Skip to content
Branch: master
Find file Copy path
Find file Copy path
1 contributor

Users who have contributed to this file

29 lines (16 sloc) 1.56 KB


Due to my responsibility for this hobby research to prevent distributing misleading or misunderstanding information, and suggestions made by other researchers to discover more findings or correct me if I did something wrong. As an intention for this research I told everyone in Thai, we couldn't and shouldn't make a conclusion in this moment until we can see everything clearly. Thus, this is an analysis for the DNS requests to

As shown on the picture that the DNS requests to was made, the picture was made by running grep -arl ".cn" /var/log/syslog* which mean that only .cn will be shown.

But after carefully analyze a series of packets, I can conclude that the DNS requests to was made by some domain names on behalf of which I manually entered to evaluate the rules.

You can see that before the query to was made, there are a bunch of query happened at the same time as follows:

  • and

Another requests to

As shown above, the requests to always happened after related domains. So, I try to access again from another network and this is what I've found:

The DNS request to is there.

You can’t perform that action at this time.