North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: paypal down!

  • From: Scott Morris
  • Date: Tue Nov 15 23:31:00 2005

It appears they're really down.  I just tried 'em, and the IP address that
comes back really does resolve to Ebay's holdings....

Or someone scammed a whole /19 to make the whole thing up, in which case I
have to hand it to 'em!  Compromising one host is dandy, but a whole
netblock is pretty damned festive!  (AS11643 is reporting it, which again
appears to be correct)

Perhaps it is what it is and they're having karma problems.



-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of
Kevin Day
Sent: Tuesday, November 15, 2005 10:58 PM
To: Hannigan, Martin
Cc: [email protected]
Subject: Re: paypal down!

On Nov 15, 2005, at 9:45 PM, Hannigan, Martin wrote:
>>>                              Internal Server Error
>>> The server encountered an internal error or misconfiguration and was 
>>> unable to complete your request.
>>> Please contact the server administrator,
>> [email protected] and inform
>>> them of the time the error occurred, and anything you might
>> have done
>>> that may have caused the error.
>>> More information about this error may be available in the
>> server error
>>> log.
>> Works for me.  Same BS splash advertising that always comes up.  Damn 
>> that is annoying.
> Yes, but it *is* up. Same here. Probably one of the rotation web  
> servers had
> an issue or something minor.

Or there's a chance that you've got a trojan/malware install on the  

I had someone contact me the other day with a nearly identical  
complaint, "Why have PayPal and eBay been down all day?" They were  
alternately getting a 404 or 503 for those sites, but everything else  
worked. Their hosts file had entries for ebay, google, a number of  
banks, common phishing targets. Even more fun was when I deleted the  
hosts file, after his next reboot it pulled an updated hosts file  
with new working IPs from somewhere.

I'm guessing the malware phishers don't have a five-nines array of  
redundant proxies yet. :)