OFFTHE RAILS Posted January 6, 2022 Share Posted January 6, 2022 This evening I tried to access the Peco website "peco-uk.com" but the following message was displayed: Domain has been suspended. In order to have a current information (sic) in the WHOIS, ICAMM - Internet Corporation for Assigned Names And Numbers - has required all accredited providers for domain registrations Whatever that means - it seems to be an EU initiated internet security requirement. But the poor grammar hints it might be a hack of some sort. Anyone any ideas ???? Ian 1 Link to post Share on other sites More sharing options...
RMweb Gold AndrueC Posted January 6, 2022 RMweb Gold Share Posted January 6, 2022 (edited) It's throwing ERR_CERT_COMMON_NAME_INVALID with Chrome which means that the certificate being returned by the site does not claim to be from peco-uk.com. Could be several reasons but at the least implies a technical issue. It could mean the site server is down (it's always been slow and creaky) and we're being redirected to a temporary one that doesn't have the correct certificate. Edited January 6, 2022 by AndrueC 1 Link to post Share on other sites More sharing options...
RMweb Gold longchap Posted January 6, 2022 RMweb Gold Share Posted January 6, 2022 (edited) Yep, seems to be a hacker at work, as this different, but to the point message was displayed: Warning: Potential Security Risk Ahead Firefox detected a potential security threat and did not continue to peco-uk.com. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details. Best steer clear for a while and hopefully, better than normal service will be resumed shortly. Bill Edited January 6, 2022 by longchap More speed, less haste Link to post Share on other sites More sharing options...
RMweb Gold AndrueC Posted January 6, 2022 RMweb Gold Share Posted January 6, 2022 (edited) 1 minute ago, longchap said: Yep, seems to be a hacker at work, as this different, but to the point message was displayed: Warning: Potential Security Risk Ahead Firefox detected a potential security threat and did not continue to peco-uk.com. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details. Best steer clear for a while and hopefully, better than normal service will be resumed shortly. Bill That's a boilerplate warning. Doesn't mean that the site has been hacked merely that it's claiming to be someone other than what it should. You can sometimes override the warning anyway but in this case Peco have configured things so that you can't even do that (which is good). Hopefully it's just a server glitch. Maybe they are finally upgrading the server to run on something other than a Z80 Edited January 6, 2022 by AndrueC 1 1 1 Link to post Share on other sites More sharing options...
OFFTHE RAILS Posted January 6, 2022 Author Share Posted January 6, 2022 Thanks for your replies - I'm glad that it's not just me getting the message when trying to access the Peco site. I've also found out what a boilerplate warning is! Ian Link to post Share on other sites More sharing options...
RMweb Premium spamcan61 Posted January 6, 2022 RMweb Premium Share Posted January 6, 2022 Everything fine for me now. 1 1 Link to post Share on other sites More sharing options...
RMweb Gold AndrueC Posted January 6, 2022 RMweb Gold Share Posted January 6, 2022 (edited) Not for me. The certificate is still incorrect: The certificate I'm getting back is issued to the wrong domain '*.controlpanel.pro' which sounds like it's hitting a server that is no longer serving the actual site. Or maybe it's a failover site that allows an admin to login from a different domain. What IP address are you getting if you ping it? I get: C:\Users\Andrue>ping peco-uk.com Pinging peco-uk.com [81.88.63.46] with 32 bytes of data But my latest theory is that they have a load balancer in place and one or more of the actual servers has failed and the balancer hasn't noticed. That would explain why it works for some people as it would depend which server the balancer chose to send you to. Thing is theories are like a-holes. Everyone has them Edited January 6, 2022 by AndrueC 1 Link to post Share on other sites More sharing options...
RMweb Premium spamcan61 Posted January 6, 2022 RMweb Premium Share Posted January 6, 2022 Pinging peco-uk.com [23.227.38.65] with 32 bytes of data: Reply from 23.227.38.65: bytes=32 time=15ms TTL=57 Reply from 23.227.38.65: bytes=32 time=14ms TTL=57 Reply from 23.227.38.65: bytes=32 time=61ms TTL=57 Reply from 23.227.38.65: bytes=32 time=11ms TTL=5 Link to post Share on other sites More sharing options...
RMweb Premium spamcan61 Posted January 6, 2022 RMweb Premium Share Posted January 6, 2022 14 minutes ago, AndrueC said: Thing is theories are like a-holes. Everyone has them Yeah I say that at work a lot lol. 2 Link to post Share on other sites More sharing options...
Steamport Southport Posted January 6, 2022 Share Posted January 6, 2022 It was fine earlier as I was looking at buffer stops as they are being mentioned in another thread. Jason Link to post Share on other sites More sharing options...
RMweb Premium spamcan61 Posted January 6, 2022 RMweb Premium Share Posted January 6, 2022 Strange we're seeing such radically different IP addresses. 1 Link to post Share on other sites More sharing options...
Dungrange Posted January 6, 2022 Share Posted January 6, 2022 If I just type the IP address 81.88.63.46 into the address bar in Chrome, I get the message Domain has been suspended Verify the email In order to have a correct information in the WHOIS, ICANN - Internet Corporation for Assigned Names and Numbers - has required all accredited providers for domains registrations, to ask for confirmation of the email address for new registrations or changes of the datas of the domain owner. The domain has been suspended because it's been 15 days from the date of registration or datas changes of the owner without having been verified the email address. Have they perhaps changed the hosting platform? If I ping peco-uk.com, I get the same response as @spamcan61, albeit with slightly different response times and TTL values. Like @spamcan61 I seem to have no problem viewing the site, although I did at one point get a message similar to the one that @longchap posted, which went away when I refreshed the screen. 1 Link to post Share on other sites More sharing options...
RMweb Premium Chris116 Posted January 6, 2022 RMweb Premium Share Posted January 6, 2022 I just went to peco-uk.com and went straight into the usual website. Link to post Share on other sites More sharing options...
Steamport Southport Posted January 6, 2022 Share Posted January 6, 2022 I'm getting Your connection isn't private Attackers might be trying to steal your information from peco-uk.com (for example, passwords, messages or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID However it was working okay earlier, about 3 or 4 PM. Link to post Share on other sites More sharing options...
RMweb Gold AndrueC Posted January 7, 2022 RMweb Gold Share Posted January 7, 2022 (edited) Same thing this morning for me. Maybe there's a server upgrade in progress and some people are getting a more up to date (or older?) IP address from the DNS? I'm seeing the same failure this morning. Edited January 7, 2022 by AndrueC Link to post Share on other sites More sharing options...
RMweb Premium spamcan61 Posted January 7, 2022 RMweb Premium Share Posted January 7, 2022 (edited) 4 minutes ago, AndrueC said: Same thing this morning for me. Maybe there's a server upgrade in progress and some people are picking up a more up to date (or older?) IP address. I'm seeing the same failure this morning. Have you tried accessing directly via 23.227.38.65 rather than peco-uk.com? Maybe it's DNS related. EDIT: trying peco-uk.com from work rather than home I get the security warning others are getting. Edited January 7, 2022 by spamcan61 1 Link to post Share on other sites More sharing options...
RMweb Gold AndrueC Posted January 7, 2022 RMweb Gold Share Posted January 7, 2022 (edited) 3 minutes ago, spamcan61 said: Have you tried accessing directly via 23.227.38.65 rather than peco-uk.com? Maybe it's DNS related. Just did and it looks like the certificate 'pot lunch' is still ongoing Edited January 7, 2022 by AndrueC Link to post Share on other sites More sharing options...
Nearholmer Posted January 7, 2022 Share Posted January 7, 2022 Maybe, like a Phoenix, it will arise from the ashes …….. as a user-friendly website, rather than a baffling ordeal. 3 3 Link to post Share on other sites More sharing options...
RMweb Premium spamcan61 Posted January 7, 2022 RMweb Premium Share Posted January 7, 2022 Just tried the IP address directly from my phone and I get Error 1003 direct IP access not allowed, so there goes that idea. Link to post Share on other sites More sharing options...
RMweb Gold AndrueC Posted January 7, 2022 RMweb Gold Share Posted January 7, 2022 (edited) 3 minutes ago, spamcan61 said: Just tried the IP address directly from my phone and I get Error 1003 direct IP access not allowed, so there goes that idea. I think that's because you used http:// instead of https:// It's crap like this that is the main reason I want to retire. After 30+ years developing software I can avoid the web no longer and it's an ongoing pain in the buttocks. Thankfully I don't get asked to actually write web pages (I play the 'old stuck in the mud desktop developer' card ). Edited January 7, 2022 by AndrueC 1 2 Link to post Share on other sites More sharing options...
rob D2 Posted January 7, 2022 Share Posted January 7, 2022 (edited) Why don’t you just ring peco and tell they have an issue ? Edited January 7, 2022 by rob D2 3 Link to post Share on other sites More sharing options...
Pete the Elaner Posted January 7, 2022 Share Posted January 7, 2022 19 minutes ago, spamcan61 said: Have you tried accessing directly via 23.227.38.65 rather than peco-uk.com? Maybe it's DNS related. EDIT: trying peco-uk.com from work rather than home I get the security warning others are getting. 23.227.38.65 does not seem to be peco-uk.com. When I mtr to it (mtr is a linux traceroute tool), it resolves this as myshopify.com. PInging myshopify.com resolves 23.227.38.32. It is quite normal to have a host with 2 or more IP addresses. mtr to peco-uk.com ends up at host-81-88-63-46.dedicatedserver, whatever that is. I wonder if Peco are migrating their server & are just waiting for DNS to be updated? 1 Link to post Share on other sites More sharing options...
RMweb Premium melmerby Posted January 7, 2022 RMweb Premium Share Posted January 7, 2022 (edited) I just get an invalid certificate warning. Edited April 7, 2022 by melmerby Link to post Share on other sites More sharing options...
Chris M Posted January 7, 2022 Share Posted January 7, 2022 They probably just need to renew their certificate. Its one of those things that happens from time to time, no big deal. They had some IT issues last year so forgetting to renew their certificate may have arisen from the difficulties of last year. 1 Link to post Share on other sites More sharing options...
jcm@gwr Posted January 7, 2022 Share Posted January 7, 2022 24 minutes ago, Nearholmer said: Maybe, like a Phoenix, it will arise from the ashes …….. as a user-friendly website, rather than a baffling ordeal. In a feedback to them, before Covid, but after their last website upgrade, I told them that I thought that it looked, and worked, like an abandoned primary school project, totally un-intuitive. They rang me, but couldn't see how frustrating it was to put in '7mm wagon kits', but get pictures of N gauge wagons, 0-16,5 track, etc, instead! So don't hold your breath, waiting for a better website! 1 Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now