Tag Archives: voteforthemilf

Blowing the lid of voteforthemilf.com

Here’s where things get a great deal more interesting on this whole “Prank”

Usually, when you are going to perform a redirect as a prank, you use an A record to redirect the request, so domainnamenamevariant.com is redirected to someotherdomain.com via an A record. In this case the redirect is a highly disrecommended CNAME or Canonical Nam pointing to an IP address the record reads like this VOTEFORTHEMILF.COM IN CNAME 64.203.107.149.

This IP, whether you go to it via http:\\64.203.107.149 or voteforthemif.com (which now seems to redirect to google in some cases) goes to a special Palin greeting.

All of this is kind of known, but I’m providing a summation that makes the “It was a prank” angle seem like a stupid bit of misdirection.  How could the prankster have known that 64.203.107.149 led to a special palin message?  64.203.107.149 has no PTR record and is the A record of JOHNMCAIN.COM but NOT www.johnmcain.com.
The A Record for www.johnmcain.com points to an aliased address from his DNS hosting provider:

Name:    edgecastcdn.net
Address:  72.21.81.132
Aliases:  www.johnmccain.com

Johnmain.com does not

Non-authoritative answer:
Name:    johnmccain.com
Address:  64.203.107.149

Visiting the IP of www.johnmcain.com in your browser http://72.21.81.132/ connects you to nothing.

Visiting the IP of johnmcain.com in your browser http://64.203.107.149/ connects you to a website.

Why would the webmaster of John Mcain’s website link a site to one IP and not the other?  That’s more than odd.  Here’s why, it’s the same amount of work to set it up, you can copy and paste one configuration to another and make it active so that WEB recquests for IP one and IP two will go to the same place, but in this case reqeusts initially bound for 64.203.107.149 end up going to a special palin greeting. How could the prankster have pre-knowledge that the greeting would be there?  I mean, if voteforthemilf.com was a simple redirect to the IP, and the IP (in the case of the more popular www.johnmcain.com) does not connect to a configured website why would they imagine it would magically connect to a Palin related website?

This story is not over, not complete and the “prankster” isn’t giving up their secrets at all.

In the end, this is just a distraction, but it’s a fun tech mystery too, and what’s more fun on a Friday night than a fun tech mystery, right?