New ask Hacker News story: Ask HN: Domain taken over temporarily during transfer?
Ask HN: Domain taken over temporarily during transfer?
4 by wellthisisgreat | 1 comments on Hacker News.
I think I just encountered ephemeral DNS pirates or something. Is it common? Here is the story. I was transferring a domain name from some registrar to AWS. The configurations etc. there were untouched for years (so it was always just "page doesn't exist"). So the request went out, now "waiting for confirmation, can take up to 10 days etc.". For some cosmic reason I decide to check the URL of that domain in the browser. To my astonishment it loads and it's some crazy half-swedish half-turkish (I think) SEO bot page with some JPGed-out pics of belly-button and a working boot. There is an email address in the footer - abada@goodprizwomen.com (maybe not abada but similar sounding). I whois my domain - all DNS lookups, Nameservers look ok. I whois goodprizwomen.com - it is registered with Alibaba domain service. I contact the support of my registrar, that I am transferring the domain from, who after some 15 minutes admits that they have no idea how that has happened or who are those goodprizwomen. My (now ex-) registrar expedites the transfer, it clears and everything looks good now. So as I see this now - there are bots out there looking for domains with unlocked DNS, that they can take over for a couple minutes / days it takes for the transfer to clear. Ephemeral DNS pirates.
4 by wellthisisgreat | 1 comments on Hacker News.
I think I just encountered ephemeral DNS pirates or something. Is it common? Here is the story. I was transferring a domain name from some registrar to AWS. The configurations etc. there were untouched for years (so it was always just "page doesn't exist"). So the request went out, now "waiting for confirmation, can take up to 10 days etc.". For some cosmic reason I decide to check the URL of that domain in the browser. To my astonishment it loads and it's some crazy half-swedish half-turkish (I think) SEO bot page with some JPGed-out pics of belly-button and a working boot. There is an email address in the footer - abada@goodprizwomen.com (maybe not abada but similar sounding). I whois my domain - all DNS lookups, Nameservers look ok. I whois goodprizwomen.com - it is registered with Alibaba domain service. I contact the support of my registrar, that I am transferring the domain from, who after some 15 minutes admits that they have no idea how that has happened or who are those goodprizwomen. My (now ex-) registrar expedites the transfer, it clears and everything looks good now. So as I see this now - there are bots out there looking for domains with unlocked DNS, that they can take over for a couple minutes / days it takes for the transfer to clear. Ephemeral DNS pirates.
Comments
Post a Comment