paypal down!

Scott Morris swm at emanon.com
Wed Nov 16 04:26:49 UTC 2005


It appears they're really down.  I just tried 'em, and the IP address that
comes back really does resolve to Ebay's holdings....

Or someone scammed a whole /19 to make the whole thing up, in which case I
have to hand it to 'em!  Compromising one host is dandy, but a whole
netblock is pretty damned festive!  (AS11643 is reporting it, which again
appears to be correct)

Perhaps it is what it is and they're having karma problems.

Scott

 

-----Original Message-----
From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On Behalf Of
Kevin Day
Sent: Tuesday, November 15, 2005 10:58 PM
To: Hannigan, Martin
Cc: nanog at merit.edu
Subject: Re: paypal down!



On Nov 15, 2005, at 9:45 PM, Hannigan, Martin wrote:
>>>                                  www.paypal.com
>>>
>>>                              Internal Server Error
>>>
>>> The server encountered an internal error or misconfiguration and was 
>>> unable to complete your request.
>>>
>>> Please contact the server administrator,
>> webmaster at paypal.com and inform
>>> them of the time the error occurred, and anything you might
>> have done
>>> that may have caused the error.
>>>
>>> More information about this error may be available in the
>> server error
>>> log.
>>
>> Works for me.  Same BS splash advertising that always comes up.  Damn 
>> that is annoying.
>>
>
> Yes, but it *is* up. Same here. Probably one of the rotation web  
> servers had
> an issue or something minor.
>


Or there's a chance that you've got a trojan/malware install on the  
computer.

I had someone contact me the other day with a nearly identical  
complaint, "Why have PayPal and eBay been down all day?" They were  
alternately getting a 404 or 503 for those sites, but everything else  
worked. Their hosts file had entries for ebay, google, a number of  
banks, common phishing targets. Even more fun was when I deleted the  
hosts file, after his next reboot it pulled an updated hosts file  
with new working IPs from somewhere.

I'm guessing the malware phishers don't have a five-nines array of  
redundant proxies yet. :)





More information about the NANOG mailing list