Posted: Thu Jun 19, 2003 4:33 pm Post subject: Hijacked Web Site?
My wife is doing some graphics and development for a site called v-staffing.com.
When you visit the site currently the following message pops up allegedly as if it is from the web host:
Quote:
www.v-staffing.com is temporarily off line due to a misconfigured DNS, please check again in a little bit.
If you are the webmaster for www.v-staffing.com, please send an email to me with information on how to contact you so that I can redirect web traffic to your site for the duration of this condiditon. i need to know your web sites actual ip address because the one in your dns record is wrong. if you send it with your initial request, i can implement it faster. also, let me know if you want me to bounce email to your domain or collect it and save it for you. Please be patient, over 135 affected domains have been identified so far. The process is tedious for me.
Since you are here, feel free to surf the cooking database or play with the 6 degrees of kevin bacon (or any other actor).
The title of the web page lists the IP Address 208.170.71.73 and the email address that the message links to is webmaster@heigel.net
According to a WhoIs lookup, the DNS servers are listed as:
Quote:
Domain Name Servers:
NS1.IPOWERWEB.NET
NS1.IPOWERDNS.COM
NS2.IPOWERWEB.NET
These servers translate to the following addresses according to Ping results:
I still see the other message and it doesn't seem like it could be legit at all. The owners of the server also host the web site and own the DNS servers that the domain points to. If they have a problem with their DNS records they would just fix it- not set some message to try and get the domain owner to contact them.
Besides that if I wanted to contact the domain owner I would just pull up the WhoIs info and contact them- it takes 3 seconds.
Using a different computer connected through VPN to different DNS servers I see the v-staffing.org coming soon - 2003 message that you guys are referring to.
But, from my computer connected to Wide Open West I still get the mystery message and from the domain owners computer using Earthlink she is seeing the mystery message as well.
Who would you recommend reporting something like this to?
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum