Virgin Media Virgin Media Community

Bunglenick · ‎12-07-2017

I have recently moved my website to a new host and updated the name servers of my domain to point to the new servers my site is on.
I have done a DNS check and the propagation process is completed WORLDWIDE.

That is, apart from with VM's DNS servers.
They still point to the old site on the old host.
Which I need to delete ASAP.

How can I fix this issue?
Doing a quick Google search shows this is a copy issue with no real solution.
Am I just stuck like this forever? Will half the country looking at an old site that can't be updated and my new site going to waste?

If so, how do I take VM to court for loss of earnings due to unfair censorship of my site?

louieheaton17 · ‎09-08-2020

Just had the same problem myself, fixed it by just changing the DNS servers... If you change them to googles 8.8.8.8 or 1.1.1.1 then refresh the page you're trying to load it fixes the problem. Hope this helps!

Iantothew · ‎09-08-2020

Can you change the dns settings at a router level? I seem to recall this was not possible.

Also as a Web developer this does not solve the problem for all your users who may also be on Virgin.

VMCopperUser · ‎09-08-2020

@Iantothew wrote:
Can you change the dns settings at a router level? I seem to recall this was not possible.
Also as a Web developer this does not solve the problem for all your users who may also be on Virgin.

In the SH2/SH2ac/Hub3/Hub4 The answer is no. (Unless it's changed, Highly doubtful).

A fixed server should rarely have a IP change so it shouldn't be a big issue, have you seen it happen again recently - and where it doesn't respect the TTL settings? Keep your TTL values low if there's going to be a regular~ change.

----
I do not work for VM, but I would. It is just a Job.
Most things I say I make up and sometimes it's useful, don't be mean if it's wrong.
I would also make websites for them, because the job never seems to require the website to work.

filipecsilva · ‎23-02-2021

Same kind of issue! But it's been 25 days and my client is not happy with the situation. How can I get some support from Virgin Media? Since I'm not a client can I have some kind of support?

When I dig the DNS it gave me wrong IP, but when a DIG with trace the right IP is shown. How VM work?

______

$ dig beautybosshq.com @194.168.4.100 +short
81.99.162.48

$ dig beautybosshq.com @194.168.4.100 +short +trace
NS i.root-servers.net. from server 194.168.4.100 in 19 ms.
NS j.root-servers.net. from server 194.168.4.100 in 19 ms.
NS k.root-servers.net. from server 194.168.4.100 in 19 ms.
NS l.root-servers.net. from server 194.168.4.100 in 19 ms.
NS m.root-servers.net. from server 194.168.4.100 in 19 ms.
NS b.root-servers.net. from server 194.168.4.100 in 19 ms.
NS c.root-servers.net. from server 194.168.4.100 in 19 ms.
NS d.root-servers.net. from server 194.168.4.100 in 19 ms.
NS e.root-servers.net. from server 194.168.4.100 in 19 ms.
NS f.root-servers.net. from server 194.168.4.100 in 19 ms.
NS g.root-servers.net. from server 194.168.4.100 in 19 ms.
NS h.root-servers.net. from server 194.168.4.100 in 19 ms.
NS a.root-servers.net. from server 194.168.4.100 in 19 ms.
A 192.124.249.7 from server 173.201.76.29 in 35 ms.

legacy1 · ‎23-02-2021

Its to do with Advanced Network Error Search or web safe so turn it off or change DNS.
https://my.virginmedia.com/advancederrorsearch/settings#.

---------------------------------------------------------------

BQM, Test for outgoing ports and SSL/L2TP VPN test

ravenstar68 · ‎23-02-2021

@legacy1

That's not ANES kicking in, it's Virus Safe

@filipecsilva - The site looks as if it may have been compromised. I suggest that the first thing the owner does is secure the site by changing then check through it very carefully.

It's showing up under VirusTotal as suspicious. Both VM and BT are marking it dangerous.

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

filipecsilva · ‎23-02-2021

@ravenstar68

I'm the site administrator. The site has been cleaned and is behind a firewall now, which is the why the IP has changed. Only CyRadar is accusing a false positive and I can't contact them until now. How VM check the site?

If you check the site on VirusTotal using the https is totally safe. But even then I cannot reach the site when on VM network.

And why is this related with the IP/DNS not updating?

ravenstar68 · ‎23-02-2021

@filipecsilva wrote:
@ravenstar68

I'm the site administrator. The site has been cleaned and is behind a firewall now, which is the why the IP has changed. Only CyRadar is accusing a false positive and I can't contact them until now. How VM check the site?

If you check the site on VirusTotal using the https is totally safe. But even then I cannot reach the site when on VM network.

And why is this related with the IP/DNS not updating?

Because when a DNS lookup is deemed suspect - the connection is redirected to a special proxy and the onward connection is made from there this allows VM (or BT for that manner) to look for suspicious traffic.

HOWEVER

The proxies only really work properly with HTTP connections. This has been a pain for people using HTTPS IMAP, POP3 and SMTP in the past.

As stated it's not just VM that are intercepting your lookup.

Here's what get on a BT connection::

C:\Users\timdu>dig beautybosshq.com

; <<>> DiG 9.16.11 <<>> beautybosshq.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41664
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;beautybosshq.com.              IN      A

;; ANSWER SECTION:
beautybosshq.com.       30      IN      A       81.130.111.239

;; Query time: 24 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Tue Feb 23 19:16:13 GMT Standard Time 2021
;; MSG SIZE  rcvd: 61

It's not broken - it's working as designed.. You need to clean your site reputation.

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

filipecsilva · ‎24-02-2021

@ravenstar68 wrote:

Because when a DNS lookup is deemed suspect - the connection is redirected to a special proxy and the onward connection is made from there this allows VM (or BT for that manner) to look for suspicious traffic.
HOWEVER
The proxies only really work properly with HTTP connections. This has been a pain for people using HTTPS IMAP, POP3 and SMTP in the past.
As stated it's not just VM that are intercepting your lookup.
It's not broken - it's working as designed.. You need to clean your site reputation.
Tim

Is this a UK ISP thing?

I have clean the, now, false positive from all the services on VirusTotal, except for CyRadar, which tool seems to not be working and are not responding any email.

How am I supposed to clean the reputation if the service is unreachable? I'm really open to any kind of idea you give me, but the site is clean. It's been reverified and removed from all the blacklists in the past weeks. How much long more the site will be "hostage" of this?

There is nothing else I could do? Create a new domain just to deal with VM and BT? There is no way to request VM and BT to review this?

On another topic, is this a good design? Since it seems to be a struggle for a few developers and even with this kind of protections, it doesn't really protect people from fishing/scam/malware/etc.

ravenstar68 · ‎24-02-2021

@ModTeam

Can you escalate this to security to see if they can assist here?

@filipecsilva With regards to BT you'd need to reach out to them possibly via their Forums..

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Virgin Media Virgin Media Community

Virgin Media Virgin Media Community

DNS cache issue updated domain