FurAffinity: Six Years of Mediocrity

[Jim Demintia]

Interesting that he can't accept checks.

He has stated he has (unreasonable) fears of accepting checks for whatever reason. I think they didn't want them to bounce and somehow cost them money. Another theory is that checks would let you see what account it was deposited into, and we all know he likes to use his personal accounts to pay for FA...

Shit, most banks these days will clear a check with insufficient funds (within reason—they obviously aren't going to clear a $2,000 check when the customer has $-300), and rape their account holder for an overdraft fee. Especially since the passage of so-called "Regulation E", which prevents them from pulling similar shenanigans on bank cards without the customer's consent.

I had a check clear my account literally less than 24 hours after I gave it to the person I was paying. It was only a $20 overdraft on a nearly $600 check, but it cost me $35 in a fee.

The leading hypothesis on the blank page thing is that their PHP interpreter is crashing.

You know, I'd do the 'hahaohwow.jpg' reaction if PHP really does use an "interpreter" in the technical sense of the term, but then I remember that Ruby had one of those until their most recent release.

JIT is for trolls, I guess?

[nrr]

JIT is for trolls, I guess?

Object code is for trolls.  Get it right.

[Conan]

Well this is fascinating!

traceroute to faunited.org (69.25.27.170), 30 hops max, 60 byte packets
 1   0.577 ms  0.565 ms  0.682 ms
 2  216.182.225.104 (216.182.225.104)  0.664 ms  0.650 ms  0.623 ms
 3  216.182.232.66 (216.182.232.66)  0.450 ms  0.570 ms  0.562 ms
 4  216.182.232.50 (216.182.232.50)  0.551 ms  0.523 ms  0.510 ms
 5  72.21.220.224 (72.21.220.224)  0.579 ms  0.563 ms  0.537 ms
 6  72.21.222.146 (72.21.222.146)  1.344 ms  1.465 ms  1.461 ms
 7  72.21.220.148 (72.21.220.148)  1.616 ms 72.21.220.124 (72.21.220.124)  1.767 ms 72.21.220.132 (72.21.220.132)  1.751 ms
 8  63-233-113-25.dia.static.qwest.net (63.233.113.25)  3.082 ms dca-edge-18.inet.qwest.net (65.120.78.57)  2.269 ms dca-edge-22.inet.qwest.net (63.233.113.33)  4.091 ms
 9  dcp-brdr-03.inet.qwest.net (205.171.251.110)  5.203 ms dcp-brdr-03.inet.qwest.net (205.171.251.106)  5.035 ms dcp-brdr-03.inet.qwest.net (205.171.251.110)  5.157 ms
10  bpr1-so-6-0-0.VirginiaEquinix.savvis.net (208.173.52.65)  5.199 ms  5.127 ms  6.112 ms
11  er2-tengig2-4.virginiaequinix.savvis.net (204.70.197.238)  6.626 ms  6.597 ms  5.862 ms
12  internap.VirginiaEquinix.savvis.net (208.173.159.2)  3.544 ms  3.263 ms  3.616 ms
13  border1.pc1-bbnet1.wdc002.pnap.net (216.52.127.18)  3.856 ms  3.536 ms border1.pc2-bbnet2.wdc002.pnap.net (216.52.127.82)  14.071 ms

Going to it via a web browser redirects you to mallware filled "sedoparking.com".

ALSO, it appears they neglected to install the Intermediate CA certificate when they got their new SSL certificate.

I notice that you have not setup the new Intermediate CA required by RapidSSL. This makes Furaffinity via https break for certain browsers and devices. For example, Android Phones running Froyo 2.2.x barf with a certificate error. This makes one less likely to trust using FA until one can reach a PC again, which ruins the mobile experience.

...

They give instructions for how to do it with Apache. Now I know FA uses nginx, so I you will need to "Translate" the instructions for that. Note as it says on the site

"You MUST install the below Intermediate CA file on your server for your SSL certificate to be fully supported in all web browsers."

So far I fought for 1.5 days with this issue on my own sites with IIS7. Even with Microsoft its not point and click for this stuff sadly.

GREAT JOB.

[Pi]

Yeah, people have Problems with chain certificates because they're a new thing. Once you grasp the concept, though, it isn't that big a deal.

Anyway, throwing some more shit at that:

Code: [Select]

$ dig +short faunited.org|sort -n
63.251.171.80
63.251.171.81
66.150.161.140
66.150.161.141
69.25.27.170
69.25.27.173
70.33.186.218

What. Seriously, what. Only one of these belongs to FA (70.33.186.218), the rest are owned by "Dotster, Inc", some VPS provider.

So, I throw a GET out at all of these:


$ for i in `dig +short faunited.org|sort -n` ; do printf 'GET / HTTP/1.0\r\nHost: faunited.org\r\n\r\n' | nc $i 80 | sed s/http/hXXp/ | egrep HTTP\|Location ; echo ; done
HTTP/1.1 301 Moved Permanently
Location: hXXp://www.sedoparking.com/search/registrar.php?registrar=dotstersecondary&domain=FAUNITED.ORG&site_id=4798

HTTP/1.1 301 Moved Permanently
Location: hXXp://www.sedoparking.com/search/registrar.php?registrar=dotstersecondary&domain=FAUNITED.ORG&site_id=4798

HTTP/1.1 301 Moved Permanently
Location: hXXp://www.sedoparking.com/search/registrar.php?registrar=dotstersecondary&domain=FAUNITED.ORG&site_id=4798

HTTP/1.1 301 Moved Permanently
Location: hXXp://www.sedoparking.com/search/registrar.php?registrar=dotstersecondary&domain=FAUNITED.ORG&site_id=4798

HTTP/1.1 301 Moved Permanently
Location: hXXp://www.sedoparking.com/search/registrar.php?registrar=dotstersecondary&domain=FAUNITED.ORG&site_id=4798

HTTP/1.1 301 Moved Permanently
Location: hXXp://www.sedoparking.com/search/registrar.php?registrar=dotstersecondary&domain=FAUNITED.ORG&site_id=4798

HTTP/1.1 200 OK


Amazingly, I don't think it's compromised, just someone REALLY fucked up the DNS.

Approximately one out of every 7 times, though, the site hosted in the FA rack will actually load. Again. GREAT JOB.

[ProvincialTwit]

Hmm let's see what are the nameservers for faunited.org

faunited.org.           8605    IN      NS      ns2.nameresolve.com.
faunited.org.           8605    IN      NS      ns3.nameresolve.com.
faunited.org.           8605    IN      NS      ns4.nameresolve.com.
faunited.org.           8605    IN      NS      ns1.nameresolve.com.

Oh that's interesting, they're not even doing their own DNS?  Well what about the whois record, how's that lookin?

Domain Name:FAUNITED.ORG
Created On:16-May-2006 01:28:20 UTC
Last Updated On:17-May-2011 10:54:05 UTC
Expiration Date:16-May-2012 01:28:20 UTC

Wait a second, updated 17-May?  Created 16-May?  Did these idiots actually let their domain expire accidentally?  Were they at least smart enough to use a proxy registrar service?

Registrant Name: Real Name Deleted
Registrant Organization:FA United LLC
Registrant Street1: Address lines pointing to a UPS Store
Registrant Street2: PO Box deleted
Registrant Street3:
Registrant City:Manasquan
Registrant State/Province:NJ
Registrant Postal Code:08736
Registrant Country:US
Registrant Phone: Phone number deleted
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:thewolf@furrywolf.com

Oh.

[ColeTrain]

The leading hypothesis on the blank page thing is that their PHP interpreter is crashing.

Speaking of white screens, is it just me or they are becoming more and more frequent as time passes by?
For a while now, the most white screens I got in one day was 3 or 4, but lately it will be a white screen after few mere clicks/refreshes. Impending disaster maybe?

Edit: two white screens now in a span of mere minutes. And after a talk with some friends of mine I'm not the only one experiencing this.

[Pi]

Nah, I managed to mine out of yak that it was actually their database shitting the bed. He's supposed to be putting in a proper error handler for that case, so it'll say "the database shit the bed" every three or four refreshes, instead of just spitting out an empty response.

With his track record, it'll break logins for an hour, he'll blame it on a typo, and it'll still serve up whitescreens occasionally because he didn't actually fix anything.

[Jim Demintia]

Nah, I managed to mine out of yak that it was actually their database shitting the bed. He's supposed to be putting in a proper error handler for that case, so it'll say "the database shit the bed" every three or four refreshes, instead of just spitting out an empty response.

With his track record, it'll break logins for an hour, he'll blame it on a typo, and it'll still serve up whitescreens occasionally because he didn't actually fix anything.

I'm kinda surprised it works as well as it does with the load they're putting on MySQL. No caching that I'm aware of and I'm sure the queries are appropriate to the education level of the people who wrote them.