I opened yatra.com and it was not the one I was looking for !! What the hell happened??
The message was to renew domain. Even more surprising!! I looked on whois and found yatra.com has expired on 9th Aug! How can a big company like yatra could do such a mistake?? I know Monday it will be alarming for so many companies.
$ dig ns yatra.com
; <<>> DiG 9.8.3-P1 <<>> ns yatra.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 2529
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;yatra.com. IN NS
;; Query time: 498 msec
;; SERVER: 202.83.21.12#53(202.83.21.12)
;; WHEN: Sun Aug 11 22:48:07 2013
;; MSG SIZE rcvd: 27
The message was to renew domain. Even more surprising!! I looked on whois and found yatra.com has expired on 9th Aug! How can a big company like yatra could do such a mistake?? I know Monday it will be alarming for so many companies.
$ dig ns yatra.com
; <<>> DiG 9.8.3-P1 <<>> ns yatra.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 2529
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;yatra.com. IN NS
;; Query time: 498 msec
;; SERVER: 202.83.21.12#53(202.83.21.12)
;; WHEN: Sun Aug 11 22:48:07 2013
;; MSG SIZE rcvd: 27
$ dig +nocmd yatra.com any +multiline +noall +answer
yatra.com. 5421 IN A 208.91.197.132
yatra.com. 141388 IN NS ns2.pendingrenewaldeletion.com.
yatra.com. 141388 IN NS ns1.pendingrenewaldeletion.com.
So from the story so far it appears that as yatra.com was not renewed they pointed it to some random IP from ns2.pendingrenewaldeletion.com pool.
Even though the TTL for yatra.com was low 5 minutes and very zone cache as 3 hours the site it not back from the NS (202.83.21.12 - ACT broadband) I was using. I got it working when I changed to google open DNS.
Does it have something to do with pendingrenewaldeletion.com TTL?
Data from fixed DNS.
$ dig +norec ns yatra.com
; <<>> DiG 9.8.3-P1 <<>> +norec ns yatra.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9540
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;yatra.com. IN NS
;; Query time: 9 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Aug 11 23:16:22 2013
;; MSG SIZE rcvd: 27
$ dig +nocmd yatra.com any +multiline +noall +answer
yatra.com. 79 IN SOA ns4.netmagicians.com. postmaster.netmagicians.com. (
2013081102 ; serial
10800 ; refresh (3 hours)
3600 ; retry (1 hour)
604800 ; expire (1 week)
300 ; minimum (5 minutes)
)
yatra.com. 79 IN TXT "MS=ms49031691"
yatra.com. 79 IN TXT "v=spf1 a mx ptr a:202.87.58.131 a:202.87.58.132 mx:pps-mx.netmagicians.com ip4:202.87.58.131 ip4:202.87.58.132 -all"
yatra.com. 79 IN MX 10 pps-mx.netmagicians.com.
yatra.com. 79 IN A 202.87.58.26
yatra.com. 79 IN NS ns4.netmagicians.com.
yatra.com. 79 IN NS ns1.netmagicians.com.
yatra.com. 79 IN NS ns2.netmagicians.com.
$ dig +nocmd yatra.com +noall +answer
yatra.com. 197 IN A 202.87.58.26
$ dig +norec ns yatra.com
; <<>> DiG 9.8.3-P1 <<>> +norec ns yatra.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9540
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;yatra.com. IN NS
;; Query time: 9 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Aug 11 23:16:22 2013
;; MSG SIZE rcvd: 27
$ dig +nocmd yatra.com any +multiline +noall +answer
yatra.com. 79 IN SOA ns4.netmagicians.com. postmaster.netmagicians.com. (
2013081102 ; serial
10800 ; refresh (3 hours)
3600 ; retry (1 hour)
604800 ; expire (1 week)
300 ; minimum (5 minutes)
)
yatra.com. 79 IN TXT "MS=ms49031691"
yatra.com. 79 IN TXT "v=spf1 a mx ptr a:202.87.58.131 a:202.87.58.132 mx:pps-mx.netmagicians.com ip4:202.87.58.131 ip4:202.87.58.132 -all"
yatra.com. 79 IN MX 10 pps-mx.netmagicians.com.
yatra.com. 79 IN A 202.87.58.26
yatra.com. 79 IN NS ns4.netmagicians.com.
yatra.com. 79 IN NS ns1.netmagicians.com.
yatra.com. 79 IN NS ns2.netmagicians.com.
$ dig +nocmd yatra.com +noall +answer
yatra.com. 197 IN A 202.87.58.26
Any clue?
No comments:
Post a Comment