I work for Name.com <http://www.Name.com/>. For the record, we didn't give into the attackers demands. The demands were to give them the domain and pretend it got "stolen". We worked with the customer to get the domain moved off of our network. It was either that or disable the domain so that the rest of our customers and our main site were no longer affected. We would have loved to have kept the domain under our control and defeat the attackers as well but unfortunately in this situation we were unable to.
EDIT: Rather than go line by line, we wrote up a blog post to answer any questions and be transparent about why we handled this the way we did: http://blog.name.com/2012/04/ddos-attack-post-analysis-and-introspection/
A quick google search shows the .io domain is considered "hot" with tech companies.
https://www.name.com/domains/io
http://www.name.com/blog/domains/2016/06/why-io-powerful-domain-choice/
> Anyone can register a .IO domain name, similar to .COM, .NET, or .ORG. To register a third-level .IO domain name you must be a resident of the British Indian Ocean Territory.
The domain price is steep at $99.
Unlike .cat where they require registrants to have something on their website about the Catalan language or the ability to read it in Catalan.
The second option being colonists from a breakaway civilization living on Jupiter's moon Io are churning out terrible mobile apps and games in a bid to control the minds of 21st century humans.
.io originates from the British Indian Ocean Territory. It's popular because it's shorter then a 3 letter TLD and because of I/O which is technical, hence the reason why many tech companys/startups go for an .io domain. (Read more about .io being popular)
In the beginning there weren't so much TLD's as there are now (27 pages full of TLD's). It used to be linked to a country and only restricted to those living/doing business in that country.
AFAIK the USA decided to divide it further, .com for commercial, .net was associated with everything network related (ISP's), .org for organisations (non-profit) but these guidelines were never enforced so everyone started using them whenever they liked. I guess today it doesn't really matter anymore if you have a .com or a .net that much.
My answer to OP's question: The difference between having a .net or .com is far less then having a .co.uk or .net/.com. I would go with the .net or try something creative with another TLD (see link above for the possibilities) but be aware, these aren't really common and I guess a normal user could get confused (it all depends on the target audience). ex.: Youtube uses the Belgian tld .be for some links so they have youtu.be as a shorter url.
Public WHOIS info for the hackertask.net domain:
Domain Name: HACKTASK.NET Registry Domain ID: 2099598181_DOMAIN_NET-VRSN Registrar WHOIS Server: whois.name.com Registrar URL: http://www.name.com Updated Date: 2017-02-22T03:23:28Z Creation Date: 2017-02-22T03:17:39Z Registrar Registration Expiration Date: 2018-02-22T03:17:39Z ...
Looks like the domain name was registered on 2/22/2017, so I suppose you've had to install one of those packages prior to Feb 22 of this year to be exposed
edit: maybe best to block that domain:
echo "127.0.0.1 hacktask.net" | sudo tee -a /etc/hosts
run this to make all requests to the hacker's domain resolve instead to your local machine (meaning they won't go to the attacker)
I highly prefer Name.com. They're even donating 5 cents per tweet as well. I've used those folks for years and found their spport to be fantastic and loving the instant DNS updates and their several other features. Also whois protection is free too. Use FREEWHOIS in a seperate transaction.
They are $6.65 each with free Whois. Use code NODADDY or STOPSOPA when transferring. Then use the code FREEWHOIS after the transfer is finished to get the privacy protection.
EDIT: Formatting and to add that I think a good method may to be to report the domain through the proper abuse form. Also I looked into this a little further and it turns out he hosts through Amazon Web Services. Cloudflare is a proxy service that's supposed to hide your information. "Merlin" and "Robin" seem inconspicuous I suppose.
EDIT 2: I was fascinated so I looked into this even further...I'm thinking I might need to write up something more complete, but I'm not sure where to post it. Basically it looks like he hosts through Amazon and is registered through SkipLink, LLC which comes out of Atlanta, GA--but that's where things start to get really weird.
Domain Name: INFOWARS.COM Registry Domain ID: 4148646_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.name.com Registrar URL: http://www.name.com Updated Date: 2018-02-26T23:00:24Z Creation Date: 1999-03-07T05:00:00Z Registry Expiry Date: 2024-03-07T05:00:00Z Registrar: Name.com, Inc. Registrar IANA ID: 625 Registrar Abuse Contact Email: Registrar Abuse Contact Phone: 7202492374 Domain Status: client TransferProhibited
https://icann.org/epp#clientTransferProhibited Name Server: MERLIN.NS.CLOUDFLARE.COM Name Server: ROBIN.NS.CLOUDFLARE.COM
DNSSEC: unsigned URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/ >>> Last update of whois database: 2018-08-07T18:59:50Z <<<
Depends on what type of forums and what version it is and what type of plugins is used
Is it a MyBB/IPB/VB forum? it differs ...
back in 2000, you could bypass everything on most forums by just checking the source code and then modifying it but you had to know PHP and HTML to do that, I haven't been in forums since then but I'm pretty sure it's still very doable ...
An easy way to do it was to do this:
http://www.name.com/showthread.php?tid=12
just change the show to print
http://www.name.com/printthread.php?tid=12
You could also use a web crawler to search for a cached page where the link/content shows up
Most content will show up in print thread argument and to disguised as search user agent or in the archive
Name.com has decent prices, ~11/yr for .com, and a snappy and intuitive UI for account management. They also have a pretty nifty "DNS Template" feature that'll auto-populate common nameserver records, like google MX records. This is my preferred registrar.
Namecheap has slightly lower prices on .com, but much cheaper pricing for .io compared to Name.com. Just check the pricing tables on each site if that's a concern. Namecheap's dashboard is atrocious though, like circa 2001. They're supposed to be giving it a big facelift soon, which will hopefully put their usability on par with Name.com. I use Namecheap for a few of my .io domains.
Apparently shorter and easier to remember, interesting
http://www.name.com/blog/general/business/2013/10/why-are-startups-turning-to-io/
> The Benefits of Using a .IO: > > It’s a unique extension compared to generic TLDs, which can help a startup stand out from a marketing perspective. > > It’s shorter than three-letter gTLDs, while being different, which makes it easy to remember. > > It’s just starting to become popular, which means it’s pretty likely you’ll get the name you want. > > In the tech and software development world, I/O means input/output, so .IO is particularly relevant to that audience. > > You can create cool domain hacks with .IO, like scenar.IO or pistach.IO.
I switched all my registrations to name.com after the whole godaddy fiasco with SOPA. They're local. http://www.name.com/
Also hosting.com is here. http://www.hosting.com/
As is Via West: http://www.viawest.com/
I can't speak to their price or quality in terms of hosting, but they are all local.
We at name.com have a reseller service. Here is some Reseller Info. I don't know much about the business side, but I do work on the API and will try to answer any questions you may have.
Domain Name: GPUFANREPLACEMENT.COM Registry Domain ID: 2195586345_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.name.com Registrar URL: http://www.name.com Updated Date: 2020-11-21T09:18:10Z Creation Date: 2017-12-04T11:12:48Z Registry Expiry Date: 2021-12-04T11:12:48Z Registrar: Name.com, Inc. Registrar IANA ID: 625 Registrar Abuse Contact Email:
See https://linustechtips.com/topic/1148791-gpu-fan-replacement-site/ for more information
Looks like a scam. Suspiciously low prices, manual billing processing etc.
> How long have you been in Business?
> We first started offering this service back in 2011.
Domain Name: USNTX.PW
Domain ID: CNIC-DO6793752
WHOIS Server: whois.name.com
Referral URL: http://www.name.com/
Updated Date: 2015-01-15T13:32:10.0Z
Creation Date: 2015-01-15T13:32:09.0Z
GoDaddy Alternatives: http://alternativeto.net/software/godaddycom/
Please vote on the list and add your own suggestions!
EDIT: Also, name.com is offering 10% off with the promo code "NODADDY" and they have a detailed instructional video on how to transfer your domains on their blog. That's how you stick it to the man!
안전 검증팀에서 철저하게 사전을 조사하여 100% 금액 보증 벳365코리아보증주소 https://bet365kor7.com 파트너코드 mtpe 심바보증주소 https://best-simba.com 파트너코드 mtpe 코나 먹튀사이트 피해 증거내용 이번 신규사이트 경우 2021년 11월19일에 생성되었고 29일에 업데이트한 신생사이트입니다 코나벳 신규사이트 정보확인 신규사이트 : 코나벳 신규사이트 KONA-2021.COM Domain Name: KONA-2021.COM Registry Domain ID: 2656022643_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.name.com Registrar URL: http://www.name.com Updated Date: 2021-11-29T02:26:52Z Creation Date: 2021-11-19T07:46:35Z Registry Expiry Date: 2022-11-19T07:46:35Z
안전 검증팀에서 철저하게 사전을 조사하여 100% 금액 보증 벳365코리아보증주소 https://bet365kor7.com 파트너코드 mtpe 심바보증주소 https://best-simba.com 파트너코드 mtpe 머니업 먹튀사이트 피해 증거내용 이번 신규사이트 경우 2021년 12월 20일에 생성되었는데요 약3~4주 밖에 되지 않아 위험성이 크니 조심하시길바랍니다. 머니업 신규사이트 정보확인 신규사이트 : 머니업 신규사이트 UP-488.COM Domain Name: UP-488.COM Registry Domain ID: 2662770584_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.name.com Registrar URL: http://www.name.com Updated Date: 2021-12-20T01:18:12Z Creation Date: 2021-12-20T01:18:11Z Registry Expiry Date: 2022-12-20T01:18:11Z
First sorry for replying 8 days later!
But this got me really interested so I did some googling. I was able to find a nicely explained article about it: http://www.name.com/blog/how-tos/tips/2015/06/name-collisions-in-a-nutshell-or-how-to-get-a-previously-unreleased-domain-name/
It's true they have some power to influence domain names but it appears to be in an attempt to reduce confusion or problems with businesses or people who are using a gTLD internally.
So while they do have the power I think this might be being blown out of proportion. 10 million is a lot but if you look through those csv files from the article you linked, the majority are random strings that would never likely see use. And the ones that could be used have the possibility of being unblocked and sold to consumers. (see Rightside Registry from name.com article).
Access it from something that isn't a mobile device.
Usually a mobile site will start with m.name.com instead of www.name.com And usually filling out the entire name with http://www.name.com will get you to the non mobile site.
But some places force you to be redirected.
I did this via name.com. Your mileage may vary but some helpful links:
I don't want to do this a ton but my one free code: 48258ef31
LOL.. Pretty new sites listed here..
Domain Name: SHIPYOURENEMIESGLITTER.COM
Registry Domain ID: 1893567777_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.name.com
Registrar URL: http://www.name.com
Updated Date: 2014-12-31T23:49:05-07:00Z
Creation Date: 2014-12-31T23:47:26-07:00Z
Registrar Registration Expiration Date: 2015-12-31T23:47:26-07:00Z
Domain Name: RUINDAYS.COM
Registry Domain ID: 1895629575_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2015-01-13T16:02:12Z
Creation Date: 2015-01-13T16:02:12Z
Registrar Registration Expiration Date: 2016-01-13T16:02:12Z
It's yours until the expiration date. One year by default, unless you pay for more. As long as you renew it before it expires (usually this is done automatically, ensure you have auto-renewal switched on for the domain), you won't lose it.
I recommend https://www.namecheap.com/ and http://www.name.com/ over godaddy.
So it sounds like your DNS is hosted at networksolutions and that it will transfer.
But I would open up a ticket with name.com to confirm they will transfer the dns records.
Open a ticket with Name.com http://support.name.com/anonymous_requests/new
I checked the FAQ page and didn't see any mention of it. http://www.name.com/faq.php
Don't use GoDaddy! Their support is pretty terrible. Try name.com, they are an excellent registrar: easy to use and amazing customer service.
It might make sense to hire a web designer to create and set up a web site. They can do it better, faster and cheaper (in the long-run) than doing it yourself using a website builder. If you have a basic website, then I would recommend angryhosting.com. I use them and it's great: $1/month for more than adequate hosting and email too!
Let me know if you need any other advice about this, I would be happy to help.
Kill la Kill was created by Trigger, not GAINAX. GAINAX were also responsible for Panty and Stocking with Garterbelt.
Anytime I need something from Amazon, I usually get it. I requested a refund on a Video-on-Demand product (which are usually non-refundable) and they refunded it. They're awesome.
Name.com also has amazing customer support.
Basically you need two things: server space and a domain name. You register domain names through a domain registrar. If you want a .com, .org, .net, etc domain name you'll have to pay for it. There are free ones too like .tk, so it's up to you to choose what you want.
You'll also need to pay for a web server. This is where your .html file and any other website files are stored.
I recommend going with name.com for both domain registration and web hosting. They offer both products in one package and I believe domain registration is free for the first year if you host with them. Check them out.
I currently have all my domains with Name.com and have been very happy with them. I'm hosting with a Xen VPS from Linode and am also extremely happy with them. Back when I used shared hosting I was on HostGator and was happy there as well.
I'm pretty thankful that I haven't had any bad experiences so far.
The way the privacy services work is that they will act as a proxy for your information. Their info comes up in WHOIS instead of yours, and the legal requirements for valid WHOIS info is fulfilled on their end by keeping your name in their records. They'll either forward communications on, or provide an account for you to check messages.
Depending on who your names are registered with, you should already have access to a privacy service. If you use the service offered by your registrar then they manage the relationship and you should not need to actually swap out your information for a third party. I would consider this a "safer" alternative to using a separate company.
I use Name.com because they used to offer it for free...and although they now offer it for a totally reasonable $1.99 a year there's a promo code to continue to get it for free if you just google a bit. I know GoDaddy and Register.com offer whois privacy as well, but their prices are quite a bit higher.