Organization IP address is getting redirected to a website which does not belong to the organization.
Mukund Sivaraman
muks at isc.org
Sat Sep 17 16:00:57 UTC 2016
On Sat, Sep 17, 2016 at 03:51:00PM +0000, Bhangui, Sandeep - BLS CTR wrote:
> Hi
>
> Not exactly sure whether this is a DNS issue but hoping someone here on this forum can provide some advice/suggestion as I am trying to figure out what is going on.
>
> Our organization BLS owns ( registered with the registrar ) the network address 146.142.xxx.xxx.
>
> But if someone from the Internet [ outside of BLS network ) tries to go to "http://146.142.7.113" it gets redirected to a site in UK called "us.watcheezy.com"
>
> I have checked the DNS from the BLS side and we do not have any entry of any kind for the record 146.142.7.113 on our DNS.
>
> I have also done DNS lookups for watcheezy.com and those seem to be good too with respect to IP and the NS and as to what those NS are reporting.
>
> Can anyone throw some light on as to what is going on here.....does not look like a DNS issue to me but I could be wrong.
[muks at jurassic ~]$ wget --debug http://146.142.7.113
DEBUG output created by Wget 1.18 on linux-gnu.
Reading HSTS entries from /home/muks/.wget-hsts
URI encoding = ‘UTF-8’
Converted file name 'index.html' (UTF-8) -> 'index.html' (UTF-8)
--2016-09-17 21:28:13-- http://146.142.7.113/
Connecting to 146.142.7.113:80... connected.
Created socket 3.
Releasing 0x0000564b513bd220 (new refcount 0).
Deleting unused 0x0000564b513bd220.
---request begin---
GET / HTTP/1.1
User-Agent: Wget/1.18 (linux-gnu)
Accept: */*
Accept-Encoding: identity
Host: 146.142.7.113
Connection: Keep-Alive
---request end---
HTTP request sent, awaiting response...
---response begin---
HTTP/1.1 302 Found
Date: Sat, 17 Sep 2016 16:26:06 GMT
Server: Apache/2.2.22 (Ubuntu)
X-Powered-By: PHP/5.4.9-4ubuntu2.3
location: http://www.watcheezy.com/
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Content-Type: text/html
It is a HTTP redirect (see the location: header above). Check the
configuration of the HTTP server (webserver) that's serving for this IP
address.
Mukund
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20160917/0556c0ec/attachment.bin>
More information about the bind-users
mailing list