dave14305
Part of the Furniture
I can see similar behavior when a blocked domain is returned as a result of a CNAME. Is this a loophole for ad servers?Interesting, Diversion maps up to 20 domains per line to the blocking IP in the blockinglist. At what position is that domain?
Code:
# dig look.udncoeln.com @127.0.0.1
; <<>> DiG 9.14.4 <<>> look.udncoeln.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24611
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;look.udncoeln.com. IN A
;; ANSWER SECTION:
look.udncoeln.com. 118 IN CNAME ads.ad-center.com.
ads.ad-center.com. 60 IN A 184.73.206.80
ads.ad-center.com. 60 IN A 107.22.210.53
ads.ad-center.com. 60 IN A 54.204.2.119
ads.ad-center.com. 60 IN A 184.73.225.11
;; Query time: 23 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Nov 04 13:07:02 EST 2019
;; MSG SIZE rcvd: 138
# dig ads.ad-center.com @127.0.0.1
; <<>> DiG 9.14.4 <<>> ads.ad-center.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12000
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;ads.ad-center.com. IN A
;; ANSWER SECTION:
ads.ad-center.com. 0 IN A 192.168.1.2
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Nov 04 13:07:13 EST 2019
;; MSG SIZE rcvd: 62