June 15, 2021 at 9:03:49 PM UTC
VERIFY
Anomaly
DNS tampering
Websites
Websites
Runtime: 3.2s
Share on Facebook or Twitter
On June 15, 2021 at 9:03:49 PM UTC, http://de.lirio.us/ presented signs of DNS tampering on AS4788 in Malaysia. This might mean that http://de.lirio.us/ was blocked, but false positives can occur. Please explore the network measurement data below.

Failures

HTTP Experiment
null
DNS Experiment
null
Control
null

DNS Queries

Resolver:
202.188.1.181
Query:
IN A de.lirio.us
Engine:
system
Name
Class
TTL
Type
DATA
Answer IP Info
@
IN
A
96.47.230.67
AS8100 (QuadraNet Enterprises LLC)

TCP Connections

96.47.230.67:80: succeeded

HTTP Requests

URL
GET http://ww1.lirio.us
Response Headers
Connection:
keep-alive
Content-Type:
text/html; charset=UTF-8
Date:
Tue, 15 Jun 2021 21:03:52 GMT
Server:
openresty
X-Adblock-Key:
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_CpAGANiO7ucnf3cMDgXWadoeAFP6af4z1jOHbl5krbWO+YnF3mXVAAR0H4e/jxIrPI3+SMy10YrkSBcNfNCIbg==
Response Body
<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_CpAGANiO7ucnf3cMDgXWadoeAFP6af4z1jOHbl5krbWO+YnF3mXVAAR0H4e/jxIrPI3+SMy10YrkSBcNfNCIbg=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head><!--[if IE 6 ]><body class="ie6"><![endif]--><!--[if IE 7 ]><body class="ie7"><![endif]--><!--[if IE 8 ]><body class="ie8"><![endif]--><!--[if IE 9 ]><body class="ie9"><![endif]--><!--[if (gt IE 9)|!(IE)]> --><body><!--<![endif]--><script type="text/javascript">g_pb=(function(){var
DT=document,azx=location,DD=DT.createElement('script'),aAC=false,LU;DD.defer=true;DD.async=true;DD.src="//www.google.com/adsense/domains/caf.js";DD.onerror=function(){if(azx.search!=='?z'){azx.href='/?z';}};DD.onload=DD.onreadystatechange=function(){if(!aAC&&LU){if(!window['googleNDT_']){}
LU(google.ads.domains.Caf);}
aAC=true;};DT.body.appendChild(DD);return{azm:function(n$){if(aAC)
n$(google.ads.domains.Caf);else
LU=n$;},bq:function(){if(!aAC){DT.body.removeChild(DD);}}};})();g_pd=(function(){var
azx=window.location,nw={},bH,azw=azx.search.substring(1),aAv,aAw;if(!azw)
return nw;aAv=azw.split("&");for(bH=0;bH<aAv.length;bH++){aAw=aAv[bH].split('=');nw[aAw[0]]=aAw[1]?aAw[1]:"";}
return nw;})();g_pc=(function(){var $is_ABP_whitelisted=null;var $Image1=new Image;var $Image2=new Image;var $error1=false;var $error2=false;var $remaining=2;var $random=Math.random()*11;function $imageLoaded(){$remaining--;if($remaining===0)
$is_ABP_whitelisted=!$error1&&$error2;}
$Image1.onload=$Image2.onload=$imageLoaded;$Image1.onerror=function(){$error1=true;$imageLoaded();};$Image2.onerror=function(){$error2=true;$imageLoaded();};$Image1.src='/px.gif?ch=1&rn='+$random;$Image2.src='/px.gif?ch=2&rn='+$random;return{azo:function(){return'&abp='+($is_ABP_whitelisted?'1':'0');},$isWhitelisted:function(){return $is_ABP_whitelisted;},$onReady:function($callback){function $poll(){if($is_ABP_whitelisted===null)
setTimeout($poll,100);else $callback();}
$poll();}}})();(function(){var aAo=screen,Rr=window,azx=Rr.location,aAB=top.location,DT=document,Sf=DT.body||DT.getElementsByTagName('body')[0],aAy=0,aAx=0,aAz=0,$IE=null;if(Sf.className==='ie6')
$IE=6;else if(Sf.className==='ie7')
$IE=7;else if(Sf.className==='ie8')
$IE=8;else if(Sf.className==='ie9')
$IE=9;function aAu($callback){aAz++;aAy=Rr.innerWidth||DT.documentElement.clientWidth||Sf.clientWidth;aAx=Rr.innerHeight||DT.documentElement.clientHeight||Sf.clientHeight;if(aAy>0||aAz>=5){$callback();}
else{setTimeout(aAu,100);}}
var $num_requirements=2;function $requirementMet(){$num_requirements--;if($num_requirements===0)
aAA();}
aAu($requirementMet);g_pc.$onReady($requirementMet);function aAA(){var ef=undefined,IQ=encodeURIComponent,aAt;if(aAB!=azx&&g_pd.r_s===ef)
aAB.href=azx.href;aAt=DT.createElement('script');aAt.type='text/javascript';aAt.src='/glp'+'?r='+(g_pd.r!==ef?g_pd.r:(DT.referrer?IQ(DT.referrer.substr(0,255)):''))+
(g_pd.r_u?'&u='+g_pd.r_u:'&u='+IQ(azx.href.split('?')[0]))+
(g_pd.gc?'&gc='+g_pd.gc:'')+
(g_pd.cid?'&cid='+g_pd.cid:'')+
(g_pd.query?'&sq='+g_pd.query:'')+
(g_pd.search?'&ss=1':'')+
(g_pd.a!==ef?'&a':'')+
(g_pd.z!==ef?'&z':'')+
(g_pd.z_ds!==ef?'&z_ds':'')+
(g_pd.r_s!==ef?'&r_s='+g_pd.r_s:'')+
(g_pd.r_d!==ef?'&r_d='+g_pd.r_d:'')+'&rw='+aAo.width+'&rh='+aAo.height+
(g_pd.r_ww!==ef?'&ww='+g_pd.r_ww:'&ww='+aAy)+
(g_pd.r_wh!==ef?'&wh='+g_pd.r_wh:'&wh='+aAx)+
(g_pd.ref_keyword!==ef?'&ref_keyword='+g_pd.ref_keyword:'')+
(g_pc.$isWhitelisted()?'&abp=1':'')+
($IE!==null?'&ie='+$IE:'')+
(g_pd.partner!==ef?'&partner='+g_pd.partner:'')+
(g_pd.subid1!==ef?'&subid1='+g_pd.subid1:'')+
(g_pd.subid2!==ef?'&subid2='+g_pd.subid2:'')+
(g_pd.subid3!==ef?'&subid3='+g_pd.subid3:'')+
(g_pd.subid4!==ef?'&subid4='+g_pd.subid4:'')+
(g_pd.subid5!==ef?'&subid5='+g_pd.subid5:'');Sf.appendChild(aAt);}})();</script></body></html>
URL
GET http://de.lirio.us/
Response Headers
Cache-Control:
max-age=0, private, must-revalidate
Content-Length:
11
Date:
Tue, 15 Jun 2021 21:04:17 GMT
Location:
http://ww1.lirio.us
Server:
nginx
Set-Cookie:
sid=3e7b8f42-ce1d-11eb-8757-50414b862f43; path=/; domain=.lirio.us; expires=Mon, 04 Jul 2089 00:18:24 GMT; max-age=2147483647; HttpOnly
Response Body
Redirecting

Resolver

Resolver ASN
AS4788
Resolver IP
202.188.1.181
Resolver Network Name
Tmnet, Telekom Malaysia Bhd.
Measurement UID
20210615210353.115683_MY_webconnectivity_936338d3446aff08
Report ID
20210615T191418Z_webconnectivity_MY_4788_n1_GkxnOaMofVDgE84i
Platform
linux
Software Name
ooniprobe-cli (3.5.2)
Measurement Engine
ooniprobe-engine (3.5.2)

Raw Measurement Data

Loading…