Time and Maxis started to hijack dns query

Lowyat.NET forums

Lowyat.NET Kopitiam Garage Sales

Lowyat.NET Rules and Regulations FAQ Help Search Members

Welcome Guest ( Log In | Register )

Lowyat.NET -> Networks and Broadband

Bump Topic Add Reply RSS Feed

12 Pages « < 8 9 10 11 12 >Bottom

Outline · [ Standard ] · Linear+

Time and Maxis started to hijack dns query

views

kwss	Sep 7 2024, 07:58 AM Show posts by this member only \| Post #181
Regular Senior Member 1,207 posts Joined: Aug 2018	QUOTE(Sam Leong @ Sep 7 2024, 07:53 AM) » Click to show Spoiler - click again to hide... « TIME Residential CODE nmap scan report for dns.google (8.8.4.4) Host is up (0.0038s latency). Other addresses for dns.google (not scanned): 2001:4860:4860::8844 PORT STATE SERVICE VERSION 53/tcp open tcpwrapped 443/tcp open ssl/https HTTP server (unknown) \|_http-title: Google Public DNS \| ssl-cert: Subject: commonName=dns.google \| Subject Alternative Name: DNS:dns.google, DNS:dns.google.com, DNS:.dns.google.com, DNS:8888.google, DNS:dns64.dns.google, IP Address:8.8.8.8, IP Address:8.8.4.4, IP Address:2001:4860:4860:0:0:0:0:8888, IP Address:2001:4860:4860:0:0:0:0:8844, IP Address:2001:4860:4860:0:0:0:0:6464, IP Address:2001:4860:4860:0:0:0:0:64 \| Not valid before: 2024-08-12T07:19:55 \|_Not valid after: 2024-11-04T07:19:54 \| fingerprint-strings: \| FourOhFourRequest: \| HTTP/1.0 302 Found \| X-Content-Type-Options: nosniff \| Access-Control-Allow-Origin: \| Location: https://dns.google/nice%20ports%2C/Trinity.txt.bak \| Date: Fri, 06 Sep 2024 23:50:49 GMT \| Content-Type: text/html; charset=UTF-8 \| Server: HTTP server (unknown) \| Content-Length: 247 \| X-XSS-Protection: 0 \| X-Frame-Options: SAMEORIGIN \| Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 \| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> \| <TITLE>302 Moved</TITLE></HEAD><BODY> \| <H1>302 Moved</H1> \| document has moved \| HREF="https://dns.google/nice%20ports%2C/Trinity.txt.bak">here</A>. \| </BODY></HTML> \| GetRequest: \| HTTP/1.0 302 Found \| X-Content-Type-Options: nosniff \| Access-Control-Allow-Origin: * \| Location: https://dns.google/ \| Date: Fri, 06 Sep 2024 23:50:49 GMT \| Content-Type: text/html; charset=UTF-8 \| Server: HTTP server (unknown) \| Content-Length: 216 \| X-XSS-Protection: 0 \| X-Frame-Options: SAMEORIGIN \| Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 \| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> \| <TITLE>302 Moved</TITLE></HEAD><BODY> \| <H1>302 Moved</H1> \| document has moved \| HREF="https://dns.google/">here</A>. \| </BODY></HTML> \| HTTPOptions: \| HTTP/1.0 302 Found \| X-Content-Type-Options: nosniff \| Location: https://dns.google/ \| Date: Fri, 06 Sep 2024 23:50:49 GMT \| Content-Type: text/html; charset=UTF-8 \| Server: HTTP server (unknown) \| Content-Length: 216 \| X-XSS-Protection: 0 \| X-Frame-Options: SAMEORIGIN \| Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 \| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> \| <TITLE>302 Moved</TITLE></HEAD><BODY> \| <H1>302 Moved</H1> \| document has moved \| HREF="https://dns.google/">here</A>. \|_ </BODY></HTML> \|_ssl-date: TLS randomness does not represent time \| http-server-header: \| HTTP server (unknown) \|_ scaffolding on HTTPServer2 853/tcp open ssl/domain (generic dns response: SERVFAIL) \|_ssl-date: TLS randomness does not represent time \| fingerprint-strings: \| DNSVersionBindReqTCP: \| version \|_ bind \|_dns-nsid: ERROR: Script execution failed (use -d to debug) \| ssl-cert: Subject: commonName=dns.google \| Subject Alternative Name: DNS:dns.google, DNS:dns.google.com, DNS:.dns.google.com, DNS:8888.google, DNS:dns64.dns.google, IP Address:8.8.8.8, IP Address:8.8.4.4, IP Address:2001:4860:4860:0:0:0:0:8888, IP Address:2001:4860:4860:0:0:0:0:8844, IP Address:2001:4860:4860:0:0:0:0:6464, IP Address:2001:4860:4860:0:0:0:0:64 \| Not valid before: 2024-08-12T07:19:55 \|_Not valid after: 2024-11-04T07:19:54 2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service : ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port443-TCP:V=7.94SVN%T=SSL%I=7%D=9/7%Time=66DB9559%P=x86_64-pc-linux-g SF:nu%r(GetRequest,23A,"HTTP/1\.0\x20302\x20Found\r\nX-Content-Type-Option SF:s:\x20nosniff\r\nAccess-Control-Allow-Origin:\x20\\r\nLocation:\x20htt SF:ps://dns\.google/\r\nDate:\x20Fri,\x2006\x20Sep\x202024\x2023:50:49\x20 SF:GMT\r\nContent-Type:\x20text/html;\x20charset=UTF-8\r\nServer:\x20HTTP\ SF:x20server\x20\(unknown\)\r\nContent-Length:\x20216\r\nX-XSS-Protection: SF:\x200\r\nX-Frame-Options:\x20SAMEORIGIN\r\nAlt-Svc:\x20h3=\":443\";\x20 SF:ma=2592000,h3-29=\":443\";\x20ma=2592000\r\n\r\n<HTML><HEAD><meta\x20ht SF:tp-equiv=\"content-type\"\x20content=\"text/html;charset=utf-8\">\n<TIT SF:LE>302\x20Moved</TITLE></HEAD><BODY>\n<H1>302\x20Moved</H1>\nThe\x20doc SF:ument\x20has\x20moved\n<A\x20HREF=\"https://dns\.google/\">here</A>\.\r SF:\n</BODY></HTML>\r\n")%r(HTTPOptions,21A,"HTTP/1\.0\x20302\x20Found\r\n SF:X-Content-Type-Options:\x20nosniff\r\nLocation:\x20https://dns\.google/ SF:\r\nDate:\x20Fri,\x2006\x20Sep\x202024\x2023:50:49\x20GMT\r\nContent-Ty SF:pe:\x20text/html;\x20charset=UTF-8\r\nServer:\x20HTTP\x20server\x20\(un SF:known\)\r\nContent-Length:\x20216\r\nX-XSS-Protection:\x200\r\nX-Frame- SF:Options:\x20SAMEORIGIN\r\nAlt-Svc:\x20h3=\":443\";\x20ma=2592000,h3-29= SF:\":443\";\x20ma=2592000\r\n\r\n<HTML><HEAD><meta\x20http-equiv=\"conten SF:t-type\"\x20content=\"text/html;charset=utf-8\">\n<TITLE>302\x20Moved</ SF:TITLE></HEAD><BODY>\n<H1>302\x20Moved</H1>\nThe\x20document\x20has\x20m SF:oved\n<A\x20HREF=\"https://dns\.google/\">here</A>\.\r\n</BODY></HTML>\ SF:r\n")%r(FourOhFourRequest,278,"HTTP/1\.0\x20302\x20Found\r\nX-Content-T SF:ype-Options:\x20nosniff\r\nAccess-Control-Allow-Origin:\x20\*\r\nLocati SF:on:\x20https://dns\.google/nice%20ports%2C/Trinity\.txt\.bak\r\nDate:\x SF:20Fri,\x2006\x20Sep\x202024\x2023:50:49\x20GMT\r\nContent-Type:\x20text SF:/html;\x20charset=UTF-8\r\nServer:\x20HTTP\x20server\x20\(unknown\)\r\n SF:Content-Length:\x20247\r\nX-XSS-Protection:\x200\r\nX-Frame-Options:\x2 SF:0SAMEORIGIN\r\nAlt-Svc:\x20h3=\":443\";\x20ma=2592000,h3-29=\":443\";\x SF:20ma=2592000\r\n\r\n<HTML><HEAD><meta\x20http-equiv=\"content-type\"\x2 SF:0content=\"text/html;charset=utf-8\">\n<TITLE>302\x20Moved</TITLE></HEA SF:D><BODY>\n<H1>302\x20Moved</H1>\nThe\x20document\x20has\x20moved\n<A\x2 SF:0HREF=\"https://dns\.google/nice%20ports%2C/Trinity\.txt\.bak\">here</A SF:>\.\r\n</BODY></HTML>\r\n"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port853-TCP:V=7.94SVN%T=SSL%I=7%D=9/7%Time=66DB955E%P=x86_64-pc-linux-g SF:nu%r(DNSVersionBindReqTCP,20,"\0\x1e\0\x06\x81\x82\0\x01\0\0\0\0\0\0\x0 SF:7version\x04bind\0\0\x10\0\x03"); Looks okay.
Card PM	Report Top Like Quote Reply

BladeRider88	Sep 7 2024, 08:02 AM Show posts by this member only \| IPv6 \| Post #182
On my way Junior Member 554 posts Joined: Nov 2006	QUOTE(kwss @ Sep 7 2024, 07:48 AM) Care to post of output of the command: CODE nmap -sCV -Pn -p 53,443,853 dns.google This is with my paid private DNS server CODE Starting Nmap 7.95 ( https://nmap.org ) at 2024-09-07 07:53 Malay Peninsula Standard Time Nmap scan report for dns.google () Host is up (0.012s latency). PORT STATE SERVICE VERSION 53/tcp open domain? 443/tcp open https? \|_http-title: Google Public DNS \| ssl-cert: Subject: commonName=dns.google \| Subject Alternative Name: IP Address:, DNS:dns.google, DNS:dns.google.com, DNS:.dns.google.com, DNS:8888.google, DNS:dns64.dns.google, IP Address:8.8.8.8, IP Address:8.8.4.4, IP Address:2001:4860:4860:0:0:0:0:8888, IP Address:2001:4860:4860:0:0:0:0:8844, IP Address:2001:4860:4860:0:0:0:0:6464, IP Address:2001:4860:4860:0:0:0:0:64 \| Not valid before: 2024-03-08T23:38:17 \|_Not valid after: 2025-03-07T23:38:17 853/tcp open domain-s? \| ssl-cert: Subject: commonName=dns.google \| Subject Alternative Name: DNS:dns.google, DNS:dns.google.com, DNS:.dns.google.com, DNS:8888.google, DNS:dns64.dns.google, IP Address:8.8.8.8, IP Address:8.8.4.4, IP Address:2001:4860:4860:0:0:0:0:8888, IP Address:2001:4860:4860:0:0:0:0:8844, IP Address:2001:4860:4860:0:0:0:0:6464, IP Address:2001:4860:4860:0:0:0:0:64 \| Not valid before: 2024-08-12T07:19:55 \|_Not valid after: 2024-11-04T07:19:54 Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 27.45 seconds This is with CF, Google DNS server CODE Starting Nmap 7.95 ( https://nmap.org ) at 2024-09-07 07:58 Malay Peninsula Standard Time Nmap scan report for dns.google (8.8.4.4) Host is up (0.0082s latency). Other addresses for dns.google (not scanned): 2001:4860:4860::8888 2001:4860:4860::8844 8.8.8.8 PORT STATE SERVICE VERSION 53/tcp open tcpwrapped 443/tcp open ssl/https HTTP server (unknown) \| fingerprint-strings: \| FourOhFourRequest: \| HTTP/1.0 302 Found \| X-Content-Type-Options: nosniff \| Access-Control-Allow-Origin: * \| Location: https://dns.google/nice%20ports%2C/Trinity.txt.bak \| Date: Fri, 06 Sep 2024 23:58:50 GMT \| Content-Type: text/html; charset=UTF-8 \| Server: HTTP server (unknown) \| Content-Length: 247 \| X-XSS-Protection: 0 \| X-Frame-Options: SAMEORIGIN \| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> \| <TITLE>302 Moved</TITLE></HEAD><BODY> \| <H1>302 Moved</H1> \| document has moved \| HREF="https://dns.google/nice%20ports%2C/Trinity.txt.bak">here</A>. \| </BODY></HTML> \| GetRequest: \| HTTP/1.0 302 Found \| X-Content-Type-Options: nosniff \| Access-Control-Allow-Origin: * \| Location: https://dns.google/ \| Date: Fri, 06 Sep 2024 23:58:49 GMT \| Content-Type: text/html; charset=UTF-8 \| Server: HTTP server (unknown) \| Content-Length: 216 \| X-XSS-Protection: 0 \| X-Frame-Options: SAMEORIGIN \| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> \| <TITLE>302 Moved</TITLE></HEAD><BODY> \| <H1>302 Moved</H1> \| document has moved \| HREF="https://dns.google/">here</A>. \| </BODY></HTML> \| HTTPOptions: \| HTTP/1.0 302 Found \| X-Content-Type-Options: nosniff \| Location: https://dns.google/ \| Date: Fri, 06 Sep 2024 23:58:50 GMT \| Content-Type: text/html; charset=UTF-8 \| Server: HTTP server (unknown) \| Content-Length: 216 \| X-XSS-Protection: 0 \| X-Frame-Options: SAMEORIGIN \| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> \| <TITLE>302 Moved</TITLE></HEAD><BODY> \| <H1>302 Moved</H1> \| document has moved \| HREF="https://dns.google/">here</A>. \|_ </BODY></HTML> \| http-server-header: \| HTTP server (unknown) \|_ scaffolding on HTTPServer2 \| ssl-cert: Subject: commonName=dns.google \| Subject Alternative Name: IP Address:8.8.4.4, DNS:dns.google, DNS:dns.google.com, DNS:.dns.google.com, DNS:8888.google, DNS:dns64.dns.google, IP Address:8.8.8.8, IP Address:2001:4860:4860:0:0:0:0:8888, IP Address:2001:4860:4860:0:0:0:0:8844, IP Address:2001:4860:4860:0:0:0:0:6464, IP Address:2001:4860:4860:0:0:0:0:64 \| Not valid before: 2024-03-08T23:58:42 \|_Not valid after: 2025-03-07T23:58:42 \|_http-title: Google Public DNS 853/tcp open ssl/domain (generic dns response: SERVFAIL) \| ssl-cert: Subject: commonName=dns.google \| Subject Alternative Name: DNS:dns.google, DNS:dns.google.com, DNS:.dns.google.com, DNS:8888.google, DNS:dns64.dns.google, IP Address:8.8.8.8, IP Address:8.8.4.4, IP Address:2001:4860:4860:0:0:0:0:8888, IP Address:2001:4860:4860:0:0:0:0:8844, IP Address:2001:4860:4860:0:0:0:0:6464, IP Address:2001:4860:4860:0:0:0:0:64 \| Not valid before: 2024-08-12T07:19:55 \|_Not valid after: 2024-11-04T07:19:54 \| fingerprint-strings: \| DNSVersionBindReqTCP: \| version \|_ bind \|_ssl-date: TLS randomness does not represent time 2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service : ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port443-TCP:V=7.95%T=SSL%I=7%D=9/7%Time=66DB9738%P=i686-pc-windows-wind SF:ows%r(GetRequest,201,"HTTP/1\.0\x20302\x20Found\r\nX-Content-Type-Optio SF:ns:\x20nosniff\r\nAccess-Control-Allow-Origin:\x20\\r\nLocation:\x20ht SF:tps://dns\.google/\r\nDate:\x20Fri,\x2006\x20Sep\x202024\x2023:58:49\x2 SF:0GMT\r\nContent-Type:\x20text/html;\x20charset=UTF-8\r\nServer:\x20HTTP SF:\x20server\x20\(unknown\)\r\nContent-Length:\x20216\r\nX-XSS-Protection SF::\x200\r\nX-Frame-Options:\x20SAMEORIGIN\r\n\r\n<HTML><HEAD><meta\x20ht SF:tp-equiv=\"content-type\"\x20content=\"text/html;charset=utf-8\">\n<TIT SF:LE>302\x20Moved</TITLE></HEAD><BODY>\n<H1>302\x20Moved</H1>\nThe\x20doc SF:ument\x20has\x20moved\n<A\x20HREF=\"https://dns\.google/\">here</A>\.\r SF:\n</BODY></HTML>\r\n")%r(HTTPOptions,1E1,"HTTP/1\.0\x20302\x20Found\r\n SF:X-Content-Type-Options:\x20nosniff\r\nLocation:\x20https://dns\.google/ SF:\r\nDate:\x20Fri,\x2006\x20Sep\x202024\x2023:58:50\x20GMT\r\nContent-Ty SF:pe:\x20text/html;\x20charset=UTF-8\r\nServer:\x20HTTP\x20server\x20\(un SF:known\)\r\nContent-Length:\x20216\r\nX-XSS-Protection:\x200\r\nX-Frame- SF:Options:\x20SAMEORIGIN\r\n\r\n<HTML><HEAD><meta\x20http-equiv=\"content SF:-type\"\x20content=\"text/html;charset=utf-8\">\n<TITLE>302\x20Moved</T SF:ITLE></HEAD><BODY>\n<H1>302\x20Moved</H1>\nThe\x20document\x20has\x20mo SF:ved\n<A\x20HREF=\"https://dns\.google/\">here</A>\.\r\n</BODY></HTML>\r SF:\n")%r(FourOhFourRequest,23F,"HTTP/1\.0\x20302\x20Found\r\nX-Content-Ty SF:pe-Options:\x20nosniff\r\nAccess-Control-Allow-Origin:\x20\\r\nLocatio SF:n:\x20https://dns\.google/nice%20ports%2C/Trinity\.txt\.bak\r\nDate:\x2 SF:0Fri,\x2006\x20Sep\x202024\x2023:58:50\x20GMT\r\nContent-Type:\x20text/ SF:html;\x20charset=UTF-8\r\nServer:\x20HTTP\x20server\x20\(unknown\)\r\nC SF:ontent-Length:\x20247\r\nX-XSS-Protection:\x200\r\nX-Frame-Options:\x20 SF:SAMEORIGIN\r\n\r\n<HTML><HEAD><meta\x20http-equiv=\"content-type\"\x20c SF:ontent=\"text/html;charset=utf-8\">\n<TITLE>302\x20Moved</TITLE></HEAD> SF:<BODY>\n<H1>302\x20Moved</H1>\nThe\x20document\x20has\x20moved\n<A\x20H SF:REF=\"https://dns\.google/nice%20ports%2C/Trinity\.txt\.bak\">here</A>\ SF:.\r\n</BODY></HTML>\r\n"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port853-TCP:V=7.95%T=SSL%I=7%D=9/7%Time=66DB973D%P=i686-pc-windows-wind SF:ows%r(DNSVersionBindReqTCP,20,"\0\x1e\0\x06\x81\x82\0\x01\0\0\0\0\0\0\x SF:07version\x04bind\0\0\x10\0\x03"); Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 72.56 seconds Jeezzz now it working back to normal, but i managed to keep the screenshot the moment when it is not working
Card PM	Report Top Like Quote Reply

kwss	Sep 7 2024, 08:07 AM Show posts by this member only \| Post #183
Regular Senior Member 1,207 posts Joined: Aug 2018	QUOTE(BladeRider88 @ Sep 7 2024, 08:02 AM) This is with my paid private DNS server » Click to show Spoiler - click again to hide... « CODE Starting Nmap 7.95 ( https://nmap.org ) at 2024-09-07 07:53 Malay Peninsula Standard Time Nmap scan report for dns.google () Host is up (0.012s latency). PORT STATE SERVICE VERSION 53/tcp open domain? 443/tcp open https? \|_http-title: Google Public DNS \| ssl-cert: Subject: commonName=dns.google \| Subject Alternative Name: IP Address:, DNS:dns.google, DNS:dns.google.com, DNS:.dns.google.com, DNS:8888.google, DNS:dns64.dns.google, IP Address:8.8.8.8, IP Address:8.8.4.4, IP Address:2001:4860:4860:0:0:0:0:8888, IP Address:2001:4860:4860:0:0:0:0:8844, IP Address:2001:4860:4860:0:0:0:0:6464, IP Address:2001:4860:4860:0:0:0:0:64 \| Not valid before: 2024-03-08T23:38:17 \|_Not valid after: 2025-03-07T23:38:17 853/tcp open domain-s? \| ssl-cert: Subject: commonName=dns.google \| Subject Alternative Name: DNS:dns.google, DNS:dns.google.com, DNS:.dns.google.com, DNS:8888.google, DNS:dns64.dns.google, IP Address:8.8.8.8, IP Address:8.8.4.4, IP Address:2001:4860:4860:0:0:0:0:8888, IP Address:2001:4860:4860:0:0:0:0:8844, IP Address:2001:4860:4860:0:0:0:0:6464, IP Address:2001:4860:4860:0:0:0:0:64 \| Not valid before: 2024-08-12T07:19:55 \|_Not valid after: 2024-11-04T07:19:54 Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 27.45 seconds This is with CF, Google DNS server » Click to show Spoiler - click again to hide... « CODE Starting Nmap 7.95 ( https://nmap.org ) at 2024-09-07 07:58 Malay Peninsula Standard Time Nmap scan report for dns.google (8.8.4.4) Host is up (0.0082s latency). Other addresses for dns.google (not scanned): 2001:4860:4860::8888 2001:4860:4860::8844 8.8.8.8 PORT STATE SERVICE VERSION 53/tcp open tcpwrapped 443/tcp open ssl/https HTTP server (unknown) \| fingerprint-strings: \| FourOhFourRequest: \| HTTP/1.0 302 Found \| X-Content-Type-Options: nosniff \| Access-Control-Allow-Origin: * \| Location: https://dns.google/nice%20ports%2C/Trinity.txt.bak \| Date: Fri, 06 Sep 2024 23:58:50 GMT \| Content-Type: text/html; charset=UTF-8 \| Server: HTTP server (unknown) \| Content-Length: 247 \| X-XSS-Protection: 0 \| X-Frame-Options: SAMEORIGIN \| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> \| <TITLE>302 Moved</TITLE></HEAD><BODY> \| <H1>302 Moved</H1> \| document has moved \| HREF="https://dns.google/nice%20ports%2C/Trinity.txt.bak">here</A>. \| </BODY></HTML> \| GetRequest: \| HTTP/1.0 302 Found \| X-Content-Type-Options: nosniff \| Access-Control-Allow-Origin: * \| Location: https://dns.google/ \| Date: Fri, 06 Sep 2024 23:58:49 GMT \| Content-Type: text/html; charset=UTF-8 \| Server: HTTP server (unknown) \| Content-Length: 216 \| X-XSS-Protection: 0 \| X-Frame-Options: SAMEORIGIN \| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> \| <TITLE>302 Moved</TITLE></HEAD><BODY> \| <H1>302 Moved</H1> \| document has moved \| HREF="https://dns.google/">here</A>. \| </BODY></HTML> \| HTTPOptions: \| HTTP/1.0 302 Found \| X-Content-Type-Options: nosniff \| Location: https://dns.google/ \| Date: Fri, 06 Sep 2024 23:58:50 GMT \| Content-Type: text/html; charset=UTF-8 \| Server: HTTP server (unknown) \| Content-Length: 216 \| X-XSS-Protection: 0 \| X-Frame-Options: SAMEORIGIN \| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> \| <TITLE>302 Moved</TITLE></HEAD><BODY> \| <H1>302 Moved</H1> \| document has moved \| HREF="https://dns.google/">here</A>. \|_ </BODY></HTML> \| http-server-header: \| HTTP server (unknown) \|_ scaffolding on HTTPServer2 \| ssl-cert: Subject: commonName=dns.google \| Subject Alternative Name: IP Address:8.8.4.4, DNS:dns.google, DNS:dns.google.com, DNS:.dns.google.com, DNS:8888.google, DNS:dns64.dns.google, IP Address:8.8.8.8, IP Address:2001:4860:4860:0:0:0:0:8888, IP Address:2001:4860:4860:0:0:0:0:8844, IP Address:2001:4860:4860:0:0:0:0:6464, IP Address:2001:4860:4860:0:0:0:0:64 \| Not valid before: 2024-03-08T23:58:42 \|_Not valid after: 2025-03-07T23:58:42 \|_http-title: Google Public DNS 853/tcp open ssl/domain (generic dns response: SERVFAIL) \| ssl-cert: Subject: commonName=dns.google \| Subject Alternative Name: DNS:dns.google, DNS:dns.google.com, DNS:.dns.google.com, DNS:8888.google, DNS:dns64.dns.google, IP Address:8.8.8.8, IP Address:8.8.4.4, IP Address:2001:4860:4860:0:0:0:0:8888, IP Address:2001:4860:4860:0:0:0:0:8844, IP Address:2001:4860:4860:0:0:0:0:6464, IP Address:2001:4860:4860:0:0:0:0:64 \| Not valid before: 2024-08-12T07:19:55 \|_Not valid after: 2024-11-04T07:19:54 \| fingerprint-strings: \| DNSVersionBindReqTCP: \| version \|_ bind \|_ssl-date: TLS randomness does not represent time 2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service : ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port443-TCP:V=7.95%T=SSL%I=7%D=9/7%Time=66DB9738%P=i686-pc-windows-wind SF:ows%r(GetRequest,201,"HTTP/1\.0\x20302\x20Found\r\nX-Content-Type-Optio SF:ns:\x20nosniff\r\nAccess-Control-Allow-Origin:\x20\\r\nLocation:\x20ht SF:tps://dns\.google/\r\nDate:\x20Fri,\x2006\x20Sep\x202024\x2023:58:49\x2 SF:0GMT\r\nContent-Type:\x20text/html;\x20charset=UTF-8\r\nServer:\x20HTTP SF:\x20server\x20\(unknown\)\r\nContent-Length:\x20216\r\nX-XSS-Protection SF::\x200\r\nX-Frame-Options:\x20SAMEORIGIN\r\n\r\n<HTML><HEAD><meta\x20ht SF:tp-equiv=\"content-type\"\x20content=\"text/html;charset=utf-8\">\n<TIT SF:LE>302\x20Moved</TITLE></HEAD><BODY>\n<H1>302\x20Moved</H1>\nThe\x20doc SF:ument\x20has\x20moved\n<A\x20HREF=\"https://dns\.google/\">here</A>\.\r SF:\n</BODY></HTML>\r\n")%r(HTTPOptions,1E1,"HTTP/1\.0\x20302\x20Found\r\n SF:X-Content-Type-Options:\x20nosniff\r\nLocation:\x20https://dns\.google/ SF:\r\nDate:\x20Fri,\x2006\x20Sep\x202024\x2023:58:50\x20GMT\r\nContent-Ty SF:pe:\x20text/html;\x20charset=UTF-8\r\nServer:\x20HTTP\x20server\x20\(un SF:known\)\r\nContent-Length:\x20216\r\nX-XSS-Protection:\x200\r\nX-Frame- SF:Options:\x20SAMEORIGIN\r\n\r\n<HTML><HEAD><meta\x20http-equiv=\"content SF:-type\"\x20content=\"text/html;charset=utf-8\">\n<TITLE>302\x20Moved</T SF:ITLE></HEAD><BODY>\n<H1>302\x20Moved</H1>\nThe\x20document\x20has\x20mo SF:ved\n<A\x20HREF=\"https://dns\.google/\">here</A>\.\r\n</BODY></HTML>\r SF:\n")%r(FourOhFourRequest,23F,"HTTP/1\.0\x20302\x20Found\r\nX-Content-Ty SF:pe-Options:\x20nosniff\r\nAccess-Control-Allow-Origin:\x20\\r\nLocatio SF:n:\x20https://dns\.google/nice%20ports%2C/Trinity\.txt\.bak\r\nDate:\x2 SF:0Fri,\x2006\x20Sep\x202024\x2023:58:50\x20GMT\r\nContent-Type:\x20text/ SF:html;\x20charset=UTF-8\r\nServer:\x20HTTP\x20server\x20\(unknown\)\r\nC SF:ontent-Length:\x20247\r\nX-XSS-Protection:\x200\r\nX-Frame-Options:\x20 SF:SAMEORIGIN\r\n\r\n<HTML><HEAD><meta\x20http-equiv=\"content-type\"\x20c SF:ontent=\"text/html;charset=utf-8\">\n<TITLE>302\x20Moved</TITLE></HEAD> SF:<BODY>\n<H1>302\x20Moved</H1>\nThe\x20document\x20has\x20moved\n<A\x20H SF:REF=\"https://dns\.google/nice%20ports%2C/Trinity\.txt\.bak\">here</A>\ SF:.\r\n</BODY></HTML>\r\n"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port853-TCP:V=7.95%T=SSL%I=7%D=9/7%Time=66DB973D%P=i686-pc-windows-wind SF:ows%r(DNSVersionBindReqTCP,20,"\0\x1e\0\x06\x81\x82\0\x01\0\0\0\0\0\0\x SF:07version\x04bind\0\0\x10\0\x03"); Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 72.56 seconds Jeezzz now it working back to normal, but i managed to keep the screenshot the moment when it is not working Actually all looks fine. The slight difference in output is expected depending on which server you hit. The only thing nmap cannot tell is the certificate signature and issuer. BladeRider88 liked this post
Card PM	Report Top Like Quote Reply

PRSXFENG	Sep 7 2024, 08:10 AM Show posts by this member only \| IPv6 \| Post #184
Look at all my stars!! Senior Member 2,608 posts Joined: Nov 2020	QUOTE(kwss @ Sep 7 2024, 08:07 AM) Actually all looks fine. The slight difference in output is expected depending on which server you hit. The only thing nmap cannot tell is the certificate signature and issuer. maybe try a CODE openssl s_client --connect dns.google:443 and see? kwss liked this post
Card PM	Report Top Like Quote Reply

ChenKaiWen	Sep 7 2024, 08:22 AM Show posts by this member only \| IPv6 \| Post #185
Casual Junior Member 364 posts Joined: May 2019	QUOTE(Sam Leong @ Sep 7 2024, 07:56 AM) Also , from my side TIME didn't even implement DNS plaintext hijack not sure why Same here in Penang
Card PM	Report Top Like Quote Reply

Sam Leong	Sep 7 2024, 10:21 AM Show posts by this member only \| Post #186
On my way Junior Member 665 posts Joined: Mar 2016	Digi seems like messed up the DNS configuration causing all the services dead Server: UnKnown Address: 192.168.251.221 Name: youtube.com Address: 175.139.142.25 Server: UnKnown Address: 192.168.251.221 Name: google.com Address: 175.139.142.25 hasmidzul_jojo, PRSXFENG, and 1 other liked this post
Card PM	Report Top Like Quote Reply

Anime4000	Sep 7 2024, 11:18 AM Show posts by this member only \| IPv6 \| Post #187
Look at all my stars!! Senior Member 2,399 posts Joined: Jul 2009 From: /dev/null	Just in case, I could transport my whole Home LAN to Friend BGP, making like I staying in SG Data Centre speed I get via 2Gbps is using Wireguard on RB5009, CPU under 70% usage dev/numb and hasmidzul_jojo liked this post
Card PM	Report Top Like Quote Reply

HayateAyakasi8	Sep 7 2024, 11:25 AM Show posts by this member only \| IPv6 \| Post #188
On my way Junior Member 647 posts Joined: Jun 2014	QUOTE(Anime4000 @ Sep 7 2024, 11:18 AM) Just in case, I could transport my whole Home LAN to Friend BGP, making like I staying in SG Data Centre speed I get via 2Gbps is using Wireguard on RB5009, CPU under 70% usage Big speed penalty or getting near full speed and low ping?
Card PM	Report Top Like Quote Reply

killer_pussylover	Sep 7 2024, 12:41 PM Show posts by this member only \| IPv6 \| Post #189
Getting Started Junior Member 205 posts Joined: Oct 2007	Seem UNIFI has unblocked the DNS. My end is OK, how about others?
Card PM	Report Top Like Quote Reply

TSaxxer	Sep 7 2024, 12:51 PM Show posts by this member only \| Post #190
Banned Validating 1,822 posts Joined: Jul 2010 From: Yesterday, 01:25 AM	QUOTE(Sam Leong @ Sep 7 2024, 10:21 AM) Digi seems like messed up the DNS configuration causing all the services dead Server: UnKnown Address: 192.168.251.221 Name: youtube.com Address: 175.139.142.25 Server: UnKnown Address: 192.168.251.221 Name: google.com Address: 175.139.142.25 Yep they just posted on fb that its fixed now, but their network has been down since early morning. Either totally down or intermittent slow. I guess they're still a/b testing this hijack shit and only deploy on some dc since its not countrywide problem. Many grab, foodpanda rider are furious and venting there lol I bet the problem is really this dns hijack shenanigan, and their fix is to disable it. Come on other telco deploy countrywide, to both residential and business users, don't be scared just a/b testing, be down too today and tomorrow and see the outcome of this shenanigan.
Card PM	Report Top Like Quote Reply

OKLY	Sep 7 2024, 01:26 PM Show posts by this member only \| IPv6 \| Post #191
The Penguin Vader Staff 12,089 posts Joined: Dec 2004 From: Malaysia	All the trial and error by the ISPs and making our connection having intermittent disconnection/issues, can we lodge a complaint?
Card PM	Report Top Like Quote Reply

MyProLife	Sep 7 2024, 01:56 PM Show posts by this member only \| Post #192
I bully wumao & MPKL Senior Member 2,074 posts Joined: Sep 2021 From: nowhere	QUOTE(OKLY @ Sep 7 2024, 01:26 PM) All the trial and error by the ISPs and making our connection having intermittent disconnection/issues, can we lodge a complaint? Yesterday got compain but live chat was queue quite long First time attempt TM chat agent check check check after I gave what issues detail and account number. But got disconnected and cannot reply. Need to open another live chat. Second time I just more direct says website load too slow or cannot open because of secure DNS thing. Live chat agent apologized and proceed to create a support ticket. Lol
Card PM	Report Top Like Quote Reply

squall0833	Sep 7 2024, 02:02 PM Show posts by this member only \| Post #193
Regular Senior Member 1,473 posts Joined: Oct 2006 From: Jupiter	QUOTE(sadlyfalways @ Sep 6 2024, 11:37 PM) I’m on maxis and still able to doh and even normal google dns works on public ip Because they lifted it in midnight 1am+ Right now isnt blocking They are doing more damage to the internet Stupid decision to block dns, now highly doubt the skill level of the staffs are doing the job
Card PM	Report Top Like Quote Reply

PRSXFENG	Sep 7 2024, 03:01 PM Show posts by this member only \| IPv6 \| Post #194
Look at all my stars!! Senior Member 2,608 posts Joined: Nov 2020	Hmm https://www.reddit.com/r/malaysia/comments/..._there_will_be/
Card PM	Report Top Like Quote Reply

PRSXFENG	Sep 7 2024, 03:24 PM Show posts by this member only \| IPv6 \| Post #195
Look at all my stars!! Senior Member 2,608 posts Joined: Nov 2020	Looks like Celcom (Tunetalk) is blanket hijacking port 53 any DNS Server, including niche ones, are all being hijacked and responds the TM Blackhole IP for U Mobile it seems like just some of the major ones are hijacked
Card PM	Report Top Like Quote Reply

jasontanky	Sep 7 2024, 03:28 PM Show posts by this member only \| Post #196
Casual Junior Member 446 posts Joined: Nov 2015	DNS Hijacking (Redirection) implementation DNS over Plaintext completely banned, DoT and DoH not affected Celcom: Block port 53 completely except its own DNS servers Digi: Redirect all traffic for port 53 to its own DNS servers DNS over Plaintext partially banned, DoT and DoH not affected Maxis: Redirect port 53 of well known DNS IPs to its DNS servers. Less well known one still works fine DNS of all types partially banned Unifi: DNS of mainstream providers (CF, Google, OpenDNS, Adguard, and etc) got banned including DoT and DoH. Less well known one still able to use even in plaintext mode Please correct if anything wrong
Card PM	Report Top Like Quote Reply

TSaxxer	Sep 7 2024, 04:01 PM Show posts by this member only \| Post #197
Banned Validating 1,822 posts Joined: Jul 2010 From: Yesterday, 01:25 AM	QUOTE(jasontanky @ Sep 7 2024, 03:28 PM) DNS Hijacking (Redirection) implementation DNS over Plaintext completely banned, DoT and DoH not affected Celcom: Block port 53 completely except its own DNS servers Digi: Redirect all traffic for port 53 to its own DNS servers DNS over Plaintext partially banned, DoT and DoH not affected Maxis: Redirect port 53 of well known DNS IPs to its DNS servers. Less well known one still works fine DNS of all types partially banned Unifi: DNS of mainstream providers (CF, Google, OpenDNS, Adguard, and etc) got banned including DoT and DoH. Less well known one still able to use even in plaintext mode Please correct if anything wrong My unifi still works with doh and dot even on popular dns provider. Currently 1 of my laptop is connected to cf dot to see when will it lose connection. Still haven't happened yet. I'm in east coast so nearest dc should be either kuantan or kota bharu. My guess is they still a/b testing this shit, might be enabled first on busy one like jb and kl hence why we heard multiple discrepancy report on what works and what doesn't. Weird tho if they start testing on busy dc, not on less congested one like here in east coast. Might aswell enable countrywide and see all hell break lose.
Card PM	Report Top Like Quote Reply

PRSXFENG	Sep 8 2024, 12:20 PM Show posts by this member only \| IPv6 \| Post #198
Look at all my stars!! Senior Member 2,608 posts Joined: Nov 2020	Ok need to post here also UTurn UTurn UTurn! https://x.com/fahmi_fadzil/status/1832628152570679401 QUOTE Isu jenayah dalam talian termasuk akses ke laman-laman web perjudian, persundalan, pornografi dan seumpamanya amat membimbangkan dan memerlukan usaha penyelesaian yang menyeluruh. Kerajaan tidak akan berkompromi dalam hal ini, demi menjamin keselamatan dalam talian buat rakyat Malaysia, khususnya kanak-kanak dan keluarga. Namun, mengambil kira pandangan yang disampaikan melalui siri libat urus @MCMC_RASMI serta daripada khalayak umum, saya telah meminta MCMC agak tidak meneruskan pelaksanaan kaedah penghalaan pengurusan Domain Name System (DNS). Pada masa sama, MCMC akan meneruskan siri libat urus bersama semua pemegang taruh untuk memperoleh pandangan, cadangan dan saranan bagi memastikan objektif internet yang lebih selamat dapat dicapai bersama. axxer liked this post
Card PM	Report Top Like Quote Reply

TSaxxer	Sep 8 2024, 12:33 PM Show posts by this member only \| Post #199
Banned Validating 1,822 posts Joined: Jul 2010 From: Yesterday, 01:25 AM	Thats one for the win! So no more testing period till end of the month and force enable on the 30th? Yesterday intermittent downtime and sluggishness on some telco network do kicked some sense into them. Its like even the whole collective of malaysian telco doesn't have enough competent network admins to predict the whole shenanigan outcome, just yolo follow fahmi/mcmc directive. Baffled.
Card PM	Report Top Like Quote Reply

Haru97	Sep 8 2024, 12:36 PM Show posts by this member only \| Post #200
New Member Junior Member 45 posts Joined: Jun 2019	QUOTE(PRSXFENG @ Sep 8 2024, 12:20 PM) Ok need to post here also UTurn UTurn UTurn! https://x.com/fahmi_fadzil/status/1832628152570679401 Confirmed on X post. Can anybody confirm TIme and Maxis and other ISPs deploying their DNS route rollback? I can confirm UNIFI is correctly connecting to public DNS services.
Card PM	Report Top Like Quote Reply

« Next Oldest · Networks and Broadband · Next Newest »

12 Pages « < 8 9 10 11 12 >Top

Add Reply Options

Change to:

0.0222sec

0.11

6 queries

GZIP Disabled
Time is now: 3rd December 2025 - 01:59 AM

All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)

Removal Request

Powered by Invision Power Board © 2025 IPS, Inc.