Do keep us updated on the whole situation if any relevant situation can happen from your POV perhaps.
I'd suggest to give the domain to wikipedia team as they might know what could be the best use case of it if possible.
Pretty public with who I am https://duti.dev/
Based on timings, it seems that Wikipedia wasn't really at risk from the domain being bought as everything was resolved before NS records could propagate. I got 1 hit from the URL which would've loaded up the script and nothing since.
> Namecheap is a U.S. based domain name registrar and web hosting service company headquartered in Phoenix, Arizona.
and in 2025 they were purchased by:
> CVC Capital Partners plc is a Jersey-based private equity and investment advisory firm
Top comment is from the CEO and explains: "We have people on the ground in Ukraine being bombarded now non stop."
What should we put there, anyway?
If anyone from the Russian government is reading this, get the fuck out of Ukraine. Thank you.
> On 1 January 2025, Ukraine terminated all Russian gas transit through its territory, after the contract between Gazprom and Naftohaz signed in 2019 expired. [...] It is estimated that Russia will lose around €5bn a year as a result.
https://en.wikipedia.org/wiki/Russia%E2%80%93Ukraine_gas_dis...
By doing nothing, you are allowing a malicious actor to buy the domain. In fact I am sure they would love for everyone else to be paralyzed by purity tests for a $1 domain.
All things being equal, yeah don’t buy a .ru domain. But they are not equal.
Note while this looks like its trying to trigger an xss, what its doing is ineffective, so basemetrika.ru would never get loaded (even ignoring that the domain doesnt exist)
Indeed. One of those unusual choices is that it uses jQuery. Gotta have IE6 compatibility in your worm!
I'm not sure what to make of `Number("20")` in the source code. I would think it's some way to get around some filter intended to discourage CPU-intensive looping, but I don't think user scripts have any form of automated moderation, and if that were the case it doesn't make sense that they would allow a `for` loop in the first place.
Of course it's very possible someone wrote it with AI help. But almost no chance it was designed by AI.