One of my sites was hijcked by a credit card company and now I have to do a complete backup of all my sites and do an OS Reboot. Someone give me some vodka!
Credit card for cybercriminals and overseas con-men
Domain Name: MYGCARD.COM
Registrar: GANDI
Whois Server: whois.gandi.net
Referral URL: http://www.gandi.net
Name Server: DNS1.VALUEWEB.COM
Name Server: DNS2.VALUEWEB.COM
Name Server: DNS3.VALUEWEB.COM
Status: REGISTRAR-LOCK
Updated Date: 10-mar-2006
Creation Date: 02-nov-2004
Expiration Date: 02-nov-2009
Operated by the Liberal socialist Frenchies they are the private registrar and host for terrorist sites, foreign e-mail scammers and the Euro trash and ME porn operators. Take your pick as to who gottcha!
If they really did the nasty on you then call their stateside hosting company for the hidden details...
Administrative Contact :
Affinity Internet Inc. domainmanager@affinity.com
3250 West Commercial Blvd.
Suite 200
Ft. Lauderdale, FL 33309
US
Phone: 954-334-8000
Fax: 954-334-8001
__________________
Webmaster's... Mike and Charlie
"What have you done today to put real value into a referral click...from a shoppers viewpoint!"
if a domain isn't "locked," it is possible to claim ownership of it to the registrar, who is legally bound to turn it over. I don't know how much warning, if any, you get about it.
I found an "iframe src=' on my root "index.htm" a while back. Didn't show in FrontPage, so I deleted it thru my file manager's html editor. I had a good password too, now it's a better one.
__________________
Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin-1752
It was probably on of those s*** for brains people that's always scanning sites. I had one really aggressive scanner come through today, got a bunch of 404's, but it came through. It was looking for everything from awstats.pl to data/protection.php to /admin/SignIn.php to /mambo/index2.php?option=com_content&do_pdf=1&id=1 and a bunch of others. After reading this post I got an idea. The scanners always request a non existent file before starting the scan. Today it was thisdoesnotexistahaha.php . They do this to confirm that your server is sending a proper 404 for files that don't exist. Every time I come across a scan, I'm going to create the nonexistent file it requests and put a spider trap in it. I'll just block them before they can scan my site.
__________________
But are you still master of your domain?
There is tons of links to affilate programs in all of those pages. If I was you and bored / pissed off I might after trying everything to get back the url control and notifying his hosting might start sending letters to the affiliate managers. Maybe they dont like to be associated with this type of person.
Maybe when they review his account it might not look like such a good agreement. Some of those companies are pretty straight laced. This action might surprise them. Maybe they find that he is violating some part of the affiliate agreement.
Not sure if I am just being vindictive. Any experience in this out there?
Wow. That kind of stuff scares me to death. When I saw the registrar name I had to think because I knew it sounded familiar. I saw a complaint about them just yesterday on another forum. I don't know if it is OK to post the link here but I'm going to give it a try because I think you need to see what it says. They may be also SPAMMING using your URL.
Wow, I wonder if that is what is going on with one of my sites. It has been down for 10 hours now. It happened the same time I got an unremovable virus which looked for ftp files (all Greek to me).
__________________
leeann
Saints Pledge:"I pledge allegiance 2 da Saints & 2 da great city of N. O. & 2 da Super Bowl, 4 which we'll win, 1 city, B low C level, under God, with Mardi Gras, gumbo & alcohol 4 all."
----------------------
Affiliates - you have a long list of GAN merchants at your disposal that are listed with other networks.
yes I got it back. Thx to 7 days for making me aware that it was showing all my pages before as I took down the index page when the site was going to the credit card site. Now I just have to finish backing up my sites so I can do an OS Reload. Unfortunately my host said the box is rooted.
Donuts, there was another site altogether showing up at Jack's URL - and I"ve heard it's happened to some other sites recently, by that same credit card site.
No idea how they're doing it, it's some kind of DNS exploit maybe?
Discussions: 119,311 
Messages: 972,631 
Members: 63,571 
Newest: aldan 
Online: 1046
Arrrrrrrgh Hijacked
and Charlie 
Linear Mode
