on 12-07-2017 00:55
on 09-08-2020 11:09
Just had the same problem myself, fixed it by just changing the DNS servers... If you change them to googles 8.8.8.8 or 1.1.1.1 then refresh the page you're trying to load it fixes the problem. Hope this helps!
on 09-08-2020 13:46
Can you change the dns settings at a router level? I seem to recall this was not possible.
Also as a Web developer this does not solve the problem for all your users who may also be on Virgin.
on 09-08-2020 18:10
@Iantothew wrote:Can you change the dns settings at a router level? I seem to recall this was not possible.
Also as a Web developer this does not solve the problem for all your users who may also be on Virgin.
In the SH2/SH2ac/Hub3/Hub4 The answer is no. (Unless it's changed, Highly doubtful).
A fixed server should rarely have a IP change so it shouldn't be a big issue, have you seen it happen again recently - and where it doesn't respect the TTL settings? Keep your TTL values low if there's going to be a regular~ change.
on 23-02-2021 00:47
Same kind of issue! But it's been 25 days and my client is not happy with the situation. How can I get some support from Virgin Media? Since I'm not a client can I have some kind of support?
When I dig the DNS it gave me wrong IP, but when a DIG with trace the right IP is shown. How VM work?
______
$ dig beautybosshq.com @194.168.4.100 +short
81.99.162.48
$ dig beautybosshq.com @194.168.4.100 +short +trace
NS i.root-servers.net. from server 194.168.4.100 in 19 ms.
NS j.root-servers.net. from server 194.168.4.100 in 19 ms.
NS k.root-servers.net. from server 194.168.4.100 in 19 ms.
NS l.root-servers.net. from server 194.168.4.100 in 19 ms.
NS m.root-servers.net. from server 194.168.4.100 in 19 ms.
NS b.root-servers.net. from server 194.168.4.100 in 19 ms.
NS c.root-servers.net. from server 194.168.4.100 in 19 ms.
NS d.root-servers.net. from server 194.168.4.100 in 19 ms.
NS e.root-servers.net. from server 194.168.4.100 in 19 ms.
NS f.root-servers.net. from server 194.168.4.100 in 19 ms.
NS g.root-servers.net. from server 194.168.4.100 in 19 ms.
NS h.root-servers.net. from server 194.168.4.100 in 19 ms.
NS a.root-servers.net. from server 194.168.4.100 in 19 ms.
A 192.124.249.7 from server 173.201.76.29 in 35 ms.
on 23-02-2021 01:00
on 23-02-2021 05:30
That's not ANES kicking in, it's Virus Safe
@filipecsilva - The site looks as if it may have been compromised. I suggest that the first thing the owner does is secure the site by changing then check through it very carefully.
It's showing up under VirusTotal as suspicious. Both VM and BT are marking it dangerous.
Tim
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks
on 23-02-2021 18:24
on 23-02-2021 19:25
@filipecsilva wrote:
@ravenstar68
I'm the site administrator. The site has been cleaned and is behind a firewall now, which is the why the IP has changed. Only CyRadar is accusing a false positive and I can't contact them until now. How VM check the site?
If you check the site on VirusTotal using the https is totally safe. But even then I cannot reach the site when on VM network.
And why is this related with the IP/DNS not updating?
Because when a DNS lookup is deemed suspect - the connection is redirected to a special proxy and the onward connection is made from there this allows VM (or BT for that manner) to look for suspicious traffic.
HOWEVER
The proxies only really work properly with HTTP connections. This has been a pain for people using HTTPS IMAP, POP3 and SMTP in the past.
As stated it's not just VM that are intercepting your lookup.
Here's what get on a BT connection::
C:\Users\timdu>dig beautybosshq.com
; <<>> DiG 9.16.11 <<>> beautybosshq.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41664
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;beautybosshq.com. IN A
;; ANSWER SECTION:
beautybosshq.com. 30 IN A 81.130.111.239
;; Query time: 24 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Tue Feb 23 19:16:13 GMT Standard Time 2021
;; MSG SIZE rcvd: 61
It's not broken - it's working as designed.. You need to clean your site reputation.
Tim
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks
on 24-02-2021 20:13
@ravenstar68 wrote:Because when a DNS lookup is deemed suspect - the connection is redirected to a special proxy and the onward connection is made from there this allows VM (or BT for that manner) to look for suspicious traffic.
HOWEVER
The proxies only really work properly with HTTP connections. This has been a pain for people using HTTPS IMAP, POP3 and SMTP in the past.
As stated it's not just VM that are intercepting your lookup.
It's not broken - it's working as designed.. You need to clean your site reputation.
Tim
Is this a UK ISP thing?
I have clean the, now, false positive from all the services on VirusTotal, except for CyRadar, which tool seems to not be working and are not responding any email.
How am I supposed to clean the reputation if the service is unreachable? I'm really open to any kind of idea you give me, but the site is clean. It's been reverified and removed from all the blacklists in the past weeks. How much long more the site will be "hostage" of this?
There is nothing else I could do? Create a new domain just to deal with VM and BT? There is no way to request VM and BT to review this?
On another topic, is this a good design? Since it seems to be a struggle for a few developers and even with this kind of protections, it doesn't really protect people from fishing/scam/malware/etc.
on 24-02-2021 20:29
Can you escalate this to security to see if they can assist here?
@filipecsilva With regards to BT you'd need to reach out to them possibly via their Forums..
Tim
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks