A colleague recently asked me about a well-known domestic GIS company. Having no direct experience, I inquired in the MalaGIS discussion group. While initial conversations focused on company benefits and salaries, someone discovered an unexpected issue when visiting the company's official website: a certain link led to inappropriate content.

Note: Screenshots would normally be included but cannot be shown for compliance reasons.

As a technical writer, I believe such issues deserve deeper analysis beyond mere observation.

Problem Reproduction

As of publication, the issue remains reproducible:

  1. Open the company's homepage:
  2. Scroll to the page footer:
  3. Clicking the XX Instruments link redirects to an unexpected website without security plugins or domestic browsers installed.
    Warning: Do NOT open this link near colleagues.

Technical Hypotheses

Reviewing the problematic link, two scenarios seem plausible:

  1. HTTP Hijacking
    Lack of HTTPS encryption enables traffic interception. Despite arguments that "HTTP is industry-standard," proper web systems (especially WebGIS) should enforce HTTPS. When clients resist, share this incident as justification.
  2. Domain Abandonment & Squatting
    Companies sometimes register domains for new subsidiaries/business lines (e.g., potential spin-offs). If abandoned, these domains—especially aged ones with high SEO value—get snatched by squatters for malicious purposes.

Technical Investigation

Step 1: DNS Analysis

Pinging the domain reveals its resolution records:

Step 2: IP Geolocation

Using IP location techniques (GIS Technique: IP-Based Geolocation):

The Hong Kong hosting suggests probable domain squatting—domestic sites rarely host overseas due to speed/ICP constraints.

Step 3: Domain Registration History

Current registration details (GDPR-compliant masking limits data):

Registration via Gname (foreign registrar) indicates squatting. Historical records show multiple ownership changes:

  • 2015: Wuhan-based registration
  • 2023: Fujian registration
  • 2024: Anhui registration
  • 2025: Shanxi registration via Gname.com


Tools Used:

  1. IP Geolocation: https://www.ip138.com/
  2. Domain Registration: https://whois.chinaz.com/
  3. Historical Records: https://whois-history.whoisxmlapi.com/

Resolution Strategies

  • HTTPS Issues: Purchase and install SSL certificates immediately.
  • Domain Squatting: Regaining control is difficult once lost. For illegal content, report to authorities.

Conclusion

Domains represent corporate assets and digital identities. Despite newer platforms (Douyin, WeChat Official Accounts), domains remain fundamental internet infrastructure. This incident underscores three imperatives for GIS professionals:

  1. Enforce HTTPS across all web properties
  2. Monitor domain registration status regularly
  3. Retire unused domains properly
    Neglecting these risks exposing users and damaging reputations—after all, browser "Not Secure" warnings deter clients.