DNS skimming? How does this scam work.

**Charles Wirth** · 07-25-2017, 01:32 PM

A few days ago a domain appeared on my adsense from google that was not me.

https://www.networksolutions.com/who...stemsforum.com

I did not set that up but I am trying to figure out why it was made and how it appeared on my pay sheet with $0.0 paid.

The only way he would be able to appear on my pay sheet is if they copied my ad code and served it from that domain.

If you go to the domain it appears that it just forward to here but I think more might be going on.

The domain was registered at enom inc, the worst registrar on the net known for don't care attitude.

Ideas?

**Kal-EL** · 07-28-2017, 09:28 PM

I explain it as soon as I can explain how a complete medical website hosted itself on my other godaddy server.

**Revv23** · 07-29-2017, 07:23 AM

If they copied your ad code how would they get paid? I see your point -That's the only reason I could see someone forwarding that domain to you. Will ponder this...

**Charles Wirth** · 07-31-2017, 08:17 AM

According to Google that site paid me for my ads, I contacted google days ago, I got the auto reply to wait.

**Revv23** · 08-03-2017, 09:08 AM

0.0$ sounds like it's a really winner for you! I use gsuite at my work and sometimes it's frustrating to hear back from them that your bug is just the system working as it's supposed to. That being said, no better player in the market....

**NEOAethyr** · 08-27-2017, 03:12 AM

I came across this info today I thought about ya, not sure how relevant it is:
http://boards.4chan.org/pol/thread/139159224

**Revv23** · 09-01-2017, 07:43 PM

That is very interesting. Click here to see what these celebrities look like now.

**Charles Wirth** · 09-02-2017, 09:41 AM

I got paid a penny from the ghost site, can anyone capture code from that sites redirect?

**NEOAethyr** · 11-19-2017, 12:08 PM

I think it's to late now, I don't know anything really about this sorta stuff.
Other then politics originally drove this, they were trying to hurt google's pocketbook by messing over there adsense.

I'm guessing it's the reason why a while back the site would continuously load dynamically over and over.
Don't know though.
I do know it's still complaining about it having a broken https when I sign in, it's in http insecure mode right now and has been for months.
I don't think I have to worry about mitm attacks here though tbh.
It would be one thing if it was fb or tw, but...

Still, people do target this site from time to time it seems.
All it would take is for someone to get in the range of an admins wifi, and wait for them to log in or use the site.
But I don't think anyone is going to go that far.
I wonder why they hack this site anyways...
Do they think we pass datasheets in our pm's or something?
Sure I've passed info on say afterburner's voltage limits, I think, maybe...?, in pm, but that's not anything someone couldn't figure out on there own how to writing your own oem file, the author slipped it into the public once that's how I found out.
So I dn wtf...

Thread: DNS skimming? How does this scam work.

Thread Tools

Search Thread

Rate This Thread

Display

DNS skimming? How does this scam work.

Bookmarks

Bookmarks

Posting Permissions