Foo.bar works, and shouldn't

[konklone]

foo.bar somehow checks the website itself and returns SHA-2 even though there's not a website there.

Running nslookup foo.bar returns 8.8.4.4 on my Digital Ocean box:

$ nslookup foo.bar
Server:     8.8.4.4
Address:    8.8.4.4#53

Non-authoritative answer:
Name:   foo.bar
Address: 127.0.53.53

And returns 127.0.0.1 on my laptop (as does any garbage address):

$ nslookup foo.bar

Server:     127.0.1.1
Address:    127.0.1.1#53

Non-authoritative answer:
Name:   foo.bar
Address: 127.0.53.53

[konklone]

Similarly, jacob.hoffman-andrews.co falsely registers as SHA-1, because on Digital Ocean it looks up server.co.com for some reason. Baffling.

[jonnybarnes]

Have you tried temporarily using a different DNS service?

[konklone]

Got any suggestions? I don't have much experience with 3rd party DNS, or even how to update a server to use a different one.

[jonnybarnes]

What OS is your Digital Ocean box running? On a normal Linux setup there's a file /etc/resolv.conf _note the lack of an _e**, which contains entries of the form nameserver 8.8.8.8. Just change the IP address to something else. There's a couple of suggestions on the DuckDuckGo answer.

[jonnybarnes]

p.s. your also running into the issue with foo.bar that .bar is a legitimate top-level domain. I'm not joking.

[jonnybarnes]

To further clarify, the foo.bar domain is being correctly resolved to the IP address 127.0.53.53. This being a 127.0. address will always be equivalent to localhost, so your machine will make a request to itself.

[jonnybarnes]

And just like that @mathiasbynens posts a relevant tweet: https://www.icann.org/resources/pages/name-collision-2013-12-06-en#127.0.53.53

And here's a very relevant StackOverflow answer.

So basically its resolving as 127.0.53.53 to tell people to stop using .bar domains because there soon going to be publicly legitimate domains, and 127.0.53.53 points to your own machine.