PimpMyClicks.com?

just wondering what this is. PeerBlock blocked a connection to this site and it said one IP was 239.255.255.250 on UDP port 1900 and the other was 127.0.0.1, which i thought was my own computer but i look up "pimpmyclicks.com" here:

http://www.webtoolhub.com/tn561350-reverse-ip-domain-lookup.aspx

and it says the IP for that domain is 127.0.0.1


anyway i've been trying to get a DNS caching program to work correctly and the address it says to use for it is 127.0.0.1 so i thought that might be it but that domain sounds kind of suspicious.

any ideas?

 

Probably IANA killed it assigning to the domain a non-routable address
Or the domain just expired and was not re-newed. From a quick search it seems that this was originally an adult site

 

Domain Name: PIMPMYCLICKS.COM
Registrar: CRONON AG
Whois Server: whois.cronon.net
Referral URL: http://www.cronon.net
Name Server: WNS1.NS-SERVE.NET
Name Server: WNS2.NS-SERVE.NET
Status: ok
Updated Date: 01-oct-2012
Creation Date: 30-sep-2005
Expiration Date: 30-sep-2013

-------------------------------------------------------
pimpmyclicks.com@wns1.ns-serve.net.:

pimpmyclicks.com. 600 IN A 127.0.0.1

pimpmyclicks.com@wns2.ns-serve.net.:

pimpmyclicks.com. 600 IN A 127.0.0.1

 

ok, but what's happening on my computer then? seems like this 239.255.255.250 address is used by uPnP and not really a valid IP address. i think i've since disabled uPnP with a GRC freeware program. i'm just wondering if i have a piece of malware that's trying to redirect some of my traffic and get paid for it. or maybe the free DNS caching program i'm trying to figure out is doing this.

does this mean the same thing - IANA killed the site?

 

Not sure how you link that web site with the IPs you mention. Both of them are non routable addresses. 239.255.255.250 is used for multicasting by uPnP. If PeerBlock is correct and the call was really to that site than better you investigate which software or component is calling out. To do so you will probably need to turn ON uPnP and check... not an expert on network connection so I cannot help with more specific suggestions.

 

It means that the people who have control over the DNS records for PIMPMYCLICKS.COM have configured things so that someone asking for the IP Address of PIMPMYCLICKS.COM will be given an answer of: 127.0.0.1. That IP Address... 127.0.0.1... is a loopback address on the *local* computer. IOW, if you ping or try to connect to PIMPMYCLICKS.COM you will end up pinging or trying to connect to 127.0.0.1 aka your own computer.

 

how can they do that? i thought the DNS stuff was supposed to be above board and public record

 

Most probably they did not pay the bill
You should not worry about how they got 127.0.0.0 but rather checking your system for malware and/or spyware. Go to specialise volunteers malware analyst and post your logs. eg. at bleepingcomputer.com

Don't be tempted into the "doing it myself". You will never know if you are really clean or not.