.com.
$ dig +short comlot.ch ns
ns3.netstyle.ch.
ns1.netstyle.ch.
ns2.netstyle.ch.

$ dig +short gespa.ch a
194.187.88.3
$ dig +short gespa.ch 
2a00:c38:2:9f62::2:3
dig +short comlot.ch mx
10 mx.cmsbox.com.
$ dig +short gespa.ch ns
ns3.netstyle.ch.
ns2.netstyle.ch.
ns1.netstyle.ch.

I also gotta love the generic wildcard Let's Encrypt cert, though 
comlot.ch did that too


https://crt.sh/?q=gespa.ch
https://crt.sh/?q=comlot.ch

Looks like a rather generic hoster. Maybe the whole domain got hacked?



___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog