Just checked wpad.sk. According to who.is domain has been updated recently. One of listed organizations is ptstrustee.com, which is specializing in hiding real identity of real domain owners.
As expected they're serving http://wpad.sk/wpad.dat. In that file there is reference to WPADblock.com project. But not sure if it's legit. Also in wpad.dat there are some regexps. If conditions are met it sets proxy-server to their server.
For me it's strange. Does anybody have experience from other tlds?
Is that perhaps a standard proxy autoconfig setup that just happens to be distributed by a domain named for the configuration format (rather than a malicious proxy exploiting tld fallback)?
As expected they're serving http://wpad.sk/wpad.dat. In that file there is reference to WPADblock.com project. But not sure if it's legit. Also in wpad.dat there are some regexps. If conditions are met it sets proxy-server to their server.
For me it's strange. Does anybody have experience from other tlds?