Jump to content
Not connected, Your IP: 3.234.208.66

Recommended Posts

HI all

 

First many thanks for this program.  Easy to set up and with the help on the forum, (and disabling IPvP6), all my leaks and tracing are fixed.  However, since fixing my DNS leaks and disabling IPvP6, when I try to connect to airvpn.org chrome and firefox both tell the connection is unsecure and I can't proceed.  To be precise chrome tells me it is because the site uses HSTS.  

 

I am connecting now through my laptop which I'm not bothered about vpn and it works fine.  I presume this is something to do with my DNS fix (static IP address) and disabling IPvP6.  I found on windows 10, disabling IPvP6 was the only thing to fully hide my DNS leaks.  Any other workarounds to fix this (I am a complete n00b, be warned).

 

Thanks

Share this post


Link to post

 
Hello!
 
HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect secure HTTPS websites against downgrade attacks and cookie hijacking. It allows web servers to declare that web browsers (or other complying user agents) should only interact with it using secure HTTPS connections,[1] and never via the insecure HTTP protocol. https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security


 
 

Quote

First many thanks for this program.  Easy to set up and with the help on the forum, (and disabling IPvP6), all my leaks and tracing are fixed.  However, since fixing my DNS leaks and disabling IPvP6, when I try to connect to airvpn.org chrome and firefox both tell the connection is unsecure and I can't proceed.  To be precise chrome tells me it is because the site uses HSTS.

 

The implications of your report are deep. It means that your browsers correctly connected to airvpn.org in the past, but now are connecting to some web site that is not forcing HTTPS.

 

Please check airvpn.org resolution in the system with this problem.

 

Kind regards

Share this post


Link to post

I know this is old, but recently I've been having this problem.

Firefox and chrome do not allow me to access to https://airvpn.org (the website) when I'm not using the VPN.  Period.  They cite HSTS and there is no way to add an exception.

tlc
 

Share this post


Link to post
@tlc

See our previous reply. Your traffic to airvpn.org is hijacked and either your ISP, your DNS or some malware in your system try to send you to some fake/bogus airvpn.org web site. Since the problem disappears when you are in the VPN, we would rule out that a malware is the "culprit", because it would hijack your traffic even inside the VPN.

The browsers are doing their job and good for you that we implemented HSTS. If you wish so, can you contact us in private and tell us your ISP and DNS?

Kind regards
 

Share this post


Link to post

It appears you're on an OpenDNS list.
 

Quote

$ nslookup airvpn.org
Server:        208.67.222.123
Address:    208.67.222.123#53

Non-authoritative answer:
Name:    airvpn.org
Address: 146.112.61.106

$ nslookup 146.112.61.106
Server:        208.67.222.123
Address:    208.67.222.123#53

Non-authoritative answer:
106.61.112.146.in-addr.arpa    name = hit-adult.opendns.com.

Authoritative answers can be found from:


So you're not getting any new customers from anyone using OpenDNS.  You might want to try to get off that list!

Thanks,
-tlc


 

Share this post


Link to post
@tlc

Hello!

Look:

$ dig @208.67.222.222 airvpn.org +short
5.196.64.52

$ dig @208.67.222.220 airvpn.org +short
5.196.64.52

which is correct.

However 208.67.222.123 considers airvpn.org an adult only web site or a porn site. Just another proof of how idiotic censorship is, how web site filtering is exploited by hidden political agenda eventually, and how stupid the persons who gladly look for censorship and delegate their choices to a third party are.

Kind regards

 

Share this post


Link to post
On 1/15/2020 at 6:46 AM, Staff said:

Your traffic to airvpn.org is hijacked and either your ISP, your DNS

Isn't this what OpenDNS is known for? "hijacking DNS" and others such as "injecting packets".
@tlc
Is it really that difficult to change your DNS servers?


 

Share this post


Link to post
On 1/16/2020 at 9:01 PM, Flx said:
Isn't this what OpenDNS is known for? "hijacking DNS" and others such as "injecting packets".
@tlc
Is it really that difficult to change your DNS servers?


Not at all.  I'm fine now that I know what's going on.  But I'm using that DNS service for a purpose, free porn blocking.
https://www.opendns.com/home-internet-security/

I just thought the staff here might like to know that they're potentially missing out on business.  Because airvpn.org shows up in OpenDNS's "adult" list,  people using OpenDNS will never get to the airvpn.org website when they're looking for a VPN provider.  I thought that, rather than ranting about the evils of censorship (censorship I chose for my home network), they might try to get off that list for business reasons.

Share this post


Link to post

Share this post


Link to post
16 hours ago, tlc said:

But I'm using that DNS service for a purpose, free porn blocking.


You might be interested in Pi-Hole, then. Same purpose, same tech, but you've got the control over what is being blocked, and then some.
Some blocklists you can use: StevenBlack, Energized. They're all "tiered", as in, you can choose how restrictive it is. Energized Unified for example is a very big overkill with their 1.2 million domains, but it blocks every big and little domain with a tracker in it, even if it's on mobile only. StevenBlack's list is more compatible, but only contains ~72000 domains, which are the most important data aggregators and sites of the four categories gambling, porn, social and fake news.

Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...