Decap: Probe non-existent dns names to detect portal

[kpcyrd]

I ran into a few networks that whitelist the clients3.google.com endpoint that we currently use to detect captive portals. We should evaluate if probing <18-random-characters>.com generally results in redirects as well or if the captive portals are able to detect that those records do, in fact, not exist. This might be more reliable than the current captive portal detection which has false-negatives occasionally.