Are isps blocking raw.githubusercontent.com?

[ze_cook]

Can you open https://raw.githubusercontent.com/H...641a5d0d089c13faf5e6a2/Formula/o/openssl@3.rb ? Or the https://raw.githubusercontent.com page at all? Can't open with office internet, or Jio 5g, in Bangalore. Opens fine when I connect to ProtonVPN@SGP.

 

[enthusiast29]

Workplace firewall may block github at some places.
It's working for me on airtel and jio fiber.

 

[ze_cook]

Workplace firewall may block github at some places.
It's working for me on airtel and jio fiber.

They do not for us, as we're using their managed infra for our codebase. Also, not working on my personal phone/mobile data either. Thanks for the input tho.

 

[DigitalDude]

It is blocked for me yesterday i tried to install a script from a repository and it didn't download... wasted a couple of hours troubleshooting only to find out it is blocked

My ISP is hathway Chennai

 

[TheNawab]

JioFiber actively fluctuates between blocking and allowing it in Surat, GJ. Weird asf and their reps have no clear answer about it when asked on emails and phone calls.

 

[6pack]

The first link opens some openssl c file. second link redirects to github.com.
On Jio 4g.

Try this secure dns setting in FF

 

[Blue Leaf]

Redirects to github.com on BSNL FTTH

 

[Futureized]

Works on Jio/Vi and airtel sim in Mumbai

 

[rootyme]

Jio:
Spent almost an hour trying to download the Firefox shortcut from here:
https://raw.githubusercontent.com/mozilla/sumo-kb/main/install-firefox-linux/firefox.desktop

And I failed.

 

[webofunni]

It is blocked for me in Jio Fibre. I accessed it using a squid proxy installed in a VPS hosted in the US. Online free proxies also work eg https://proxyium.com/

 

[enthusiast29]

It is indeed blocked on Jio fiber. My bad I was using GoodbyeDPI on my windows machine. My linux machines get a connection reset when attempting to connect to the host.
This is so stupid of JIo. They think the only users of their services are the ones using their shitty OTT.

Here's a workaround I implemented in for Linux but nothing should stop it to work with windows as well:

Jio blocked raw.githubusercontent.com?

Did Jio block raw.githubusercontent.com? Because I cannot see images loaded from it on my GitHub unless I use a VPN which is quite annoying. Someone please confirm this and also any workarounds other

stackoverflow.com

 

[ze_cook]

Here's a workaround I implemented in for Linux but nothing should stop it to work with windows as well:

Jio blocked raw.githubusercontent.com?

Did Jio block raw.githubusercontent.com? Because I cannot see images loaded from it on my GitHub unless I use a VPN which is quite annoying. Someone please confirm this and also any workarounds other

stackoverflow.com

Already tried it with my office mac, changing dns provider and hardcoding one of the raw.github... IPs. Whatever ISP we're using seems to be trying to decrypt SSL (and failing), which breaks the connection as well. Asked IT to reroute the connection over office VPN, which seems to have worked.

 

[webofunni]

It is actually creating a lot of trouble. Many apps nowadays use raw.github to fetch data. Yesterday I was installing https://dietpi.com/ on my RaspberryPi and its initial setup script fetches update info from raw.github . It was failing, so I had to use a VPN to complete the installation. It looks like they not only blocking at DNS level.

# dig +short raw.githubusercontent.com @8.8.8.8
185.199.111.133
185.199.108.133
185.199.110.133
185.199.109.133

# dig +short raw.githubusercontent.com
49.44.79.236

# tail -1 /etc/hosts
185.199.108.133 raw.githubusercontent.com

# ping -c 3 raw.githubusercontent.com
PING raw.githubusercontent.com (185.199.111.133) 56(84) bytes of data.
64 bytes from raw.githubusercontent.com (185.199.111.133): icmp_seq=1 ttl=50 time=53.9 ms
64 bytes from raw.githubusercontent.com (185.199.111.133): icmp_seq=2 ttl=50 time=49.9 ms
64 bytes from raw.githubusercontent.com (185.199.111.133): icmp_seq=3 ttl=50 time=50.4 ms


--- raw.githubusercontent.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 49.890/51.390/53.911/1.793 ms
 
# curl https://raw.githubusercontent.com/MichaIng/DietPi/master/.update/version
curl: (35) Recv failure: Connection reset by peer

# telnet raw.githubusercontent.com 80
Trying 185.199.111.133...
Connected to raw.githubusercontent.com.
Escape character is '^]'.
GET /MichaIng/DietPi/master/.update/version HTTP/1.0
Host: raw.githubusercontent.com


HTTP/1.0 200 OK
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 270
Content-Type: text/html


<meta name="viewport" content="width=device-width,initial-scale=1.0,maximum-scale=1.0"/><style>body{margin:0px;padding:0px;}iframe{width:100%;height:100%}</style><iframe src="http://49.44.18.34/webadmin/deny/court.html" width="100%" height="100%" frameborder=0></iframe>Connection closed by foreign host.

I am not a network admin. But looks like they are re-routing all raw.github IP to block access.

# traceroute 185.199.111.133
traceroute to 185.199.111.133 (185.199.111.133), 30 hops max, 60 byte packets
 1  reliance.reliance (192.168.29.1)  7.533 ms  7.494 ms  7.480 ms
 2  10.224.240.1 (10.224.240.1)  7.958 ms  7.947 ms  9.016 ms
 3  172.31.1.147 (172.31.1.147)  9.105 ms 172.31.0.183 (172.31.0.183)  9.117 ms  9.106 ms
 4  192.168.153.52 (192.168.153.52)  9.078 ms 192.168.153.54 (192.168.153.54)  8.993 ms 192.168.153.52 (192.168.153.52)  9.057 ms
 5  172.26.104.165 (172.26.104.165)  9.044 ms  9.035 ms  9.025 ms
 6  172.26.104.178 (172.26.104.178)  10.970 ms  3.450 ms 172.26.104.179 (172.26.104.179)  2.746 ms
 7  192.168.153.34 (192.168.153.34)  6.177 ms  4.818 ms  4.799 ms
 8  * * *
 9  * * *
10  * * *
11  10.70.80.197 (10.70.80.197)  22.773 ms  18.048 ms *
12  * * *
13  49.45.4.86 (49.45.4.86)  50.924 ms 103.198.140.249 (103.198.140.249)  51.813 ms 103.198.140.64 (103.198.140.64)  19.864 ms
14  * 103.198.140.89 (103.198.140.89)  52.682 ms 49.45.4.86 (49.45.4.86)  50.894 ms
15  103.198.140.17 (103.198.140.17)  47.977 ms * 103.198.140.249 (103.198.140.249)  50.972 ms
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *

 

[ze_cook]

Ah, classic

 

[enthusiast29]

It is actually creating a lot of trouble. Many apps nowadays use raw.github to fetch data. Yesterday I was installing https://dietpi.com/ on my RaspberryPi and its initial setup script fetches update info from raw.github . It was failing, so I had to use a VPN to complete the installation. It looks like they not only blocking at DNS level.

Was in the same situation y'day. Add it to /etc/hosts file and it should work again.
To make it work for other devices on the network I've done a DNS rewrite for the domain to the IP address in my local DNS server. If this is done then adding to /etc/hosts is redundant.

 

[calvin1719]

Is there an actual court order for this domain that anyone knows about?

I know that during the IPL weeks some ISPs blocked streamable, presumably because it was being used to stream parts/full content of IPL matches without authorization (just speculation on my part).

 

[webofunni]

Looks like a DPI spoofing app, like the one mentioned by @enthusiast29 does the trick.

# mkdir dpi
# cd dpi/
# wget -o /dev/null https://github.com/xvzc/SpoofDPI/releases/download/0.8/spoof-dpi-linux.tar.gz
# tar zxf spoof-dpi-linux.tar.gz
# ./spoof-dpi
███████ ██████   ██████   ██████  ███████ ██████  ██████  ██
██      ██   ██ ██    ██ ██    ██ ██      ██   ██ ██   ██ ██
███████ ██████  ██    ██ ██    ██ █████   ██   ██ ██████  ██
     ██ ██      ██    ██ ██    ██ ██      ██   ██ ██      ██
███████ ██       ██████   ██████  ██      ██████  ██      ██


• ADDR    : 127.0.0.1
• PORT    : 8080
• DNS     : 8.8.8.8
• DEBUG   : false


INFO[2023-10-16T22:15:27+05:30] Created a listener on port 8080

Then use http://127.0.0.1:8080 as proxy.

# curl -x http://127.0.0.1:8080 https://raw.githubusercontent.com/MichaIng/DietPi/master/.update/version
#!/bin/bash
# shellcheck disable=SC2034
# Available DietPi version
G_REMOTE_VERSION_CORE=8
G_REMOTE_VERSION_SUB=22
G_REMOTE_VERSION_RC=3
[.........removed long text....]
# curl https://raw.githubusercontent.com/MichaIng/DietPi/master/.update/version
curl: (35) Recv failure: Connection reset by peer

or start the browser with it

google-chrome --proxy-server="http://127.0.0.1:8080"

 

[mathannath]

It is blocked for me yesterday i tried to install a script from a repository and it didn't download... wasted a couple of hours troubleshooting only to find out it is blocked

My ISP is hathway Chennai

Brother mine too. I am from chennai and cuistoimer carre said the same blocked due to TROI rule

 

[altair21]

Jio at least has been randomly blocking it for over a year now in my case. Sometimes it works and sometimes it doesn't. I have just set my DNS to 8.8.8.8 on both my pc and mobile, I tried warp too but it can really slow down my connection sometimes specially when I'm using Usenet/Torrents.

 

[t3chg33k]

GitHub traffic is not blocked but extremely slow to open the first time on Hathway as well. It works fine after a few refreshes and download speeds are fine and I use Adguard Home on my router with Quad9 and Cloudflare.

Definitely on TRAI's blacklist but implementation seems to be different by different ISPs.