Last night Elliotsblog.com reported that Domaining was being show on the Chrome browser as a possible web forgery and blocked by the browser.
This morning I got the same thing when I tried to get to the site on FireFox.com.
The domain still seems to be resolving fine on Safari.
You can still access the site on Firefox if you click on ignore this warning which is on the bottom right of the screen and then confirm on the popup that appears that the site is not a forgery.
I use Firefox, but I’m not experiencing any problem accessing Domaining.com…
I wonder if, perhaps, one of the blogs that feed into Domaining.com is on a Black List somewhere?….If so, maybe that could have unpredictable resolution effects for Domaining.com, depending upon the browser?
I saw that this morning too. Nice to see Google adding more security. I use Trend Micro for antivirus and it would always throw up warnings for Domaining.com, mainly from the CAX ads they run.
I get “Reported Attack Page” w/Firefox – maybe he was hacked..
I received the same “Attack Page” warning via Firefox.
Is it a false alarm and okay to ignore the warning?
Trico
I don’t want to take that responsibility for your computer
I’m on a Mac and ignored the warning and my computer hasn’t blown up yet
Hi,
Unfortunately we have been victim of an SQL injection attack originating from multiple Chineses IPs. The domain where they apparently host their adware script is:
http://whois.domaintools.com/jjghui.com
The domain owner appears to be fake.
Apparently +70,000 web servers has already been successfully attacked:
http://www.google.fr/search?hl=&q=%22http%3A%2F%2Fjjghui.com%2Furchin.js%22&sourceid=navclient-ff&rlz=1B3GGLL_frFR374FR378&ie=UTF-8
We immediately cleaned our database (nothing stollen) and started to check and close all the possible doors for such attacks. We continue securing as much is possible to avoid a new hack attempt.
I notified Google our servers has been cleaned so I hope they will soon remove the penalty that Firefox and other browsers use to flag dangerous sites.
The positive of the story is we are making many coding changes to better secure our sites and partitionning our database for an improved safty .
I apologize for the inconvenience and thanks to Elliot for the alert this night.
Francois
PS: Special thanks to Louise Timmons for his appreciated support on this matter.
F-
Well best of luck getting unblocked
Safari now blocking as well.
I have norton add on in firefox and thats blocks and filter a lot. First Bank of America gets attacked now domaing.com
I’m also getting the same message while visiting the site on my iPhone
“Unfortunately we have been victim of an SQL injection attack…Apparently +70,000 web servers has already been successfully attacked…”
=====
How can people take the Toy IPv4 Internet seriously ?
TBLS claims to be all about security and stability but the result is a joke.
Fortunately, people are starting to become educated and will migrate to serious networks. The ICANN followers will not even know they vanished.
I keep getting the message “Beware, the owner of this domain is French” Been getting it for a while though.
It seems to be fixed at least with Firefox.
I mean the Warning NOT the owner being French. 🙂
LOL
More strange than the owner country is the hacking date.
Those things use to happen Friday, simply to kill you the week-end and don’t get any help when needed.
This electronic world scares, while I was checking all possible holes this morning I found someone from Argentina apparently trying all the dictionary words to try to open an FTP port. In fact web servers are constantly bombarded of all kind of attacks, fortunately most never succeed.
How unfortunate. But hey, it’s totally worth it to use SQL. I mean it’s so wonderful, and besides, there is absolutely no other alternative to using SQL. There is no alterantive which is faster than SQL and not susceptible to injection. SQL injection is just an unavoidable price of running a database-backed website.
Wrong.
If someone wanted to build a safer website they could do it. But the incentive is just not there. People just accept these attacks as unavoidable.
Google penalty has been removed.
I hope the security barriers added will prevent future similar attacks.
Again, sorry for the inconvenience.