problem sucked from the finger.
WELL AND WHAT that it is so made?
ping habrahabr.mealstrom.org.ua… so what?
you can think that this is a competent ddos ​​stub, or someone
didn’t change the default configs correctly.

Didn't understand anything, what is it? I saw many times when, during ddos ​​attacks, resource owners changed the entry to 127.0.0.1

There are many such names, for example eblan.us
It seems to me that this is just a way to park a domain. It is convenient if the site is still under development - each developer can access their local version of the site using the real domain name, there are fewer trivial errors during transfer, etc.

You don't even have to go far. Try ping on habralab.ru:)

> nslookup dp.000.in

This address is not available to me. The 000.in zone also seems to be gone.
I see two options:
1. This procedure is somehow done by a JS script
2. An entry has been added to hosts.

What prevents to register any address on any domain, including 127.0.0.1?

It's not JS.
Someone (http://www.ipaddress.com/domain_whois/000.in) came up with the idea to register the address 127.0.0.1 in the DNS :) Well done! I checked from computers installed in different parts of the world. Now dp.000.in=127.0.0.1 in all root DNS servers, as well as Google.
nslookup dp.000.in dns1.name-services.com
nslookup dp.000.in 8.8.8.8

So yes
PING dp.000.in (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.027 ms
I don't see any attack, except that after these events everyone rushes to use dp.000.in instead of localhost.
Just a funny joke =)

Yes, nothing special, I created a lo entry in the search-domain a long time ago, so as not to write a lot.