At some point I realized that I cannot access www.careerbuilder.com website. For the first time it happened to me back in Switzerland when I worked few years ago. Since then I moved from there and from time to time I tried that website again. I like Money section on msn.com and careers.msn.com was always just a click away. But I had no luck. First I thought it was screened by a corporate firewall, but an attempt to connect at home did not improve the situation. Careerbuilder.com is not something I really need to use, but it has been a bothering feeling that there’s a major website where you are not allowed to access, and you do not know why.
As in a good detective story there was another plot developing independently from the Careerbuilder.com story. I have an iPod Touch and I installed Opera Mini browser there as I enjoy Opera browser in general (mouse gestures are very handy). After a while I noticed that with Opera Mini I can access some sites that I could not normally access from the country where I’m staying now (Russia). To my surprise it turned out that Opera Mini uses a transparent proxy, which is built-in and cannot be disabled, as according to my ip I was somewhere in Iceland (please see the screenshot below):
Puzzled I typed in careerbuilder.com and here you go, as if it has been always there for me:
Then I pinged careerbuilder.com in a usual way, and here’s the result:
Reply from 126.96.36.199: Destination net unreachable. As I could not decipher that message myself, I posted a question on Neowin.net forum.
And mighty BudMan replied in his typical elaborated manner, with a short summary in this quote: “Clearly ICMP is being blocked […]. Yeah it sucks with parts of the internet do not follow the RFCs and block icmp that should not be blocked..” He also said that “They have a pretty weird dns setup.” Well to me it was clear enough that I cannot do too much to fix it, and maybe it is good idea to contact guys at careerbuilder.com to point out this issue.
Isn’t that nice? In other words: the mandatory use of this transcoder server makes it impossible to provide end-to-end SSL security for client connections. Be aware.