oxcrag.net Report : Visit Site

Technical data of the oxcrag.net

Geo IP provides you such as latitude, longitude and ISP (Internet Service Provider) etc. informations. Our GeoIP service found where is host oxcrag.net. Currently, hosted in Sweden and its service provider is Bahnhof Internet AB .

HTTP Header Analysis

HTTP Header information is a part of HTTP protocol that a user's browser sends to called GNU+Linux containing the details of what the browser wants and will accept back from the web server.

DNS

HtmlToText

skip to content fixing mattermost mobile client reconnection issues over haproxy as i already have a reverse proxy, when the mattermost installation documentation told me to set up a separate nginx instance as a proxy in front of the server i simply skipped the chapter. i know how to proxy a tls connection from an inbound port to a backend service. unfortunately it had the strange side effect of clients attempting to reconnect in a rapidly recurring way. very irritating, especially in the mobile client. then i read in the documentation that mattermost uses web sockets for its client communication. usually, this shouldn’t matter to haproxy – it should handle this just fine – but i’ve had strange side effects with backends some times, and this was obviously such a case. the solution was simple: tell haproxy to tag websocket traffic, and set up a separate but otherwise identical backend for this specific use case. the net result looks something like this in the config file: frontend web acl host_ws hdr_beg(host) -i ws. acl hdr_connection_upgrade hdr(connection) -i upgrade acl hdr_upgrade_websocket hdr(upgrade) -i websocket use_backend bk_ws_mattermost if host_ws { hdr(host) -i mattermost.mydomain.tld } use_backend bk_ws_mattermost if hdr_connection_upgrade hdr_upgrade_websocket { hdr(host -i mattermost.mydomain.tld } use_backend bk_mattermost if { hdr(host) -i mattermost.mydomain.tld } backend bk_mattermost server mattermost mattermostsrv.mydomain.tld:8065 check backend bk_ws_mattermost server mattermost mattermostsrv.mydomain.tld:8065 check we look for the characteristics of a protocol upgrade and tell our reverse proxy to handle that data flow separately. this was enough to solve the issue. author mikael hansson posted on 2019-07-09 categories uncategorized tags haproxy , mattermost , reverse proxy , websocket simple dns over https setup i read that mozilla had been named an internet villain by a number of british isps, for supporting encrypted dns queries using dns over https. i guess the problem is that an isp by default knows which sites you browse even though the traffic itself is usually encrypted nowadays, since the traditional way of looking up the ip address of a named service has been performed in plaintext. the basic fact is that knowledge of what you do on the internet can be monetized – but the official story naturally is a combination of “terrorists!” and “think about the children!”. as usual. well, i got a sudden urge to become an internet villain too, so i put a doh resolver in front of my bind server at home. cloudflare – whom i happen to trust when they say they don’t sell my data – provide a couple of tools to help here. i chose to go with cloudflared . the process for installing the daemon is pretty well documented on their download page, but for the sake of posterity looks a bit like this: first we’ll download the installation package. my dns server is a debian stretch machine, so i chose the correct package for this: wget https://bin.equinox.io/c/vdrwdbjqyf/cloudflared-stable-linux-amd64.deb dpkg -i cloudflared-stable-linux-amd64.deb next we need to configure the service. it doesn’t come with a config file out of the box, but it’s easy enough to read up on their distribution page what it needs to contain. i added a couple of things beyond the bare minimum. the file is stored as /etc/cloudflared/config.yml . --- logfile: /var/log/cloudflared.log proxy-dns: true proxy-dns-address: 127.0.0.1 proxy-dns-port: 5353 proxy-dns-upstream: - https://1.1.1.1/dns-query - https://1.0.0.1/dns-query after this we make sure the service is active, and that it’ll restarts if we restart our server: cloudflared service install service cloudflared start systemctl enable cloudflared.service next let’s try it out: dig @127.0.0.1 -p 5353 slashdot.org if we get an answer, it works. the next step is to make bind use our cloudflared instance as a dns forwarder. we’ll edit /etc/bind/named.conf.options . the new forwarder section should look like this: (...) options { (...) forwarders { 127.0.0.1 port 5353; }; (...) }; restart bind ( service bind9 restart ), and try it out by running dig @127.0.0.1 against a service you don’t usually visit. note the absence of a port number in the latter command: if it keeps working, the chain is up and running. author mikael hansson posted on 2019-07-06 2019-07-08 categories uncategorized tags 1.1.1.1 , bind , cloudflare , debian , dns , dns over https , doh , linux restoring a really old domain controller from backups i had an interesting experience this week, where i was faced with the need to restore an entire active directory environment from backups that were more than a year old. the company whose servers i was restoring had been using an older version of veeam backup and recovery, which always simplifies matters a lot: the entire thing was delivered to me over sneaker net, on a 2.5″ usb drive containing several restore points for each machine. the restore was uneventful, as expected, and most machines simply started up in their new home. unfortunately, one of the active directory controllers would bluescreen on boot, with a c00002e2 error message. after some reading up on things, i realized the machine had passed the active directory tombstone period: as i wrote, the backups were taken over a year ago. since i had one good domain controller, i figured i would simply cheat with the local time on the failing dc. it would boot successfully into directory services recovery mode, so i could set the local clock, but anybody who has a bit of experience with the vmware line of virtualization products knows that by default, vmware esxi synchronizes the guest system clock in a few situations; amongst them on reboot. fortunately vmware has a knowledgebase article covering how to disable all synchronization of time between guests and hosts. a total of eight advanced settings must be set to false, with the guest turned off: tools.synctime time.synchronize.continue time.synchronize.restore time.synchronize.resume.disk time.synchronize.shrink time.synchronize.tools.startup time.synchronize.tools.enable time.synchronize.resume.host the procedure is documented in kb1189 . after setting these properties on the machine, i started it back up, with the system time set well back into the range before the tombstone cutoff date, let it start up and rest for a while for all services to realize everything was alright, and then i set the time forward to the current date, waited a bit longer, and restarted the vm. after this, the system started working as intended. author mikael hansson posted on 2019-07-05 2019-07-08 categories uncategorized tags active directory , backup , veeam , vmware , windows server managing windows servers with ansible although i to a large degree get to play with the fun stuff at work, much of our environment still consists of windows servers, and that will not be changing for a long time. as i’ve mentioned in earlier posts, i try to script my way around singular windows servers using powershell whenever it makes sense, but when a set of changes needs to be performed across groups of servers – especially if it’s something recurring – my tool of choice really is ansible. the ansible management server (which has to be running a unix-like system) needs to be able to communicate securely with the windows hosts. winrm, which is the framework used under the hood, allows for a number of protocols for user authentication and transfer of commands. i personally like to have my communications tls secured, and so i’ve opted for using credssp which defaults to an https-based communications channel. a huge gotcha: i tried running the tasks below from a ubuntu 16.04 lts server, and there was nothing i could do to get the python 2.7-dependent ansible version to correctly verify a tls certificate from our internal ca. when i switched to running ansible through python 3, the exact same config worked flawlessly. the original code has bee

URL analysis for oxcrag.net

https://www.oxcrag.net/tag/vvols/
https://www.oxcrag.net/2017/06/
https://www.oxcrag.net/category/uncategorized/
https://www.oxcrag.net/category/computing/haproxy/
https://www.oxcrag.net/2018/09/
https://www.oxcrag.net/2019/04/23/managing-windows-servers-with-ansible/
https://www.oxcrag.net/2019/07/09/fixing-mattermost-mobile-client-reconnection-issues-over-haproxy/
https://www.oxcrag.net/tag/linux/
https://www.oxcrag.net/privacy-policy/
https://www.oxcrag.net/category/computing/insanity/
https://www.oxcrag.net/category/computing/citrix/
https://www.oxcrag.net/tag/grub/
https://www.oxcrag.net/tag/dkim/
https://www.oxcrag.net/2019/02/
https://www.oxcrag.net/2019/02/06/rescuing-vvol-based-virtual-machines/

Whois Information

Whois is a protocol that is access to registering information. You can reach when the website was registered, when it will be expire, what is contact details of the site with the following informations. In a nutshell, it includes these informations;

Domain Name: OXCRAG.NET
Registry Domain ID: 2116957346_DOMAIN_NET-VRSN
Registrar WHOIS Server: whois.namecheap.com
Registrar URL: http://www.namecheap.com
Updated Date: 2019-04-06T09:01:46Z
Creation Date: 2017-04-23T13:56:52Z
Registry Expiry Date: 2020-04-23T13:56:52Z
Registrar: NameCheap, Inc.
Registrar IANA ID: 1068
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +1.6613102107
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: DNS1.REGISTRAR-SERVERS.COM
Name Server: DNS2.REGISTRAR-SERVERS.COM
DNSSEC: signedDelegation
DNSSEC DS Data: 38129 13 1 EA288D9410658D85E0B5B865EA24214361E62211
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2019-08-15T19:42:04Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.

  REGISTRAR NameCheap, Inc.

SERVERS

  SERVER net.whois-servers.net

  ARGS domain =oxcrag.net

  PORT 43

  TYPE domain

DOMAIN

  NAME oxcrag.net

  CHANGED 2019-04-06

  CREATED 2017-04-23

STATUS
clientTransferProhibited https://icann.org/epp#clientTransferProhibited

NSERVER

  DNS1.REGISTRAR-SERVERS.COM 216.87.155.33

  DNS2.REGISTRAR-SERVERS.COM 216.87.152.33

  REGISTERED yes

Mistakes

The following list shows you to spelling mistakes possible of the internet users for the website searched .