Anomaly
http://telegramproxy.online
DNS tampering
Belarus
Country
AS31143
Network
August 22, 2020, 06:21 PM UTC
Date & Time
Websites
Websites
Runtime: 1.2s

On August 22, 2020, 06:21 PM UTC, http://telegramproxy.online presented signs of DNS tampering on AS31143 in Belarus.

This might mean that http://telegramproxy.online was blocked, but false positives can occur.

Please explore the network measurement data below.

Failures

HTTP Experiment
null
DNS Experiment
null
Control
null

DNS Queries

Resolver:
213.184.238.6
Query:
IN A telegramproxy.online
Engine:
system
Name
Class
TTL
Type
DATA
@
IN
CNAME
telegramproxy.online
@
IN
A
134.17.0.7

TCP Connections

Connection to 134.17.0.7:80 succeeded.

HTTP Requests

URL
GET https://internet.mts.by/blocked/
Response Headers
Status:
451
X-Request-Id:
029cc7fe-583d-44dc-99aa-d62025537b06
X-XSS-Protection:
1; mode=block
X-Content-Type-Options:
nosniff
X-Powered-By:
Phusion Passenger 5.0.16
Transfer-Encoding:
chunked
Set-Cookie:
_mts_portal_session=dlJscWY3Qjh3azVYYSs0dEVEd25EWFhhWGFUSS9XUzZ0Si9wSjBwOWRUL05JMklmV1BFSVV3UHFUa1c4VjJFVXVvc0RlaENaMnlLWFBRZ2R0bXdXMEFFT1JZUXVCSURsd0p1cmlDOGRwU04vVUM0NjErd3NpUWZzR0JVSTBsMUUvbk50VkJSLzVzQTFveU4yclJSRzBnPT0tLWxlNm5kYUdsd3psc09nUVZ3dzJiZ3c9PQ%3D%3D--1bc37948b831c3b7ae428453f1875e1ff322f6db; path=/; HttpOnly
Connection:
keep-alive
Server:
nginx/1.6.3
X-Runtime:
0.003444
Cache-Control:
no-cache
Date:
Sat, 22 Aug 2020 17:24:46 GMT
X-Frame-Options:
SAMEORIGIN
Content-Type:
text/html; charset=utf-8
Response Body
<!DOCTYPE html><!--[if lt IE 7]><html class="ie6"></html><![endif]--><!--[if IE 7]><html class="ie7"></html><![endif]--><!--[if lt IE 8]><html class="ie8"></html><![endif]--><!--[if lt IE 9]><html class="ie9"></html><![endif]--><!--[if (gt IE 9)|!(IE)]><html></html><![endif]--><head><meta charset="utf-8" /><meta content="telephone=no" name="format-detection" /><meta content="ie=edge" http-equiv="x-ua-compatible" /><meta content="width=device-width, initial-scale=1, maximum-scale=1" name="viewport" /><title>МТС Портал</title><script src="/assets/application-cf3ef69434e28905be299ed8b15d5c0785ca818d0af16eb39ee69811e19801f3.js"></script><link rel="stylesheet" media="all" href="/assets/application-4eaa307608b064f37261b67dd59030ad511c4cd0d0fa1f5bdf3dca62fd9518ea.css" /><link rel="shortcut icon" type="image/x-icon" href="/assets/favicon-9c0dbbf81f991cd99b1222e90a8fa41119b5bcef46a018181c5ebb2c52eb0f8a.ico" /><meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="h3rswPospxZfmN1rDhb9SabO+IwR5SwfsfGR0tOdD4H9jAvNLRkE9qiu9AuFg6bpgx5Lxh2yo4Qb3bXYAy9clQ==" /></head><body><div id="dialog-dummy"></div><div class="pageWrap main"><div class="pageInner"><header><a class="logo-wrapper" href="/"><img class="logo-img" src="/assets/logo_text-304df807991db9ccf44351f4f3851fcc131c52b441031a72209c2adc5cd6aca2.svg" alt="Logo text 304df807991db9ccf44351f4f3851fcc131c52b441031a72209c2adc5cd6aca2" /></a></header><div class="pageBlock"><div class="box-access"><img class="access-img" src="/assets/access-aa9c953f10a4b5cc2b9a45763f84aa5d68f4b260a841aa6e67b4d14080edbeca.svg" alt="Access aa9c953f10a4b5cc2b9a45763f84aa5d68f4b260a841aa6e67b4d14080edbeca" /><p>Доступ к ресурсу ограничен на основании решения Министерства информации Республики Беларусь, принятого в соответствии с Законом Республики Беларусь "О средствах массовой информации".</p></div></div></div><footer><ul class="footer-links"><li><a target="_blank" href="http://www.mts.by/">Сайт МТС</a></li><li><a target="_blank" href="https://ihelper.mts.by/selfcare/">Интернет-помощник</a></li><li><a target="_blank" href="https://help.mts.by/hc/ru/requests/new?ticket_form_id=34982">Онлайн-поддержка</a></li><li><a target="_blank" href="http://www.mts.by/contacts/">Контакты</a></li></ul><div class="copyright">© 2002-2020 СООО &laquo;Мобильные ТелеСистемы&raquo;. Все права защищены.</div></footer></div></body></html>
URL
GET http://telegramproxy.online/
Response Headers
Date:
Sat, 22 Aug 2020 17:44:32 GMT
Content-Length:
240
Content-Type:
text/html; charset=iso-8859-1
Location:
https://internet.mts.by/blocked/
Server:
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Response Body
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://internet.mts.by/blocked/">here</a>.</p>
</body></html>
Report ID
20200822T182123Z_AS31143_vVIi3Bb2SFTnPv1WhzwlUKw0jquavwFWj02n1ynCBAIZTLg26R
Platform
android
Software Name
ooniprobe-android (2.5.2)
Measurement Engine
libmeasurement_kit (0.10.12)

Raw Measurement Data

Loading