FxTwitter: PSA: FxTwitter is not compromised, fxdeviantart is an unrelated service

I don’t want to pollute your issues with this, but I feel most people with a brain are going to come here for info.

Having a look, its just a generic parking domain. I’ve sent requests the match discords and I don’t see anything that indicates “they are trying to steal your accounts” it’s just a simple 302 redirect to a parking domain.

So Remember! ✅ FxTwitter.com is Safe ✅ FxFuraffinity.com appears to be Safe ❌ FxDeviantArt.com domain has just expired and at present doesn’t appear to be anything nefarious (but that doesn’t stop someone buying it and doing something dodgy)

It’s good to have some context here; as usual, people assume, “Everything is broken!!!111”

Good to see we actually have sensible information amidst all this panicked misinformation.

I’d like to mirror the sentiments above.

–

✅ FxTwitter.com is Safe (embeds properly + redirects to here + owner said so + doesn’t expire until 2026-07-07)

✅ FxFuraffinity.net is Safe (embeds properly + redirects to informational landing page as it should + doesn’t expire until 2024-07-26)

⛔ FxDeviantArt.com is Bad Mojo (doesn’t embed anymore + visiting link redirects to dangerous sites + listed as for sale/expired on 2024-02-15)

–

Right now, FxDeviantart is not a nuclear bomb. Posting it on Discord or Telegram won’t immediately compromise everyone’s account in the server/chat or fill their computer with viruses. Right now it’s broken and does nothing unless you click the link.

However… Everyone needs to stop using FxDeviantart right now. And clear out old links just to be safe.

Just because the current owner doesn’t care to do anything bad, it doesn’t mean the next owner won’t start injecting ads/propaganda/fake news/gore/bad-bad-things into every embed. Or start showing things like “To view the hidden link please scan this QR code” to try and hijack accounts.

So please stop using FxDeviantart until it has been established and publicly verified whether it’s been recovered by someone benevolent, or whether it’s been taken over by someone intending on doing very bad things. (Or if it’s going to be forever stuck in parking limbo behind a $10,000 paywall).

Stay safe everyone.

Please excuse, too. For those curious of FxDeviantArt’s current state when visited atm, these “Related searches” pages displayed for expired domains (or even 404 pages at times) is what seems to be a common website hoster behavior to have these visits monetized for the hoster (not the original owner). Visitors are then under mercy of their ad providers, so they could be served redirections to anything from benign to malvertising.

What happens when fxdeviantart is still used as of writing? Nothing; the site doesn’t provide anything to embed as the hoster doesn’t know what to do with the rest of the URL. When the fx-ified URL is clicked though, it will land you to this same “Related searches” page, instead of redirect you to the original DeviantArt domain (assumed default behavior). However, like what @Atreidae mentioned, it could be registered by anyone else atm that isn’t the fxdeviantart author, and publish something that would take advantage of these URL queries.

Just don’t visit, use nor click the fx’d deviantart links for the meantime, to avoid the potential landing to somewhere dangerous. (And again, FxTwitter/fixupx is unaffected, just to put it on footnote)

The domain “fxdeviantart.com” is safe again!

I was able to make a “third party payment” towards Namecheap which now reinstated the domain, this means it’s safe for another year ❤️ You can safely use it again to link to art there!

Thanks for the information about this, reassuring to know the developers keep eyes on such things.

I just made a payment towards Namecheap to get “fxdeviantart.com” renewed for another year via a third-party request. If the original buyer doesn’t decline the payment within 24 hours the domain should be up and running by that point again.

Hope this means that no scammer or other bad actor will get control of the domain meanwhile.

Dumb question here. Has anyone actually reached out to the owner of FxDeviantArt and checked to see what they want to do?

@Atreidae As best they can, yes, though it looks unlikely the owner will respond. You can follow this issue on the fxdeviantart repo for updates: https://github.com/daisyUniverse/fxdeviantart/issues/4

Further discussion should probably happen there so we’re not filling up fxtwitter’s issues.

fwiw, namecheap has a grace period with recently expired domains bought through them where, although it goes to their landing page, the owner of the domain can still renew it without worrying about it being taken for about a week or two.

See the comment I posted earlier https://github.com/FixTweet/FxTwitter/issues/677#issuecomment-1957856485 for more details and a link to Namecheap’s expiration policies.

I don’t want to pollute your issues with this, but I feel most people with a brain are going to come here for info.

Having a look, its just a generic parking domain. I’ve sent requests the match discords and I don’t see anything that indicates “they are trying to steal your accounts” it’s just a simple 302 redirect to a parking domain.

So Remember! ✅ FxTwitter.com is Safe ✅ FxFuraffinity.com appears to be Safe ❌ FxDeviantArt.com domain has just expired and at present doesn’t appear to be anything nefarious (but that doesn’t stop someone buying it and doing something dodgy)

Fxraffinity.net seems to be safe as well.