HACKER Q&A
📣 brundolf

Spam on the domain I just purchased?


I registered a domain name a couple months ago (via hover.com if that matters). Just now I visited it to see what the default/empty splash-page looks like, and got redirected through several different sites in different languages (one of which looked like a spammy recipe site? the rest went by so fast they didn't fully load)

Needless to say, this was highly sketchy and I'm now wondering if I need to take steps to lock down my various accounts since I feel like I just visited a malicious link

But what I'm really wondering is, how did this happen with a newly-registered domain that I own? I deleted all the existing DNS records after it happened, but assuming those were the cause of all this, how did malicious ones get there in the first place? hover.com seems like the only party that should have been able to do this, but they've never shown themselves to be a malicious actor in the past. Does a domain keep its previous DNS records when it gets bought by a new owner who didn't get it via a transfer? Do those not normally get reset by the registrar?

Addendum: Anybody know a good malware scanner for macOS? :P

  👤 viraptor Accepted Answer ✓
Have you got the original entries available? Without them it's hard to tell what happened. If you want some speculation though, hover may be using some specific parked page provider who is doing dodgy stuff. Third party parked pages are a terrible idea in general.