url in browser redirecting to another adress
when i type in browser url that does not exist i get redirecting to some chines sites , isp say that they did not set anything to do that.Is my linux infected with virus :D.
some of the sites are 127.0.0.1 www5.1616.net 127.0.0.1 cache.soso.com 127.0.0.1 r.61658.com 127.0.0.1 st.5258.net 127.0.0.1 st.61658.com 127.0.0.1 static.5258.net 127.0.0.1 a.5258.net.cdn20.com 127.0.0.1 wsall.5258.net.wsdns.com 127.0.0.1 dr.soso.com i blocked them in hosts but today i get to this site http://www.2345.com/?k99031933 i am runing ubuntu 12.04,firefox,chrome,chromium and konq.. have same problem. |
Select one "wrong" host name and tell us what it returns:
Code:
host [wrongaddress] |
midhat@midhat:~$ host www.sdfsdf.ba
www.sdfsdf.ba has address 218.93.250.18 ;; Warning: Message parser reports malformed message packet. ba has SOA record bosna.utic.net.ba. hostmaster.bosna.utic.net.ba. 2012120704 14400 3600 604800 86400 midhat@midhat:~$ dig +trace www.dsfsdfsd.ba ; <<>> DiG 9.8.1-P1 <<>> +trace www.dsfsdfsd.ba ;; global options: +cmd . 153738 IN NS m.root-servers.net. . 153738 IN NS b.root-servers.net. . 153738 IN NS g.root-servers.net. . 153738 IN NS d.root-servers.net. . 153738 IN NS i.root-servers.net. . 153738 IN NS j.root-servers.net. . 153738 IN NS l.root-servers.net. . 153738 IN NS f.root-servers.net. . 153738 IN NS e.root-servers.net. . 153738 IN NS k.root-servers.net. . 153738 IN NS h.root-servers.net. . 153738 IN NS c.root-servers.net. . 153738 IN NS a.root-servers.net. ;; Received 244 bytes from 192.168.254.253#53(192.168.254.253) in 1567 ms ba. 172800 IN NS auth03.ns.uu.net. ba. 172800 IN NS ba.cctld.authdns.ripe.net. ba. 172800 IN NS ns.ba. ba. 172800 IN NS sava.utic.net.ba. ba. 172800 IN NS munnari.oz.au. ;; Received 335 bytes from 192.203.230.10#53(192.203.230.10) in 923 ms ba. 86400 IN SOA bosna.utic.net.ba. hostmaster.bosna.utic.net.ba. 2012120705 14400 3600 604800 86400 ;; Received 95 bytes from 195.130.35.3#53(195.130.35.3) in 44 ms midhat@midhat:~$ host sdfsdf.ba sdfsdf.ba has address 218.93.250.18 ;; Warning: Message parser reports malformed message packet. ba has SOA record bosna.utic.net.ba. hostmaster.bosna.utic.net.ba. 2012120705 14400 3600 604800 86400 midhat@midhat:~$ host sdfsdf.ba in 1st post i get redirected to www5.1616.net, but wireshark is reporting other adress |
|
Yes i have mikrotik os and i am directly connected to him,for others it is hotspot wireless
|
It can be any adress www.blablablalololif jdjfdancf.com or any other that is not registered
|
Quote:
From a non-Mikrotik source perhaps? |
I will ask my isp, router is only in my house and i dont have nothing with software he use.
I will mark this as solved because it is not my system problem. |
Before you go please post output of
Code:
host sdfsdf.ba 8.8.8.8 |
So he didn't. Anyway. What the output of the last command should prove is that if there's redirection it's either in the router (in case of Mikrotik there's illegal firmware around that points to .cn TLD 218.93.250.18 specifically, also see the .mx/.br incident) or inside the Providers realm (some Wireless providers seem to be notorious for such practices) or inside TLDs authoritative Name Servers (there's a quite recent incident in another TLD where all authoritative Name Servers got redirected temporarily).
|
host sdfsdf.ba 8.8.8.8
Using domain server: Name: 8.8.8.8 Address: 8.8.8.8#53 Aliases: sdfsdf.ba has address 218.93.250.18 ;; Warning: Message parser reports malformed message packet. ba has SOA record bosna.utic.net.ba. hostmaster.bosna.utic.net.ba. 2012120705 14400 3600 604800 86400 |
This topic is marked as sloved. I see no solution though (?)
I have the exact same case here. When I put some unexistent or incorrect URL in the browser's address bar (firefox), then I'm reaching the asian site with porn adds: www5.1616.net I don't really like to going there. Code:
$ host sdasda.ba Code:
$ dig +trace sdasda.ba DNS settings are: primary 8.8.8.8 secondary 194.187.52.5 (ISP's) How can I get this asian crap redirection go away? |
All times are GMT -5. The time now is 01:19 AM. |