Yeah, people have Problems with chain certificates because they're a new thing. Once you grasp the concept, though, it isn't that big a deal.
Anyway, throwing some more shit at that:
$ dig +short faunited.org|sort -n
63.251.171.80
63.251.171.81
66.150.161.140
66.150.161.141
69.25.27.170
69.25.27.173
70.33.186.218
What. Seriously, what. Only one of these belongs to FA (70.33.186.218), the rest are owned by "Dotster, Inc", some VPS provider.
So, I throw a GET out at all of these:
$ for i in `dig +short faunited.org|sort -n` ; do printf 'GET / HTTP/1.0\r\nHost: faunited.org\r\n\r\n' | nc $i 80 | sed s/http/hXXp/ | egrep HTTP\|Location ; echo ; done
HTTP/1.1 301 Moved Permanently
Location: hXXp://www.sedoparking.com/search/registrar.php?registrar=dotstersecondary&domain=FAUNITED.ORG&site_id=4798
HTTP/1.1 301 Moved Permanently
Location: hXXp://www.sedoparking.com/search/registrar.php?registrar=dotstersecondary&domain=FAUNITED.ORG&site_id=4798
HTTP/1.1 301 Moved Permanently
Location: hXXp://www.sedoparking.com/search/registrar.php?registrar=dotstersecondary&domain=FAUNITED.ORG&site_id=4798
HTTP/1.1 301 Moved Permanently
Location: hXXp://www.sedoparking.com/search/registrar.php?registrar=dotstersecondary&domain=FAUNITED.ORG&site_id=4798
HTTP/1.1 301 Moved Permanently
Location: hXXp://www.sedoparking.com/search/registrar.php?registrar=dotstersecondary&domain=FAUNITED.ORG&site_id=4798
HTTP/1.1 301 Moved Permanently
Location: hXXp://www.sedoparking.com/search/registrar.php?registrar=dotstersecondary&domain=FAUNITED.ORG&site_id=4798
HTTP/1.1 200 OK
Amazingly, I don't think it's compromised, just someone REALLY fucked up the DNS.
Approximately one out of every 7 times, though, the site hosted in the FA rack will actually load. Again. GREAT JOB.