DNS hijack?
Stephane Bortzmeyer
bortzmeyer at nic.fr
Thu Nov 11 21:40:13 UTC 2021
On Thu, Nov 11, 2021 at 01:28:07PM -0800,
Jeff Shultz <jeffshultz at sctcweb.com> wrote
a message of 105 lines which said:
> I hit my registrar, DirectNic, and found I'm good through 2023. They
> pulled up DNS checker and found that a bunch of DNS servers were
> showing 208.91.197.132 as the IP for the domain. It's actually in
> 64.130.197.x .
>
> I'm wondering if I was the only one?
No, you're not. Half of the RIPE Atlas probes see the wrong address:
% blaeu-resolve -r 100 --type A 2dpnr.org
[64.130.197.11] : 59 occurrences
[208.91.197.132] : 41 occurrences
Test #33310635 done at 2021-11-11T21:38:30Z
More information about the NANOG
mailing list