• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Anandtech.com domain-jacked?!

Status
Not open for further replies.
CZroe

CZroe

Lifer
Not exactly a forum problem but I figure I should report something like this here as well.

I typed "Anand" in my address bar in FireFox and picked "www.anandtech.com" from my past history. Instead of loading up the main page, I got a cyber-squatter's page. I instructed my brother to try it at his place with a different ISP and it loaded the normal front page even after flushing DNS cache and trying alternate servers.

I tried PINGing anandtech.com and www.anandtech.com and got two different IP addresses:
208.65.201.130 loads the proper AT front page but 208.91.197.27 takes me to searchdiscovered.com.

I began to think that my system was compromised and becan a MSE scan and checked my host file but I soon discovered that my smartphone was also doing it on my wireless network but not the cellular network. Somehow, I doubt someone hacked my router and specifically forwards that domain.

FWIW, I use Charter cable service. My brother uses NuLink and my cellular provider is AT&T. I only see Charter having this issue.
 
Have it pointing to that parked site with AT&T here. I went ahead and changed my DNS server to Google's 8.8.8.8 and it fixed it.
 
DNS changes can take hours to propagate through the network. It's likely changing your DNS to google will only temporarily remedy the situation.
 
i too thought anandtech.com domain was hacked.

using my pc, when i tried loading the website from my usual bookmarks, i got a page that showed it that domain was no longer in use. trying a manual search via Google didn't solve the problem as well.

the odd thing was, when i moved my USB dongle to my MacBook Air, there was no problem loading Anandtech.

does this mean, my PC has been compromised?
 
SweeJ said:
i too thought anandtech.com domain was hacked.

using my pc, when i tried loading the website from my usual bookmarks, i got a page that showed it that domain was no longer in use. trying a manual search via Google didn't solve the problem as well.

the odd thing was, when i moved my USB dongle to my MacBook Air, there was no problem loading Anandtech.

does this mean, my PC has been compromised?
Click to expand...

No. I think they changed IP's (can't remember what the old one was), and it just took a while for the update to get to different DNS servers as some have minimum TTL's of anywhere from 30 minutes to a few hours. That is out of AT's control, though doing this at 4AM would have been a better idea.
 
At least I know it's not me. I had this problem too. I clicked on my forums.anandtech.com history item, and came up with a NetSol parked page. However, the www. worked fine, I could get to the main site.

A friend of mine, could get to the forums. I asked him to do an nslookup, and he got the same IP that I did. However, when I punched that IP into the web browser, I still got the NS parked page. He said he was able to get to the forums with that IP.

I can understand DNS propegation issues, as that is surely what this was.

But why couldn't I get to the site via the IP address directly? That's bizarre.

Anyways, I rebooted both my main FIOS router, as well as my secondary DD-WRT router, and then rebooted my machines, and now I'm finally able to get back on to the forums.

What a pain in the neck.

I thought my routers were DNS-jacked.

Edit: I'm on Verizon FIOS in the NE.
 
VirtualLarry said:
A friend of mine, could get to the forums. I asked him to do an nslookup, and he got the same IP that I did. However, when I punched that IP into the web browser, I still got the NS parked page. He said he was able to get to the forums with that IP.

I can understand DNS propegation issues, as that is surely what this was.

But why couldn't I get to the site via the IP address directly? That's bizarre.
Click to expand...

Old IP of www.anandtech.com 208.91.197.27

New IP of www.anandtech.com 208.65.201.130

I just grabbed both when I noticed the main site wasn't working and flushed my DNS. The issue you and your friend experienced sounds like it could be routing tables being updated which would also hit different ISP's / networks at different times.
 
Last edited:
Here is what is looks like
vxxTJ.jpg
 
As some of you correctly deduced, what you saw was the result of our new DNS host propagating ahead of tomorrow's downtime. Nothing has been hijacked, and the new DNS information should be about (if not already) fully propagated.🙂
 
Status
Not open for further replies.

TRENDING THREADS

Back
Top