question Can domain parking affect future use of domain?

[robs01]

Can domain parking somehow affect future use of a domain?
Specifically in my case, I'd like to know if it could affect the domain's ability to resolve in future (through some kind of penalties for example).

Let me elaborate with my case. I bought a domain at a SAV expiry auction. It had been parked on and off for many years at bodis trying to get click revenue. Even back then when I checked it at random it did not resolve sometimes - my browser just said "Hmm, we're having trouble finding that site. We can't connect to the server at XXX.com." I don't think the parking was anything bad but the links may have only been vaguely related to the domain name and hence "poor" traffic may have resulted (just a guess... ???).

Now that I changed the nameservers to point it to another site and set up redirection (at least 2-3 days ago) it does not resolve. Or should I say, it's intermittent - one day it does resolve, the next day it does not. I have several domains pointed to that one site and they all work fine except for that one. All domains have SLL so I surmise it is not an SSL issue.

Could it be something to do with the domain's parking history? Or some other technical issue?
It's still at SAV, hosting is at Namecheap. Within the Namecheap Cpanel the DNS records all seem to be identical to others that do work.
Any ideas? This is a strange one.

TIA.

 

[wreckingball]

Nope.

Clear your dns cache or your have misconfigured your nameserver settings.

 

[robs01]

Clear your dns cache or your have misconfigured your nameserver settings.

Thanks for the suggestion.

I just cleared the cache on the MacOS I am using now and yet that one domain is still having the same problem. I will try clearing the cache later today on the PC, but tbh I have doubts that will fix it given this Mac test.

I (as carefully as possible) went through all the DNS settings - A records, CNAMEs, TXT, etc of the domain in question vs another redirected domain and they appeared identical apart from one or two which clearly are unique hexadecimal IDs. Note that all the nameserver settings (apart from the newly changed dns1/2.namecheaphosting.com) were inherited from the previous owner who let it expire, the domain was effectively pushed into my account. I will try going through everything again.

Thanks.

 

[wreckingball]

open terminal. type "dig ns yourdomain.com" does it give back what you expect?
then do "dig a yourdomain.com" same question. if not what expected, you have nameserver issues.

do both commands again adding @9.9.9.9 "dig @9.9.9.9 ns yourdomain.com" - different? cache issue.

 

[Future Sensors]

Could it be something to do with the domain's parking history? Or some other technical issue?

Check if there's an active DS record for the domain, that was set by the previous registrant.

You can see this in whois/rdap, as well (DNSSEC: signedDelegation)

 

[robs01]

Thanks guys. I'm going down the right path.

open terminal. type "dig ns yourdomain.com" does it give back what you expect?
then do "dig a yourdomain.com" same question. if not what expected, you have nameserver issues.

do both commands again adding @9.9.9.9 "dig @9.9.9.9 ns yourdomain.com" - different? cache issue.

Did this.
First part (without @9.9.9.9) seemed to work ok, status: NOERROR
With @9.9.9.9 gave an error, status: SERVFAIL

Check if there's an active DS record for the domain, that was set by the previous registrant.

Bingo! Yep. Leftover DS record is a/the difference. I'm guessing THAT might be it.
Trying to change that now at SAV, not so easy however in the legacy domain manager, new manager not working for me.

Thanks so much to both of you for this.
I'll mark the thread as "Answered" now but still report back on results since the info might help someone else in future.
Cheers.

 

[Future Sensors]

Bingo! Yep. Leftover DS record is a/the difference. I'm guessing THAT might be it.

Glad you found it. It was not a caching issue, but a DNSSEC issue.

You can remove the DS record, and it will start to work after a while.

For serious debugging, check dnsviz.net.

 

[robs01]

Eventually I got it. The DNSSEC wasn't under the Manage DNS section where I expected, but rather down the page a little on its own. Deleted the DS record and it updated in whois/rdap and started working within seconds.

 

[Future Sensors]

Yeah. They're basically digital landmines for domain investors. They buy up domains, but because of DNSSEC stuff left over from the old registrants, a bunch of their portfolio ends up looking like a ghost town. They've got these domains that just don't work, and since they're not all network engineers, they might not even realize half their portfolio is basically dead weight...

When a domain previously secured with DNSSEC is sold, the DS records in the parent zone may remain, pointing to outdated or non-existent DNSKEYs. This causes DNS resolvers to fail validation, rendering the domain inaccessible. Domain marketplaces and parking platforms often lack DNSSEC management.

 

[robs01]

Update: on the Mac computer it worked fine straight away; on the PC I tried just now it still does not resolve. I'll try to wait - perhaps full propagation of the DS change might take a little while and it's still happening randomly. ??

 

[Future Sensors]

Update: on the Mac computer it worked fine straight away; on the PC I tried just now it still does not resolve. I'll try to wait - perhaps full propagation of the DS change might take a little while and it's still happening randomly. ??

Apart from local caching, which can temporarily store previously resolved DNS records locally, devices on the same Internet connection can employ drastically different DNS resolution mechanisms. Some devices rely on the default DNS servers provided by the ISP, while others might be configured to use public DNS servers like those from Google or Cloudflare. Modern web browsers further complicate this by often implementing DNS over HTTPS (DoH), which encrypts DNS queries and routes them through a dedicated server, bypassing both the ISP's and the operating system's DNS settings. Consequently, devices on the same network can receive different DNS responses.

I'm pretty sure that with the removal of the DS record everything will be working everywhere soon. Please let me know if this problem persists over the next 24h.

 

[robs01]

Final update: after some 24 hours it appears to be fixed, all random attempts from all computers work fine.

(Now I have to figure out how to change to thread status to "question-answered". Not easy to find...)