[HN Gopher] Have I Been Squatted?
___________________________________________________________________
Have I Been Squatted?
Author : todsacerdoti
Score : 93 points
Date : 2022-09-26 15:07 UTC (7 hours ago)
(HTM) web link (haveibeensquatted.com)
(TXT) w3m dump (haveibeensquatted.com)
| tristor wrote:
| This is trying to make an outbound connection on port 3000 using
| a remote-access JS. Any reason why this is the case? Blocked by
| Little Snitch
| tylerchurch wrote:
| I can't speak for them, but that's a common port for web app
| development. Could be the code that watches for changes and
| autoreloads trying to hit the development backend to see if it
| should update the page.
|
| Deploy the production build of your app, people!
| lolinder wrote:
| That's definitely what it is. My React dev tools light up on
| this site, saying the page is using the development build of
| React.
| JLCarveth wrote:
| My react-dev-tools is saying that the site "is using the
| development build of React."
| stewx wrote:
| I think a lot about the guy in Jacksonville, Florida who owns
| gamil.com.
| m4jor wrote:
| what about the old grumpy guy who owns steam.com and refuses to
| sell it to Gabe
| davis wrote:
| What about the guy in China that owns gnail.com?
| metadat wrote:
| Does it also detect bit squatting?
|
| See:
|
| _" Bit-squatting - DNS hijacking by cosmic rays/memory errors"
| (2011)_
|
| https://news.ycombinator.com/item?id=2944445
|
| _" What Flips Your Bit: Cosmic Ray Errors at Mozilla" (2022)_
|
| https://news.ycombinator.com/item?id=31016042
| dmurray wrote:
| It looks like it detects, among other things, all domains with
| edit distance one from your domain. That's a superset of all
| bit squat domains.
| mholt wrote:
| Getting a lot of: Firefox can't establish a
| connection to the server at wss://haveibeensquatted.com:3000/ws.
|
| and Firefox can't establish a connection to the
| server at wss://haveibeensquatted-xca5n.ondigitalocean.app/ws.
| mattnewton wrote:
| Looks like a dev build that opens a web socket connection up to
| port 3000, probably for live reload or something. I am guessing
| they just got it working with create react app or something and
| shipped it as is, without rebuilding a production version.
| Stamp01 wrote:
| Hug of death?
| remram wrote:
| That's unfortunate. What did it do?
| mminer237 wrote:
| It works for me now. It checks if any other domains have
| been registered to trick people into thinking it's your
| website.
|
| For example, I put in one of my websites
| (https://packetlosstest.com), and it gives the following:
| Domain IPs HTTP banner
| WHOIS packetlosstest.arab 127.0.53.53
| packetl.osstest.com 54.161.222.85
| 34.205.242.146 packelosstest.com
| 103.224.182.210 Apache/2.4.38 (Debian) Domain Name:
| PACKELOSSTEST.COM
| Registry Domain ID: 2659396158_DOMAIN_COM-VRSN
| Registrar WHOIS Server: whois.dynadot.com
| Registrar URL: http://www.dynadot.com
| ... packetlos.stest.com 59.110.61.108 nginx
| packetlo.sstest.com 54.161.222.85
| 34.205.242.146 packetlosstest.com
| 34.196.254.27 Netlify Domain Name:
| PACKETLOSSTEST.COM 35.229.48.116
| Registry Domain ID: 2374572514_DOMAIN_COM-VRSN
| Registrar WHOIS Server: whois.namesilo.com
| Registrar URL: http://www.namesilo.com
| ...
|
| The last one is my actual site, and the other five are
| apparently scammers preparing to impersonate me.
| peterwallhead wrote:
| Reminds me of the excellent https://dnstwister.report/
| stirfish wrote:
| I'm a big fan of the typo in the title :)
| jsight wrote:
| I'm not seeing the typo?
| Stamp01 wrote:
| Looks like it was fixed. "squatted" was misspelled as
| "sqautted".
| jsight wrote:
| Oh, that's hilarious considering the subject matter.
| Thanks!
| coding123 wrote:
| I hope they keep that easter egg.
| francisduvivier wrote:
| Too bad it's not there in the domain name :'(
| 0xCAP wrote:
| I don't know if it was intentionL or not, but the typo in the og
| hn article "sqautted" was a brilliant joke.
| m4jor wrote:
| You can do this yourself using DNSTwist
|
| https://github.com/elceef/dnstwist
| oflannabhra wrote:
| Also a shoutout to opensquat -
| https://github.com/atenreiro/opensquat
| hammock wrote:
| Say I have been squatted. What do I do about it?
| system2 wrote:
| Not much unless they are deliberately copying your content and
| doing illegal things. I just found out our company name has
| been copied but they are offshore.
| Genbox wrote:
| A few things:
|
| - You contact their hosting provider and report it.
|
| - Check if the top-level domain registrar has a form for it and
| report it.
|
| - If your trademark has been infringed, you can create a
| Uniform Domain Name Dispute Resolution Policy (UDRP) against
| the registrant [1]
|
| - You setup DKIM, SPF and DMARC on your domain to avoid them
| from spoofing your domain.
|
| [1] https://www.icann.org/resources/pages/filing-
| udrp-2013-05-21...
| pueblito wrote:
| Putting your info in seems like a good way to get squatted.
| tgsovlerkhgsel wrote:
| Are you sharing anything except a domain name + the fact that
| you might be interested in the topic of squatting?
| arthurofbabylon wrote:
| I think it's low signal compared to traffic volume / search
| indices / visitor intent
| warent wrote:
| Someone's going to invest potentially 100s of dollars a year x
| 100s of inputs it gets?
|
| The open internet is crawlable. This seems pretty far from a
| risk vector.
| [deleted]
| louislang wrote:
| Does this take registration times into account? Seems like it'd
| be particularly relevant in determining if this is a typosquat or
| not.
___________________________________________________________________
(page generated 2022-09-26 23:01 UTC)