China ISP Massive Domain Name Hijacking

China ISP Massive Domain Name Hijacking use certificate hijacking and redirection to djfidicjmwos.com cloudflare DoH ECH Unable to disarm Hijacking

  • reenactment Hijacking
  1. Use china ip to access the site
    https://u52rsmejxqtt.xyz:52888/
    https://www.tubevsex.pro
    www.tubevsexindia.pro
    https://www.7xi.tv

firefox Url

about:certificate?cert=MIIGbDCCBFSgAwIBAgIQCfh%2FDXql2tKTs%2Fq1ra6WBjANBgkqhkiG9w0BAQwFADBLMQswCQYDVQQGEwJBVDEQMA4GA1UEChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NTTCBSU0EgRG9tYWluIFNlY3VyZSBTaXRlIENBMB4XDTIyMTEwOTAwMDAwMFoXDTIzMDIwNzIzNTk1OVowGzEZMBcGA1UEAxMQZGpmaWRpY2ptd29zLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKzVxJRKd0zQ1qnYxWd7MMsMeUx02PIKzAz5zmYMGiR3p%2FamuwWRxh1%2FIGWhSQV1jNulqgQrn36LSyTGwrFPpCW06aa6OKPPZYgKOAxxSkmR51OavBqc90VJicQlmIzyKbuVuZIeK48K8ogGH080Vzq8YXcHSeXfziE%2BPMKvyAemJAa7BVISpAUpY4rv5YCY6cqjP9wMtsNZENTcYR%2FD71RKvNFcadkT13Du6719Z4VhqhGiDjaoWPeZnKHZDWR9OQyV6d%2BVrcsBDkd%2FzP%2BJzC5IiDvNrakSw5kP6r5Q3q7DLxdGrsJkee1IwrOVwQ9mRtkO6VlXprafj%2FjHf4rrXkcCAwEAAaOCAnowggJ2MB8GA1UdIwQYMBaAFMjZeGii2Rlo1T1y3l8KPty1hoamMB0GA1UdDgQWBBQmuCVbN9xELVrJG7aD3XDyr%2FxEczAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH%2FBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICTjAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEwgYgGCCsGAQUFBwEBBHwwejBLBggrBgEFBQcwAoY%2FaHR0cDovL3plcm9zc2wuY3J0LnNlY3RpZ28uY29tL1plcm9TU0xSU0FEb21haW5TZWN1cmVTaXRlQ0EuY3J0MCsGCCsGAQUFBzABhh9odHRwOi8vemVyb3NzbC5vY3NwLnNlY3RpZ28uY29tMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADuAHUArfe%2B%2Bnz%2FEMiLnT2cHj4YarRnKV3PsQwkyoWGNOvcgooAAAGEWqrjgQAABAMARjBEAiAtdwiBAvajB6ivD9MiDKT7yA1XA5qBnEXpYHKrm4zKfwIgeaWnQ12VCf61CiECAGHsyPJHW0IswYQnQo2gP%2FhcdHMAdQB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYRaquNbAAAEAwBGMEQCID6k874%2FbGLky%2BWPdUVicNDq2NP3MnzNXsXVjiKJ77jCAiBiPtGsYxFWKjVCxuaLzWakfGb%2Ft%2F%2BhdTS9UhV8s7LYJjAbBgNVHREEFDASghBkamZpZGljam13b3MuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQA%2F%2BNZii0Ez%2ByGq2OYIOkLKDEL606WsA3wn1g8hRnEH5yOSA6H%2FB1%2FcMDq%2BgvIJt7fxOll2xmp%2BC372LS9rY330IOWK7WO6Xr0B9%2BX1sEKvZ1pSLu%2B%2F10tlqt0Axo2pm1tU%2BpGR4g%2BX7m%2FXZ9bQEYA71rEGa%2BeUKunBn%2F7KE5uRHn%2FPS3nWT2mnOxDTqD1kEDkF3opezkfd8BWY1IswVzWKplVS7YYDUdTFFHUfl0mkXbQz11Y53b1NimV6a%2BLAKkY3SJERvzG5xvHkVdR6wl6uyB538SkQUwSqlKbQ6XTpGiRCzwbw7km1PdGgRcHlCBnwOpDrVqhJ2%2BVEV0AALdzMuPGfOGuPz0DNKa%2BnVvt00EG%2F%2FPicO5UtD7%2F1KP3gSUjzOXbhoufoxcPrQKmlsdnYmWUI6TOGC4XPw84b6m1fF3Xig%2BihT7EerZ7qhOnJ3t8KgR62IAGiTJ6e2%2Fy4i42qU8Oi2CIZA5ZTly9jmSCpvyIf6lR64%2BVmd9Ac%2FwoCFgGMT1QmXX1pwdxU0ej47B10a05SEaEG%2B8ln28FDHa2lMnXxzY3%2BZALF%2B3Yem%2B2tS55dyUcPnL1qvtWKTkVizT6b%2BmLrO%2FcOenENZRpDXEVoEzqtK66%2BnGw8OwWHBkiwnvmCPHsOH4%2Bm4fTeEegxe%2BATFzcTGEwBN5sc%2FVHRvvCKNA%3D%3D

Your connection is not private
Attackers might be trying to steal your information from u52rsmejxqtt.xyz (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID
Subject: djfidicjmwos.com

Issuer: ZeroSSL RSA Domain Secure Site CA

Expires on: Feb 8, 2023

Current date: Dec 12, 2023

PEM encoded chain:
-----BEGIN CERTIFICATE-----
MIIGbDCCBFSgAwIBAgIQCfh/DXql2tKTs/q1ra6WBjANBgkqhkiG9w0BAQwFADBL
MQswCQYDVQQGEwJBVDEQMA4GA1UEChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NT
TCBSU0EgRG9tYWluIFNlY3VyZSBTaXRlIENBMB4XDTIyMTEwOTAwMDAwMFoXDTIz
MDIwNzIzNTk1OVowGzEZMBcGA1UEAxMQZGpmaWRpY2ptd29zLmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKzVxJRKd0zQ1qnYxWd7MMsMeUx02PIK
zAz5zmYMGiR3p/amuwWRxh1/IGWhSQV1jNulqgQrn36LSyTGwrFPpCW06aa6OKPP
ZYgKOAxxSkmR51OavBqc90VJicQlmIzyKbuVuZIeK48K8ogGH080Vzq8YXcHSeXf
ziE+PMKvyAemJAa7BVISpAUpY4rv5YCY6cqjP9wMtsNZENTcYR/D71RKvNFcadkT
13Du6719Z4VhqhGiDjaoWPeZnKHZDWR9OQyV6d+VrcsBDkd/zP+JzC5IiDvNrakS
w5kP6r5Q3q7DLxdGrsJkee1IwrOVwQ9mRtkO6VlXprafj/jHf4rrXkcCAwEAAaOC
AnowggJ2MB8GA1UdIwQYMBaAFMjZeGii2Rlo1T1y3l8KPty1hoamMB0GA1UdDgQW
BBQmuCVbN9xELVrJG7aD3XDyr/xEczAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0
BgsrBgEEAbIxAQICTjAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29t
L0NQUzAIBgZngQwBAgEwgYgGCCsGAQUFBwEBBHwwejBLBggrBgEFBQcwAoY/aHR0
cDovL3plcm9zc2wuY3J0LnNlY3RpZ28uY29tL1plcm9TU0xSU0FEb21haW5TZWN1
cmVTaXRlQ0EuY3J0MCsGCCsGAQUFBzABhh9odHRwOi8vemVyb3NzbC5vY3NwLnNl
Y3RpZ28uY29tMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADuAHUArfe++nz/EMiLnT2c
Hj4YarRnKV3PsQwkyoWGNOvcgooAAAGEWqrjgQAABAMARjBEAiAtdwiBAvajB6iv
D9MiDKT7yA1XA5qBnEXpYHKrm4zKfwIgeaWnQ12VCf61CiECAGHsyPJHW0IswYQn
Qo2gP/hcdHMAdQB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYRa
quNbAAAEAwBGMEQCID6k874/bGLky+WPdUVicNDq2NP3MnzNXsXVjiKJ77jCAiBi
PtGsYxFWKjVCxuaLzWakfGb/t/+hdTS9UhV8s7LYJjAbBgNVHREEFDASghBkamZp
ZGljam13b3MuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQA/+NZii0Ez+yGq2OYIOkLK
DEL606WsA3wn1g8hRnEH5yOSA6H/B1/cMDq+gvIJt7fxOll2xmp+C372LS9rY330
IOWK7WO6Xr0B9+X1sEKvZ1pSLu+/10tlqt0Axo2pm1tU+pGR4g+X7m/XZ9bQEYA7
1rEGa+eUKunBn/7KE5uRHn/PS3nWT2mnOxDTqD1kEDkF3opezkfd8BWY1IswVzWK
plVS7YYDUdTFFHUfl0mkXbQz11Y53b1NimV6a+LAKkY3SJERvzG5xvHkVdR6wl6u
yB538SkQUwSqlKbQ6XTpGiRCzwbw7km1PdGgRcHlCBnwOpDrVqhJ2+VEV0AALdzM
uPGfOGuPz0DNKa+nVvt00EG//PicO5UtD7/1KP3gSUjzOXbhoufoxcPrQKmlsdnY
mWUI6TOGC4XPw84b6m1fF3Xig+ihT7EerZ7qhOnJ3t8KgR62IAGiTJ6e2/y4i42q
U8Oi2CIZA5ZTly9jmSCpvyIf6lR64+Vmd9Ac/woCFgGMT1QmXX1pwdxU0ej47B10
a05SEaEG+8ln28FDHa2lMnXxzY3+ZALF+3Yem+2tS55dyUcPnL1qvtWKTkVizT6b
+mLrO/cOenENZRpDXEVoEzqtK66+nGw8OwWHBkiwnvmCPHsOH4+m4fTeEegxe+AT
FzcTGEwBN5sc/VHRvvCKNA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIG1TCCBL2gAwIBAgIQbFWr29AHksedBwzYEZ7WvzANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
MTMwMDAwMDAwWhcNMzAwMTI5MjM1OTU5WjBLMQswCQYDVQQGEwJBVDEQMA4GA1UE
ChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NTTCBSU0EgRG9tYWluIFNlY3VyZSBT
aXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAhmlzfqO1Mdgj
4W3dpBPTVBX1AuvcAyG1fl0dUnw/MeueCWzRWTheZ35LVo91kLI3DDVaZKW+TBAs
JBjEbYmMwcWSTWYCg5334SF0+ctDAsFxsX+rTDh9kSrG/4mp6OShubLaEIUJiZo4
t873TuSd0Wj5DWt3DtpAG8T35l/v+xrN8ub8PSSoX5Vkgw+jWf4KQtNvUFLDq8mF
WhUnPL6jHAADXpvs4lTNYwOtx9yQtbpxwSt7QJY1+ICrmRJB6BuKRt/jfDJF9Jsc
RQVlHIxQdKAJl7oaVnXgDkqtk2qddd3kCDXd74gv813G91z7CjsGyJ93oJIlNS3U
gFbD6V54JMgZ3rSmotYbz98oZxX7MKbtCm1aJ/q+hTv2YK1yMxrnfcieKmOYBbFD
hnW5O6RMA703dBK92j6XRN2EttLkQuujZgy+jXRKtaWMIlkNkWJmOiHmErQngHvt
iNkIcjJumq1ddFX4iaTI40a6zgvIBtxFeDs2RfcaH73er7ctNUUqgQT5rFgJhMmF
x76rQgB5OZUkodb5k2ex7P+Gu4J86bS15094UuYcV09hVeknmTh5Ex9CBKipLS2W
2wKBakf+aVYnNCU6S0nASqt2xrZpGC1v7v6DhuepyyJtn3qSV2PoBiU5Sql+aARp
wUibQMGm44gjyNDqDlVp+ShLQlUH9x8CAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaA
FFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBTI2XhootkZaNU9ct5fCj7c
tYaGpjAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQIC
TjAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1
c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYG
CCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu
Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRw
Oi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAVDwoIzQDV
ercT0eYqZjBNJ8VNWwVFlQOtZERqn5iWnEVaLZZdzxlbvz2Fx0ExUNuUEgYkIVM4
YocKkCQ7hO5noicoq/DrEYH5IuNcuW1I8JJZ9DLuB1fYvIHlZ2JG46iNbVKA3ygA
Ez86RvDQlt2C494qqPVItRjrz9YlJEGT0DrttyApq0YLFDzf+Z1pkMhh7c+7fXeJ
qmIhfJpduKc8HEQkYQQShen426S3H0JrIAbKcBCiyYFuOhfyvuwVCFDfFvrjADjd
4jX1uQXd161IyFRbm89s2Oj5oU1wDYz5sx+hoCuh6lSs+/uPuWomIq3y1GDFNafW
+LsHBU16lQo5Q2yh25laQsKRgyPmMpHJ98edm6y2sHUabASmRHxvGiuwwE25aDU0
2SAeepyImJ2CzB80YG7WxlynHqNhpE7xfC7PzQlLgmfEHdU+tHFeQazRQnrFkW2W
kqRGIq7cKRnyypvjPMkjeiV9lRdAM9fSJvsB3svUuu1coIG1xxI1yegoGM4r5QP4
RGIVvYaiI76C0djoSbQ/dkIUUXQuB8AL5jyH34g3BZaaXyvpmnV4ilppMXVAnAYG
ON51WhJ6W0xNdNJwzYASZYH+tmCWI+N60Gv2NNMGHwMZ7e9bXgzUCZH5FaBFDGR5
S9VWqHB73Q+OyIVvIbKYcSc2w/aSuFKGSA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw
MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV
BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU
aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy
dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B
3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY
tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/
Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2
VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT
79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6
c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT
Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l
c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee
UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE
Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd
BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G
A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF
Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO
VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3
ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs
8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR
iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze
Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ
XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/
qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB
VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB
L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG
jjxDah2nGN59PRbxYvnKkKj9
-----END CERTIFICATE-----

Certificate Transparency:

SCT Google 'Xenon2023' log (Embedded in certificate, Verified)

SCT Cloudflare 'Nimbus2023' Log (Embedded in certificate, Verified)

This server could not prove that it is u52rsmejxqtt.xyz; its security certificate is from djfidicjmwos.com. This may be caused by a misconfiguration or an attacker intercepting your connection.

Your connection is not private
Attackers might be trying to steal your information from www.tubevsexindia.pro (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID
Subject: djfidicjmwos.com

Issuer: ZeroSSL RSA Domain Secure Site CA

Expires on: Feb 8, 2023

Current date: Dec 12, 2023

PEM encoded chain:
-----BEGIN CERTIFICATE-----
MIIGbDCCBFSgAwIBAgIQCfh/DXql2tKTs/q1ra6WBjANBgkqhkiG9w0BAQwFADBL
MQswCQYDVQQGEwJBVDEQMA4GA1UEChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NT
TCBSU0EgRG9tYWluIFNlY3VyZSBTaXRlIENBMB4XDTIyMTEwOTAwMDAwMFoXDTIz
MDIwNzIzNTk1OVowGzEZMBcGA1UEAxMQZGpmaWRpY2ptd29zLmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKzVxJRKd0zQ1qnYxWd7MMsMeUx02PIK
zAz5zmYMGiR3p/amuwWRxh1/IGWhSQV1jNulqgQrn36LSyTGwrFPpCW06aa6OKPP
ZYgKOAxxSkmR51OavBqc90VJicQlmIzyKbuVuZIeK48K8ogGH080Vzq8YXcHSeXf
ziE+PMKvyAemJAa7BVISpAUpY4rv5YCY6cqjP9wMtsNZENTcYR/D71RKvNFcadkT
13Du6719Z4VhqhGiDjaoWPeZnKHZDWR9OQyV6d+VrcsBDkd/zP+JzC5IiDvNrakS
w5kP6r5Q3q7DLxdGrsJkee1IwrOVwQ9mRtkO6VlXprafj/jHf4rrXkcCAwEAAaOC
AnowggJ2MB8GA1UdIwQYMBaAFMjZeGii2Rlo1T1y3l8KPty1hoamMB0GA1UdDgQW
BBQmuCVbN9xELVrJG7aD3XDyr/xEczAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0
BgsrBgEEAbIxAQICTjAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29t
L0NQUzAIBgZngQwBAgEwgYgGCCsGAQUFBwEBBHwwejBLBggrBgEFBQcwAoY/aHR0
cDovL3plcm9zc2wuY3J0LnNlY3RpZ28uY29tL1plcm9TU0xSU0FEb21haW5TZWN1
cmVTaXRlQ0EuY3J0MCsGCCsGAQUFBzABhh9odHRwOi8vemVyb3NzbC5vY3NwLnNl
Y3RpZ28uY29tMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADuAHUArfe++nz/EMiLnT2c
Hj4YarRnKV3PsQwkyoWGNOvcgooAAAGEWqrjgQAABAMARjBEAiAtdwiBAvajB6iv
D9MiDKT7yA1XA5qBnEXpYHKrm4zKfwIgeaWnQ12VCf61CiECAGHsyPJHW0IswYQn
Qo2gP/hcdHMAdQB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYRa
quNbAAAEAwBGMEQCID6k874/bGLky+WPdUVicNDq2NP3MnzNXsXVjiKJ77jCAiBi
PtGsYxFWKjVCxuaLzWakfGb/t/+hdTS9UhV8s7LYJjAbBgNVHREEFDASghBkamZp
ZGljam13b3MuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQA/+NZii0Ez+yGq2OYIOkLK
DEL606WsA3wn1g8hRnEH5yOSA6H/B1/cMDq+gvIJt7fxOll2xmp+C372LS9rY330
IOWK7WO6Xr0B9+X1sEKvZ1pSLu+/10tlqt0Axo2pm1tU+pGR4g+X7m/XZ9bQEYA7
1rEGa+eUKunBn/7KE5uRHn/PS3nWT2mnOxDTqD1kEDkF3opezkfd8BWY1IswVzWK
plVS7YYDUdTFFHUfl0mkXbQz11Y53b1NimV6a+LAKkY3SJERvzG5xvHkVdR6wl6u
yB538SkQUwSqlKbQ6XTpGiRCzwbw7km1PdGgRcHlCBnwOpDrVqhJ2+VEV0AALdzM
uPGfOGuPz0DNKa+nVvt00EG//PicO5UtD7/1KP3gSUjzOXbhoufoxcPrQKmlsdnY
mWUI6TOGC4XPw84b6m1fF3Xig+ihT7EerZ7qhOnJ3t8KgR62IAGiTJ6e2/y4i42q
U8Oi2CIZA5ZTly9jmSCpvyIf6lR64+Vmd9Ac/woCFgGMT1QmXX1pwdxU0ej47B10
a05SEaEG+8ln28FDHa2lMnXxzY3+ZALF+3Yem+2tS55dyUcPnL1qvtWKTkVizT6b
+mLrO/cOenENZRpDXEVoEzqtK66+nGw8OwWHBkiwnvmCPHsOH4+m4fTeEegxe+AT
FzcTGEwBN5sc/VHRvvCKNA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIG1TCCBL2gAwIBAgIQbFWr29AHksedBwzYEZ7WvzANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
MTMwMDAwMDAwWhcNMzAwMTI5MjM1OTU5WjBLMQswCQYDVQQGEwJBVDEQMA4GA1UE
ChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NTTCBSU0EgRG9tYWluIFNlY3VyZSBT
aXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAhmlzfqO1Mdgj
4W3dpBPTVBX1AuvcAyG1fl0dUnw/MeueCWzRWTheZ35LVo91kLI3DDVaZKW+TBAs
JBjEbYmMwcWSTWYCg5334SF0+ctDAsFxsX+rTDh9kSrG/4mp6OShubLaEIUJiZo4
t873TuSd0Wj5DWt3DtpAG8T35l/v+xrN8ub8PSSoX5Vkgw+jWf4KQtNvUFLDq8mF
WhUnPL6jHAADXpvs4lTNYwOtx9yQtbpxwSt7QJY1+ICrmRJB6BuKRt/jfDJF9Jsc
RQVlHIxQdKAJl7oaVnXgDkqtk2qddd3kCDXd74gv813G91z7CjsGyJ93oJIlNS3U
gFbD6V54JMgZ3rSmotYbz98oZxX7MKbtCm1aJ/q+hTv2YK1yMxrnfcieKmOYBbFD
hnW5O6RMA703dBK92j6XRN2EttLkQuujZgy+jXRKtaWMIlkNkWJmOiHmErQngHvt
iNkIcjJumq1ddFX4iaTI40a6zgvIBtxFeDs2RfcaH73er7ctNUUqgQT5rFgJhMmF
x76rQgB5OZUkodb5k2ex7P+Gu4J86bS15094UuYcV09hVeknmTh5Ex9CBKipLS2W
2wKBakf+aVYnNCU6S0nASqt2xrZpGC1v7v6DhuepyyJtn3qSV2PoBiU5Sql+aARp
wUibQMGm44gjyNDqDlVp+ShLQlUH9x8CAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaA
FFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBTI2XhootkZaNU9ct5fCj7c
tYaGpjAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQIC
TjAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1
c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYG
CCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu
Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRw
Oi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAVDwoIzQDV
ercT0eYqZjBNJ8VNWwVFlQOtZERqn5iWnEVaLZZdzxlbvz2Fx0ExUNuUEgYkIVM4
YocKkCQ7hO5noicoq/DrEYH5IuNcuW1I8JJZ9DLuB1fYvIHlZ2JG46iNbVKA3ygA
Ez86RvDQlt2C494qqPVItRjrz9YlJEGT0DrttyApq0YLFDzf+Z1pkMhh7c+7fXeJ
qmIhfJpduKc8HEQkYQQShen426S3H0JrIAbKcBCiyYFuOhfyvuwVCFDfFvrjADjd
4jX1uQXd161IyFRbm89s2Oj5oU1wDYz5sx+hoCuh6lSs+/uPuWomIq3y1GDFNafW
+LsHBU16lQo5Q2yh25laQsKRgyPmMpHJ98edm6y2sHUabASmRHxvGiuwwE25aDU0
2SAeepyImJ2CzB80YG7WxlynHqNhpE7xfC7PzQlLgmfEHdU+tHFeQazRQnrFkW2W
kqRGIq7cKRnyypvjPMkjeiV9lRdAM9fSJvsB3svUuu1coIG1xxI1yegoGM4r5QP4
RGIVvYaiI76C0djoSbQ/dkIUUXQuB8AL5jyH34g3BZaaXyvpmnV4ilppMXVAnAYG
ON51WhJ6W0xNdNJwzYASZYH+tmCWI+N60Gv2NNMGHwMZ7e9bXgzUCZH5FaBFDGR5
S9VWqHB73Q+OyIVvIbKYcSc2w/aSuFKGSA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw
MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV
BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU
aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy
dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B
3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY
tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/
Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2
VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT
79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6
c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT
Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l
c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee
UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE
Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd
BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G
A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF
Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO
VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3
ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs
8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR
iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze
Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ
XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/
qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB
VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB
L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG
jjxDah2nGN59PRbxYvnKkKj9
-----END CERTIFICATE-----

Certificate Transparency:

SCT Google 'Xenon2023' log (Embedded in certificate, Verified)

SCT Cloudflare 'Nimbus2023' Log (Embedded in certificate, Verified)

To get Chrome’s highest level of security, turn on enhanced protection
This server could not prove that it is www.tubevsexindia.pro; its security certificate is from djfidicjmwos.com. This may be caused by a misconfiguration or an attacker intercepting your connection.

  1. djfidicjmwos-com-chain.pem
-----BEGIN CERTIFICATE-----
MIIGbDCCBFSgAwIBAgIQCfh/DXql2tKTs/q1ra6WBjANBgkqhkiG9w0BAQwFADBL
MQswCQYDVQQGEwJBVDEQMA4GA1UEChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NT
TCBSU0EgRG9tYWluIFNlY3VyZSBTaXRlIENBMB4XDTIyMTEwOTAwMDAwMFoXDTIz
MDIwNzIzNTk1OVowGzEZMBcGA1UEAxMQZGpmaWRpY2ptd29zLmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKzVxJRKd0zQ1qnYxWd7MMsMeUx02PIK
zAz5zmYMGiR3p/amuwWRxh1/IGWhSQV1jNulqgQrn36LSyTGwrFPpCW06aa6OKPP
ZYgKOAxxSkmR51OavBqc90VJicQlmIzyKbuVuZIeK48K8ogGH080Vzq8YXcHSeXf
ziE+PMKvyAemJAa7BVISpAUpY4rv5YCY6cqjP9wMtsNZENTcYR/D71RKvNFcadkT
13Du6719Z4VhqhGiDjaoWPeZnKHZDWR9OQyV6d+VrcsBDkd/zP+JzC5IiDvNrakS
w5kP6r5Q3q7DLxdGrsJkee1IwrOVwQ9mRtkO6VlXprafj/jHf4rrXkcCAwEAAaOC
AnowggJ2MB8GA1UdIwQYMBaAFMjZeGii2Rlo1T1y3l8KPty1hoamMB0GA1UdDgQW
BBQmuCVbN9xELVrJG7aD3XDyr/xEczAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0
BgsrBgEEAbIxAQICTjAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29t
L0NQUzAIBgZngQwBAgEwgYgGCCsGAQUFBwEBBHwwejBLBggrBgEFBQcwAoY/aHR0
cDovL3plcm9zc2wuY3J0LnNlY3RpZ28uY29tL1plcm9TU0xSU0FEb21haW5TZWN1
cmVTaXRlQ0EuY3J0MCsGCCsGAQUFBzABhh9odHRwOi8vemVyb3NzbC5vY3NwLnNl
Y3RpZ28uY29tMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADuAHUArfe++nz/EMiLnT2c
Hj4YarRnKV3PsQwkyoWGNOvcgooAAAGEWqrjgQAABAMARjBEAiAtdwiBAvajB6iv
D9MiDKT7yA1XA5qBnEXpYHKrm4zKfwIgeaWnQ12VCf61CiECAGHsyPJHW0IswYQn
Qo2gP/hcdHMAdQB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYRa
quNbAAAEAwBGMEQCID6k874/bGLky+WPdUVicNDq2NP3MnzNXsXVjiKJ77jCAiBi
PtGsYxFWKjVCxuaLzWakfGb/t/+hdTS9UhV8s7LYJjAbBgNVHREEFDASghBkamZp
ZGljam13b3MuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQA/+NZii0Ez+yGq2OYIOkLK
DEL606WsA3wn1g8hRnEH5yOSA6H/B1/cMDq+gvIJt7fxOll2xmp+C372LS9rY330
IOWK7WO6Xr0B9+X1sEKvZ1pSLu+/10tlqt0Axo2pm1tU+pGR4g+X7m/XZ9bQEYA7
1rEGa+eUKunBn/7KE5uRHn/PS3nWT2mnOxDTqD1kEDkF3opezkfd8BWY1IswVzWK
plVS7YYDUdTFFHUfl0mkXbQz11Y53b1NimV6a+LAKkY3SJERvzG5xvHkVdR6wl6u
yB538SkQUwSqlKbQ6XTpGiRCzwbw7km1PdGgRcHlCBnwOpDrVqhJ2+VEV0AALdzM
uPGfOGuPz0DNKa+nVvt00EG//PicO5UtD7/1KP3gSUjzOXbhoufoxcPrQKmlsdnY
mWUI6TOGC4XPw84b6m1fF3Xig+ihT7EerZ7qhOnJ3t8KgR62IAGiTJ6e2/y4i42q
U8Oi2CIZA5ZTly9jmSCpvyIf6lR64+Vmd9Ac/woCFgGMT1QmXX1pwdxU0ej47B10
a05SEaEG+8ln28FDHa2lMnXxzY3+ZALF+3Yem+2tS55dyUcPnL1qvtWKTkVizT6b
+mLrO/cOenENZRpDXEVoEzqtK66+nGw8OwWHBkiwnvmCPHsOH4+m4fTeEegxe+AT
FzcTGEwBN5sc/VHRvvCKNA==
-----END CERTIFICATE-----

Have you tried speaking to your ISP to resolve the issue?

1 Like

Hijacking can never be solved by asking ISPs, hijacking is what GFW asks ISPs to do.
It’s like asking a country that doesn’t have internet freedom to delete GFW, it’s never going to happen !

Yes. Despite the DNS answer being correct from Cloudflare being returned via DNS the http(s) request is being hijacked. It’s my understanding that is a common occurence in China. Were different results expected?

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.