Anomaly
http://ebuddy.com/
DNS tampering
Thailand
Country
AS23969
Network
October 14, 2021, 02:31 PM UTC
Date & Time
Websites
Websites
Runtime: 386ms

On October 14, 2021, 02:31 PM UTC, http://ebuddy.com/ presented signs of DNS tampering on AS23969 in Thailand.

This might mean that http://ebuddy.com/ was blocked, but false positives can occur.

Please explore the network measurement data below.

Failures

HTTP Experiment
null
DNS Experiment
null
Control
null

DNS Queries

Resolver:
74.63.20.250
Query:
IN A ebuddy.com
Engine:
system
Name
Class
TTL
Type
DATA
@
IN
A
0.0.0.0
Query:
IN AAAA ebuddy.com
Engine:
system
Name
Class
TTL
Type
DATA
@
IN
AAAA
::

TCP Connections

Connection to :::80 succeeded.
Connection to 0.0.0.0:80 succeeded.

HTTP Requests

URL
GET http://ebuddy.com/
Response Headers
Cache-Control:
max-age=0
Content-Length:
3768
Content-Type:
text/html; charset=UTF-8
Date:
Thu, 14 Oct 2021 14:37:28 GMT
Expires:
Thu, 14 Oct 2021 14:37:28 GMT
Server:
lighttpd/1.4.53
X-Pi-Hole:
A black hole for Internet advertisements.
Response Body
<!doctype html>
<!-- Pi-hole: A black hole for Internet advertisements
*  (c) 2017 Pi-hole, LLC (https://pi-hole.net)
*  Network-wide ad blocking via your own hardware.
*
*  This file is copyright under the latest version of the EUPL. -->
<html>
<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">  <meta name="robots" content="noindex,nofollow">
  <meta http-equiv="x-dns-prefetch-control" content="off">
  <link rel="stylesheet" href="pihole/blockingpage.css">
  <link rel="shortcut icon" href="admin/img/favicons/favicon.ico" type="image/x-icon">
  <title>● ebuddy.com</title>
  <script src="admin/scripts/vendor/jquery.min.js"></script>
  <script>
    window.onload = function () {
      $("#bpBack").removeAttr("href");$("#bpWhitelist").prop("disabled", false);$("#bpWLPassword").attr("placeholder", "Password");$("#bpWLPassword").prop("disabled", false);    }
  </script>
</head>
<body id="blockpage"><div id="bpWrapper">
<header>
  <h1 id="bpTitle">
    <a class="title" href="/"></a>
  </h1>
  <div class="spc"></div>

  <input id="bpAboutToggle" type="checkbox">
  <div id="bpAbout">
    <div class="aboutPH">
      <div class="aboutImg"></div>
      <p>Open Source Ad Blocker
        <small>Designed for Raspberry Pi</small>
      </p>
    </div>
    <div class="aboutLink">
      <a class="linkPH" href="https://docs.pi-hole.net/"></a>
          </div>
  </div>

  <div id="bpAlt">
    <label class="altBtn" for="bpAboutToggle"></label>
  </div>
</header>

<main>
  <div id="bpOutput" class="hidden"></div>
  <div id="bpBlock">
    <p class="blockMsg">ebuddy.com</p>
  </div>
    <div id="bpHelpTxt"><span/></div>
  <div id="bpButtons" class="buttons">
    <a id="bpBack" onclick="javascript:history.back()" href="about:home"></a>
    <label id="bpInfo" for="bpMoreToggle"></label>  </div>
  <input id="bpMoreToggle" type="checkbox">
  <div id="bpMoreInfo">
    <span id="bpFoundIn"><span>1</span>8</span>
    <pre id='bpQueryOutput'><span>[0]:</span>https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
</pre>

    <form id="bpWLButtons" class="buttons">
      <input id="bpWLDomain" type="text" value="ebuddy.com" disabled>
      <input id="bpWLPassword" type="password" placeholder="JavaScript disabled" disabled>
      <button id="bpWhitelist" type="button" disabled></button>
    </form>
  </div>
</main>

<footer><span>Thursday 2:37 PM, October 14th.</span> Pi-hole v5.5-0-gdad6247 (sps-serv/127.0.0.1)</footer>
</div>

<script>
  function add() {
    $("#bpOutput").removeClass("hidden error exception");
    $("#bpOutput").addClass("add");
    var domain = "ebuddy.com";
    var pw = $("#bpWLPassword");
    if(domain.length === 0) {
      return;
    }
    $.ajax({
      url: "/admin/scripts/pi-hole/php/add.php",
      method: "post",
      data: {"domain":domain, "list":"white", "pw":pw.val()},
      success: function(response) {
        if(response.indexOf("Pi-hole blocking") !== -1) {
          setTimeout(function(){window.location.reload(1);}, 10000);
          $("#bpOutput").removeClass("add");
          $("#bpOutput").addClass("success");
          $("#bpOutput").html("");
        } else {
          $("#bpOutput").removeClass("add");
          $("#bpOutput").addClass("error");
          $("#bpOutput").html(""+response+"");
        }
      },
      error: function(jqXHR, exception) {
        $("#bpOutput").removeClass("add");
        $("#bpOutput").addClass("exception");
        $("#bpOutput").html("");
      }
    });
  }
      $(document).keypress(function(e) {
        if(e.which === 13 && $("#bpWLPassword").is(":focus")) {
            add();
        }
    });
    $("#bpWhitelist").on("click", function() {
        add();
    });
  </script>
</body></html>
Report ID
20211014T073129Z_webconnectivity_TH_23969_n1_3el3QPBsEibzXsxr
Platform
linux
Software Name
iThena-ooniprobe (1.0.0)
Measurement Engine
ooniprobe-engine (3.10.0-beta.3)

Raw Measurement Data

Loading