Welcome to the Newschoolers forums! You may read the forums as a guest, however you must be a registered member to post. Register to become a member today!

NS just redirected me to spam

Troy.
Posts: 5070 - Karma: 12,545
Apr 4 2015 2:48PM

So, I tried to go to this link from My Threads (https://www.newschoolers.com/forum/thread/807452/Marker-Kingpin-). Briefly loaded the thread, then sent me to this website, which made hella dialogs and I had to force quit Chrome to get out of it. Is that on my computer, or somehow on NS's end?

23 2
lcoopman
Posts: 275 - Karma: 1,842
Apr 20 2015 6:53PM

I got some stuff toom

23 2
eheath
Posts: 61169 - Karma: 118,927
Apr 22 2015 2:36PM

Just got this while navigating the forum, i dont remember the exact thread but it was in SG i beleive

23 2
cornholio
Posts: 3952 - Karma: 3,057
Apr 23 2015 10:44AM

cornholiofirst page i went to this morning in got it..

it almost seems like it's the first time i visit the site each day.

23 2
.Rybak.
Posts: 9017 - Karma: 9,864
Apr 23 2015 11:02AM

It happened to me yesterday but this time there was a voice saying that i really needed to call the number on the page.

23 2
MOGULS...
Posts: 505 - Karma: 194
Apr 23 2015 11:17AM

.Rybak.It happened to me yesterday but this time there was a voice saying that i really needed to call the number on the page.

Same thing happened to me right about a minute ago. C'mon NS! I expect more from you!

23 2
Rparr
Posts: 5384 - Karma: 42,661
Apr 23 2015 11:30AM

Can confirm this is still happening to me too.

It usually happens when I open newschoolers for the first time in a day/ first time in several hours.

23 2
NH_OPERATOR
Posts: 1070 - Karma: 2,883
Apr 23 2015 3:29PM

Are these the correct IPs and name servers? DNS hijacking is becoming a more common way to do this kind of thing. Info article on it too http://dyn.com/blog/dns-101-explaining-how-hijacks-can-happen/

DiG 9.8.3-P1 newschoolers.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER

23 2
Mr.Bishop
Posts: 22671 - Karma: 75,832
Apr 23 2015 3:34PM

NH_OPERATORAre these the correct IPs and name servers? DNS hijacking is becoming a more common way to do this kind of thing. Info article on it too http://dyn.com/blog/dns-101-explaining-how-hijacks-can-happen/

DiG 9.8.3-P1 newschoolers.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER

That didn't finish posting, can you re-post?

23 2
Troy.
Posts: 5070 - Karma: 12,545
Apr 23 2015 3:40PM

NH_OPERATORAre these the correct IPs and name servers? DNS hijacking is becoming a more common way to do this kind of thing. Info article on it too http://dyn.com/blog/dns-101-explaining-how-hijacks-can-happen/

DiG 9.8.3-P1 newschoolers.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER

If you were adding more, then I apologize. This is what I stole from your comments earlier.

DNS hijacking is becoming a more common way to do this kind of thing DiG 9.8.3-P1 newschoolers.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER

23 2
MacMahoooon
Posts: 9009 - Karma: 3,305
Apr 23 2015 3:45PM

;; global options: +cmd

;; Got answer:

;; ->>HEADER- opcode: QUERY, status: NOERROR, id: 38960

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 6

;; QUESTION SECTION:

;newschoolers.com. IN A

;; ANSWER SECTION:

newschoolers.com. 86400 IN A 64.93.76.133

;; AUTHORITY SECTION:

newschoolers.com. 86400 IN NS ns15.dnsmadeeasy.com.

newschoolers.com. 86400 IN NS ns13.dnsmadeeasy.com.

newschoolers.com. 86400 IN NS ns12.dnsmadeeasy.com.

newschoolers.com. 86400 IN NS ns14.dnsmadeeasy.com.

newschoolers.com. 86400 IN NS ns10.dnsmadeeasy.com.

newschoolers.com. 86400 IN NS ns11.dnsmadeeasy.com.

;; ADDITIONAL SECTION:

ns10.dnsmadeeasy.com. 77460 IN A 208.94.148.4

ns11.dnsmadeeasy.com. 69731 IN A 208.80.124.4

ns12.dnsmadeeasy.com. 69731 IN A 208.80.126.4

ns13.dnsmadeeasy.com. 69731 IN A 208.80.125.4

ns14.dnsmadeeasy.com. 69731 IN A 208.80.127.4

ns15.dnsmadeeasy.com. 69731 IN A 208.94.149.4

23 2
MacMahoooon
Posts: 9009 - Karma: 3,305
Apr 23 2015 3:45PM

Seems to match proper Whois

23 2
nopoles
Posts: 2212 - Karma: 871
Apr 23 2015 3:48PM

Yes, those are the correct DNS servers for Newschoolers.com. (I know the message got cut off but Mr.Bishop forwarded me a copy of what you gave him).

The issue seems to be that users are being redirected from an NS page immediately after it loads. A DNS hijack wouldn't cause this, unless it was redirecting visitors to a proxy server that served our page with injected JS, which I think is unlikely. DNS hijacking would usually result in NS being completely unavailable for users affected by the malicious DNS responses. As far as we know, this isn't what users are experiencing.

23 2
NH_OPERATOR
Posts: 1070 - Karma: 2,883
Apr 23 2015 4:19PM

If they are doing it smartly, they will know they will get more hits long term from leaving the page working 90% of the time and only redirecting occasionally instead of wholesale redirecting all traffic all the time. You cannot use the whois to verify as they are both pulling from the same location. The system admin would know the proper servers though.

Anyway if you've already ruled out a DNS hijack them it would have to be a serverside issue. I can only help troubleshoot DNS =P

23 2
katrina
Posts: 2395 - Karma: 15,177
Apr 23 2015 5:03PM

i assumed it was jointly mine and internet porn's fault, im pleasantly surprised it is not :)

23 2
nopoles
Posts: 2212 - Karma: 871
Apr 24 2015 8:49AM

As far as I know *.dnsmadeeasy.com are the correct DNS servers for our domain. Control over our domain name is actually managed by the technical lead at TEN, so I will make 100% certain with them that this is correct. Thanks for the suggestion.

23 2
MORE ON NEWSCHOOLERS
Register About Contact Careers Privacy Policy Terms of Use
Copyright © 2024 Adventure Sports Network