Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

DNS lookup issue

Posted on 2016-07-19
16
Medium Priority
?
43 Views
Last Modified: 2016-07-19
I work for a non-profit agency. It has come to my attention that if you put in our website address on a smartphone, it seems to be getting "hijacked" and going to dating and other inappropriate websites.  From a desktop PC, everything seems fine. Our DNS is hosted by Network Solutions.   Any ideas how to correct this?
0
Comment
Question by:Philsh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
  • 3
  • +1
16 Comments
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 41719579
How many different phones have you tested?  How many different cell carriers have you tested?  

When you say it works from a desktop, have you tested desktop computers outside your network?

What's the URL?
0
 
LVL 14

Expert Comment

by:Shabarinath Ramadasan
ID: 41719586
Is it just with one smart phone or all clients?
It might be an malware on the smart phone if this issue is only with a specific smart phone.
0
 
LVL 22

Expert Comment

by:CompProbSolv
ID: 41719587
I would look at what the cell phones are using for DNS.  There are apps for Android phones and I would expect also for iOS phones.

If it really is only happening on mobile phones, it may not be a DNS issue.  Your web site may have different code for lower resolution (typically phone or tablet) devices.  If your site was compromised, that code may be pushing users to the other sites.  I'd check the web site to see if that got hacked.
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 

Author Comment

by:Philsh
ID: 41719589
It happens on many different smartphones - Verizon for sure. Will need to see which provider the other phones are on.  

www.caaofcc.org
0
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 41719599
I can duplicate/verify  the problem.  Fascinating.  FWIW, I'm on Sprint.

This is almost certainly (though not definitely) not a DNS problem on your end.
0
 
LVL 22

Expert Comment

by:CompProbSolv
ID: 41719600
On my Verizon cell phone (connected to my WiFi and using my local DNS), it appears to go to the correct page, though somewhat different from the one my desktop goes to.  It looks as if it is one that attempted to deal with the lower resolution.

The URL resolves to 208.91.197.27.

I shut off WiFi on my phone and tried the same tests and got the same results.
0
 
LVL 22

Expert Comment

by:CompProbSolv
ID: 41719602
@paulmacd: can you confirm the IP address that the URL resolves to?

It is very interesting that I didn't see the same problem.
0
 

Author Comment

by:Philsh
ID: 41719614
The IP should be 107.180.21.239.
0
 
LVL 22

Accepted Solution

by:
CompProbSolv earned 1000 total points
ID: 41719617
Please ignore my first post.  I was incorrect.  I left out the "www." and got the results that I did.  It pointed at a "page under construction" at Network Solutions.

When I include "www." I get redirected when on my phone but to the correct site from my desktop, even at 800x600 resolution.  I can't easily set it lower on this computer, but will try on a different one.

The address resolves to 107.180.21.239 in all cases.

While it is not the root of your problem, I'd change your DNS server settings to have "caaofcc.org" point the the same place as "www.caaofcc.org".

I'm still suspicious of something in the web page itself doing the redirection.
0
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 41719622
'CAAOFCC.ORG' resolves to 208.91.197.27 on my desktop.

"I'm still suspicious of something in the web page itself doing the redirection."
I'm inclined to think it's something in the web server itself, but it could be something in the page.
0
 
LVL 22

Expert Comment

by:CompProbSolv
ID: 41719641
I'm not a web designer so have limited knowledge of the details here.

I'm not aware of how the server itself would distinguish the different clients, though that may just be my ignorance.

How do you think that the server or page is deciding what to display to the different clients?  I could imagine it being based on OS, browser, or screen resolution.

I got the results I described (proper on desktop, improper on phone) with Google and with Chrome on both platforms, and with IE on the desktop.  I presume that a web server or page can distinguish between Google on Android vs. Google on Windows.
0
 
LVL 34

Assisted Solution

by:Paul MacDonald
Paul MacDonald earned 1000 total points
ID: 41719662
"I'm not aware of how the server itself would distinguish the different clients..."
Browsers (more specifically, browser engines) identify themselves to the server.  

Having tested my cell phone using wi-fi, it lends credence to the theory this is a server-side issue, not a DNS issue.  It appears something on the server or page is redirecting traffic from mobile devices.

Also:  The behavior has stopped now.
0
 
LVL 22

Assisted Solution

by:CompProbSolv
CompProbSolv earned 1000 total points
ID: 41719668
Very interesting!  It is working on my cell phone, too now.

If it is a server issue (vs. a page issue) I would expect (though not certain) that it occurred on other pages that the server hosts.
0
 

Author Closing Comment

by:Philsh
ID: 41719694
Someone hacked into my hosted account and added a ".htaccess" file that was redirecting only mobile devices.
0
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 41719707
That would do it.

Nice job tracking down the fix.
0
 
LVL 22

Expert Comment

by:CompProbSolv
ID: 41719720
Sounds good.

Don't forget to fix the DNS setting for the URL without "www.".
0

Featured Post

Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
Resolve DNS query failed errors for Exchange
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question