Mysteries of domains, name servers, etc.

 CastleCops -> Complainterator
Author: pwillenerLocation: Japan PostPosted: Tue Jun 03, 2008 5:05 am    Post subject: Mysteries of domains, name servers, etc.
Well, there is something I don't understand, so let me start a thread for "mysteries". I'm sure someone here has a good explanation.

The domain name lookup
Quote:
Domain Name: wassdoe.com

Status: ok

Registrar: XIN NET TECHNOLOGY CORPORATION
Whois Server: whois.paycenter.com.cn
Referral URL: http://www.xinnet.com

Expiration Date: 2009-05-13
Creation Date: 2008-05-13
Last Update Date: 2008-05-13

Name Servers:
ns1.yuoowrx.com
ns2.yuoowrx.com

The traversal
Quote:
Getting NS record list at b.root-servers.net... Done!
Looking up at the 13 com. parent servers:

ServerResponseTime
l.gtld-servers.net [192.41.162.30][Reports no a record (NXDOMAIN)]62ms
e.gtld-servers.net [192.12.94.30][Reports no a record (NXDOMAIN)]31ms
f.gtld-servers.net [192.35.51.30][Reports no a record (NXDOMAIN)]46ms
g.gtld-servers.net [192.42.93.30][Reports no a record (NXDOMAIN)]62ms
d.gtld-servers.net [192.31.80.30][Reports no a record (NXDOMAIN)]46ms
k.gtld-servers.net [192.52.178.30][Reports no a record (NXDOMAIN)]156ms
h.gtld-servers.net [192.54.112.30][Reports no a record (NXDOMAIN)]124ms
i.gtld-servers.net [192.43.172.30][Reports no a record (NXDOMAIN)]140ms
j.gtld-servers.net [192.48.79.30][Reports no a record (NXDOMAIN)]155ms
c.gtld-servers.net [192.26.92.30][Reports no a record (NXDOMAIN)]77ms
a.gtld-servers.net [192.5.6.30][Reports no a record (NXDOMAIN)]62ms
m.gtld-servers.net [192.55.83.30][Reports no a record (NXDOMAIN)]252ms
b.gtld-servers.net [192.33.14.30][Reports no a record (NXDOMAIN)]312ms

Status: Records all match.

MY question: why does the URL still go to the original "Prestige Replica" website...?
Author: pwillenerLocation: Japan PostPosted: Tue Jun 03, 2008 8:40 am    Post subject:
I have to add that both wassdoe.com and www.wassdoe.com resolve to 89.38.113.107.
Author: tembow PostPosted: Tue Jun 03, 2008 10:09 am    Post subject:
You can't trust the Last Update Date information. Not all systems modify it when updates occur.

My guess is that its address record was removed in the past 24 hours. The whois shows a status of OK. That means that the removal was performed by either an incompetent registrar, or the domain name owner.

That it was loading when you tested it reflects the way the Internet is designed to perform, using cached name->address resolution data. Removing access to a site can take 24 hours to filter out across the whole Internet.

If the Address record is not reinstated, you will see access to the site fail after a day. The traversal fails because it does everything it can to bypass the caching. In a way, a traversal gives you a preview of what will happen to the site over the next 24 hours after a change has been made and put into effect - in this case the removal of the address resolution
records.
Author: pwillenerLocation: Japan PostPosted: Wed Jun 04, 2008 3:20 am    Post subject:
Thanks!
Quote:
Firefox can't find the server at www.wassdoe.com

Cool
Author: pwillenerLocation: Japan PostPosted: Tue Jul 01, 2008 4:17 am    Post subject:
Another mystery - to me, at least...
Quote:
Domain Name: truakos.com

Status: ok

Registrar: HICHINA WEB SOLUTIONS (HONG KONG) LIMITED
Whois Server: grs.hichina.com
Referral URL: http://whois.hichina.com

Expiration Date: 2009-06-21
Creation Date: 2008-06-21
Last Update Date: 2008-06-21

Name Servers:
 dns217.deletedns.com
 dns218.deletedns.com

The traversal shows IP address 0.0.0.0 for both domain name servers. Yet both truakos.com and www.truakos.com resolve to truakos.com, and display their target website in the browser.
Author: ahoierLocation: USA PostPosted: Tue Jul 01, 2008 12:43 pm    Post subject:
tried clearing all your caches, dns, etc?

That is very odd....traversal shows the 0.0.0.0
http://private.dnsstuff.com/tools/traversal.ch?domain=truakos.com&type=A&token=11a0aba66da33b3d25d2b49601999019

But both dns servers are "timing out"

Opendns.com/cache resolves the domain to 222.186.13.10 in New York, New York, USA, London, England, UK, and Palo Alto, CA, USA, BUT, 221.230.2.221 from Washington, DC, USA and Seattle, Washington, USA...

definately a mystery Smile
Author: tembow PostPosted: Wed Jul 02, 2008 6:27 am    Post subject:
queries will be returned by 222.186.13.10 (dns217.deletedns.com)
truakos.com. 130 IN A 222.186.13.10 **

queries will be returned by 221.230.2.221 (dns218.deletedns.com)
truakos.com. 130 IN A 221.230.2.221 **
** person: Chinanet Hostmaster
e-mail: anti-spam@ns.chinanet.cn.net

http://uptime.netcraft.com/up/graph/?host=truakos.com
CastleCops -> Complainterator

All times are GMT

Page 1 of 1


Powered by phpBB © 2001 phpBB Group