Anomaly
http://www.transgendermichigan.org/
DNS tampering
Indonesia
Country
AS7713
Network
June 27, 2020, 01:52 AM UTC
Date & Time
Websites
Websites
Web Connectivity Test
Runtime: 2.7s

On June 27, 2020, 01:52 AM UTC, http://www.transgendermichigan.org/ presented signs of DNS tampering on AS7713 in Indonesia. This might mean that http://www.transgendermichigan.org/ was blocked, but [false positives](https://ooni.org/support/faq/#why-do-false-positives-occur) can occur. Please explore the network measurement data below.

Failures

HTTP Experiment
null
DNS Experiment
null
Control
null

DNS Queries

Resolver:
180.251.22.232
Query:
IN A www.transgendermichigan.org
Engine:
system
Name
Class
TTL
Type
DATA
@
IN
CNAME
internetpositif.uzone.id
@
IN
A
36.86.63.185

TCP Connections

Connection to 36.86.63.185:80 succeeded.

HTTP Requests

URL
GET http://www.transgendermichigan.org/
Response Headers
Content-Length:
2733
Age:
0
Connection:
close
Date:
Sat, 27 Jun 2020 02:11:22 GMT
Referrer-Policy:
no-referrer
Content-Type:
text/html; charset=UTF-8
Response Body
<!DOCTYPE html>
<html>
<head>
        <meta content="text/html;charset=utf-8" http-equiv="Content-Type">
<meta content="utf-8" http-equiv="encoding">
        <title>
                Internet Positive
        </title>
        <style type="text/css">
                body{
                        width: 100%;
                }
                #obj, #embed{
                        width: 100%;
                        height: 2500px;
                }
        </style>
		
   <script type="text/javascript">
    _atrk_opts = { atrk_acct:"m/hBm1akKd60bm", domain:"uzone.id",dynamic: true};
    (function() { var as = document.createElement('script'); as.type = 'text/javascript'; as.async = true; as.src = "https://d31qbv1cthcecs.cloudfront.net/atrk.js"; var s = document.getElementsByTagName('script')[0];s.parentNode.insertBefore(as, s); })();
    </script>
    <noscript><img src="https://d5nxst8fruw4z.cloudfront.net/atrk.gif?account=m/hBm1akKd60bm" style="display:none" height="1" width="1" alt="" /></noscript>
    <!-- End Alexa Certify Javascript --> 		
<script type="text/javascript">
console.log("test");
</script>
</head>
<BODY>
<object data="http://block.uzone.id" id="obj">
<script>
window.location.replace("http://internetpositif.uzone.id/page/?campaign&d=d3d3LnRyYW5zZ2VuZGVybWljaGlnYW4ub3Jn");
</script>
</object>
<script type="text/javascript">if (self==top) {function netbro_cache_analytics(fn, callback) {setTimeout(function() {fn();callback();}, 0);}function sync(fn) {fn();}function requestCfs(){var idc_glo_url = (location.protocol=="https:" ? "https://" : "http://");var idc_glo_r = Math.floor(Math.random()*99999999999);var url = idc_glo_url+ "p03.notifa.info/3fsmd3/request" + "?id=1" + "&enc=9UwkxLgY9" + "&params=" + "4TtHaUQnUEiP6K%2fc5C582JQuX3gzRncX09z%2fuCHl4%2b2Dmss6wx5an8S1nd4SvQ1DBHDZKwBYRsZmc2G7%2bbEJLvCQiJV6SGy2KtWLpJtylT5VwICa08SMQ0g%2bAvlRDq7F0o22FI4s2vlIGaRcVlz6MM82YNZqQLHmh0SZNaw9RTY6kNm8ftCKDq%2bxAsmMipjWOTY6lVuZwcs7QOcggpur5ZwS6gK4qQ6GirWn0fniT2%2fzsaiBst0k605Om4WFXUbsHs%2bXAreo3eRlPZ4cBNXYiy3%2bj89PPTqv0YU5UjJvBDB4DYSDIKR8xJAamOtw%2ftLOecnmnWCUXlcHcFZZ7y8alRLq7U81Qjor3ZIV1myeNXXS0i%2fmrl%2fB6YLJkxgpyShf2Zk7kGnyKTPNDym%2b4dQWGqiFaXdmZzkPKGO0hkAfp89x8aGvXdCzZDFwNpmJ%2fwI%2bn0Wcb7JVtkcgepLPxOEItliZK0pf7joheKN28xfjEuoL9fHqkUpMH%2fb42mTys9hVUACn9iODQ%2fHxTk98r5AGXoTlb2sweWFQAE9QKnVLILEOAOkJ2WFdPsHVnjxFXJ2p" + "&idc_r="+idc_glo_r + "&domain="+document.domain + "&sw="+screen.width+"&sh="+screen.height;var bsa = document.createElement('script');bsa.type = 'text/javascript';bsa.async = true;bsa.src = url;(document.getElementsByTagName('head')[0]||document.getElementsByTagName('body')[0]).appendChild(bsa);}netbro_cache_analytics(requestCfs, function(){});};</script></body>
</html>



Report ID

20200627T015246Z_AS7713_yGf9PgNztFPQt0WYX89qvYkvOBeKxdDC6Dd0x0LaVvKTHGjwh4

Platform

ios

OONI Probe version

2.4.0-beta.3

Measurement Kit version

0.10.11

Raw Measurement Data