Kidnapped Domain?

[aka-2 0]

WTF??!!! Yesterday when I tried to view my site http://forums.xisto.com/no_longer_exists/, does not appear my page. Instead of my domain, appears a site that wants to sell me protection against virus and threats.

Before it had never seen something like this, and I have crossed much.

Anybody knows wich can be the problem? Kidnapped domain? Virus? Spam? Are The extraterrestrial ones trying to communicate with the civilized world?

[Saint_Michael 3]

All I see is search engine stuff in spanish(??), nope. nope and no and not even close. I would say it had to with ads maybe.

[Johnny 1]

I'm seeing the same thing, and judging by the domain name, I'm guessing that's what your original site is supposed to be? o.o

[aka-2 0]

Thanks to respond, well, the site is about SEO techniques in spanish lenguage, and yes, I have it a little bit abandoned.I have only include AdSense Ads, the links adblock on the top. No more ads, and this only happens in this site (I have more).?Anybody has seen something like that before? ?Any ideas of what can be happening? It's only that I am surprised and very interested in this fact.

[BuffaloHelp 24]

Try reading this topic http://forums.xisto.com/topic/39934-dns-hijack-searchathandcom-browser-result-removal-this-is-a-browser-hijack-and-method-of-removing/ and see if your DNS has been hijacked.

Do the spyware scan and clear out all your cache, downloaded files and look through your installed software for any abnormality.

[poke386 0]

its possible that ur webhost might have suspended ur account or sumthing. or it might be that ur webhost has set up a redirect to some other site.

[Saint_Michael 3]

they would need a good reason to suspend and that other part is very illegal as well. Webhost can not redirect hosted sites like that unless they own them. The only redirection webhosts can provide is suspended accounts or closed accounts redirection.Nut buff makes a good point on dns hijack, but I don't think it would have been necessary since your domain in a way is low quality. But you did mentioned you abandon it for awhile maybe that is why because their was time limit of some sorts to that account.

[AeonLan 0]

Some sites that offer redirection and subdomains implement ads pages before the main page of a certain site after a few days of subscripting to their free(most are free) packages. TRY TO AVOID THEM!One is Dot tk.

[cangor 0]

Looks fine to me, but I don't speak spanish. Does it go like:adseok: Posicionamiento en GoogleConsigue el primer puesto en buscadoresor something?

[aka-2 0]

Well, I have been reading some forums and documents but I'm going on without understand the problem. BuffaloHELP, I have read the tutorial and that looks like if this was not the problem. I have done the spyware scan and antivirus scan, and clear out all my cache, downloaded files, etc, but the problem persists.The domain name is up to date for a year, and it's hosted on Xisto. (Saint_Michael why it's a low quality domain? By the extension .info?), Some questions, If the problem were with my browser, ?Would the rest of users watch the normal page or because of my "DNS hijacked" ,or somethin like that, they have took control of my domain? Can anybody see a wordpress blog with the tipical blue header with the title, as cangor said, "adseok: Posicionamiento en Google"?If this is not the case, Could be a problem with the hosting? Or a problem with a bad configuration of Wordpress? or Have they cracked my blog password?

[Jimmy 0]

Well, I have been reading some forums and documents but I'm going on without understand the problem.
BuffaloHELP, I have read the tutorial and that looks like if this was not the problem. I have done the spyware scan and antivirus scan, and clear out all my cache, downloaded files, etc, but the problem persists.

The domain name is up to date for a year, and it's hosted on Xisto. (Saint_Michael why it's a low quality domain? By the extension .info?),

Some questions, If the problem were with my browser, żWould the rest of users watch the normal page or because of my "DNS hijacked" ,or somethin like that, they have took control of my domain? Can anybody see a wordpress blog with the tipical blue header with the title, as cangor said, "adseok: Posicionamiento en Google"?

If this is not the case, Could be a problem with the hosting? Or a problem with a bad configuration of Wordpress? or Have they cracked my blog password?

I doubt it as I get the typical blue wordpress screen, with the right title, which is your proper domain setup by the sounds of things. Are you trying to access the domain directly, or through another domain, as aeonlan said, most free referrer domains that should just go directly to ur page will display ads for a bit before going to the true page.
But anyway, I get that spanish gobbeldygook anyhow
Edited September 22, 2006 by Jimmy (see edit history)

[aka-2 0]

Well, It seems as the problem is solved by now. My .htaccess was rewritten with the spam directios. So someone has rewrite my .htacces in some way. ?How is this posible? ?Can it be through my browser? or Is it because of any bad configuration that I have done? Maybe a host error?But with all, I go on without understand the problem, and I think it will appear again.P.S. --> Jimmy, thanks for responding, I assure you that the domain is under my complete domain and that I access the domain directly. Gobbledygook? I ensure that that is good spanish, the Cervantes' lenguage.

Edited September 23, 2006 by aka-2 (see edit history)

[aka-2 0]

Well, It seem that is posible to hack a hosting service because of an exploit on cpanel. I don't know if this is the cause of this problem, but it would be.

security hole in cPanel to hack the servers of a hosting company - Read about it.

Edited September 25, 2006 by aka-2 (see edit history)

[BuffaloHelp 24]

Please do not assume or spread a rumor with something that does not have a merit.If your cPanel was hacked, don't you think your files would have been deleted by now or defaced? Think about it.Also note that all other members were seeing the correct site but you. That's why I thought your DNS was hijacked. Xisto server admins reported no external hacking attempt on Xisto hostings.Refer to the discussion I left on your topic above.

[aka-2 0]

I do not assume or spread any rumor. I´m only spreading this problem to see if somebody know about it.

I have again the same problem. Maybe my DNS was hijacked, but my .htaccess has been rewrited again with this:

RewriteEngine On
RewriteCond %{HTTP_REFERER} .*google.* [OR]

RewriteCond %{HTTP_REFERER} .*ask.* [OR]

RewriteCond %{HTTP_REFERER} .*yahoo.* [OR]

RewriteCond %{HTTP_REFERER} .*excite.* [OR]

RewriteCond %{HTTP_REFERER} .*altavista.* [OR]

RewriteCond %{HTTP_REFERER} .*msn.* [OR]

RewriteCond %{HTTP_REFERER} .*netscape.* [OR]

RewriteCond %{HTTP_REFERER} .*aol.* [OR]

RewriteCond %{HTTP_REFERER} .*hotbot.* [OR]

RewriteCond %{HTTP_REFERER} .*goto.* [OR]

RewriteCond %{HTTP_REFERER} .*infoseek.* [OR]

RewriteCond %{HTTP_REFERER} .*mamma.* [OR]

RewriteCond %{HTTP_REFERER} .*alltheweb.* [OR]

RewriteCond %{HTTP_REFERER} .*lycos.* [OR]

RewriteCond %{HTTP_REFERER} .*search.* [OR]

RewriteCond %{HTTP_REFERER} .*metacrawler.* [OR]

RewriteCond %{HTTP_REFERER} .*dogpile.*

RewriteRule ^(.*)$ http://forums.xisto.com/no_longer_exists/ [R=301,L]

Ok. Thaks again.

Notice from rejected:

Please put all materials which you are copying in quotes.