That's strange - it means we do not have any lead to the Regex your Pi-hole's UI claims to use for blocking vortex.data.microsoft.com
.
Let's see if your pihole.log
has any more details on this.
On your Pi-hole machine, what's the output of:
grep -nR "vortex.data.microsoft" -A2 /var/log/pihole.log
21:Jul 31 07:06:15 dnsmasq[25406]: query[A] vortex.data.microsoft.com from 192.168.1.1
22:Jul 31 07:06:15 dnsmasq[25406]: config vortex.data.microsoft.com is 0.0.0.0
23:Jul 31 07:06:19 dnsmasq[25406]: query[A] vortex.data.microsoft.com from 192.168.1.1
24:Jul 31 07:06:19 dnsmasq[25406]: config vortex.data.microsoft.com is 0.0.0.0
25-Jul 31 07:06:26 dnsmasq[25406]: query[A] upp.itunes.apple.com from 192.168.1.1
26-Jul 31 07:06:26 dnsmasq[25406]: forwarded upp.itunes.apple.com to 8.8.4.4
--
165:Jul 31 07:10:30 dnsmasq[25406]: query[A] vortex.data.microsoft.com from 192.168.1.1
166:Jul 31 07:10:30 dnsmasq[25406]: config vortex.data.microsoft.com is 0.0.0.0
167-Jul 31 07:10:35 dnsmasq[25406]: query[A] pi.hole from 192.168.1.1
168-Jul 31 07:10:35 dnsmasq[25406]: /etc/pihole/local.list pi.hole is 192.168.1.12
--
244:Jul 31 07:13:52 dnsmasq[25406]: query[A] vortex.data.microsoft.com from 192.168.1.1
245:Jul 31 07:13:52 dnsmasq[25406]: config vortex.data.microsoft.com is 0.0.0.0
246-Jul 31 07:13:58 dnsmasq[25406]: query[A] graph.oculus.com from 192.168.1.1
247-Jul 31 07:13:58 dnsmasq[25406]: forwarded graph.oculus.com to 8.8.4.4
--
2175:Jul 31 07:42:38 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
2176:Jul 31 07:42:38 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
2177-Jul 31 07:42:45 dnsmasq[28748]: query[A] pi.hole from 192.168.1.1
2178-Jul 31 07:42:45 dnsmasq[28748]: /etc/pihole/local.list pi.hole is 192.168.1.12
--
2219:Jul 31 07:43:18 dnsmasq[28748]: query[A] web.vortex.data.microsoft.com from 192.168.1.1
2220:Jul 31 07:43:18 dnsmasq[28748]: gravity blocked web.vortex.data.microsoft.com is 0.0.0.0
2221-Jul 31 07:43:18 dnsmasq[28748]: query[A] google.com from 192.168.1.1
2222-Jul 31 07:43:18 dnsmasq[28748]: forwarded google.com to 8.8.8.8
--
2373:Jul 31 07:47:29 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
2374:Jul 31 07:47:29 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
2375-Jul 31 07:47:34 dnsmasq[28748]: query[A] configuration.ls.apple.com from 192.168.1.13
2376-Jul 31 07:47:34 dnsmasq[28748]: cached configuration.ls.apple.com is <CNAME>
--
3032:Jul 31 07:57:03 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
3033:Jul 31 07:57:03 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3034-Jul 31 07:57:11 dnsmasq[28748]: query[A] ntp.msn.com from 192.168.1.1
3035-Jul 31 07:57:11 dnsmasq[28748]: forwarded ntp.msn.com to 8.8.4.4
--
3181:Jul 31 07:57:55 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
3182:Jul 31 07:57:55 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3183-Jul 31 07:57:55 dnsmasq[28748]: reply notify.xboxlive.com is <CNAME>
3184-Jul 31 07:57:55 dnsmasq[28748]: reply notify.xboxlive.com.akadns.net is 40.65.234.15
--
3363:Jul 31 07:57:58 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
3364:Jul 31 07:57:58 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3365-Jul 31 07:57:58 dnsmasq[28748]: reply telemetry.svc.halowaypoint.com is <CNAME>
3366-Jul 31 07:57:58 dnsmasq[28748]: reply s3-telemetry-atm.trafficmanager.net is <CNAME>
--
3430:Jul 31 07:58:02 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
3431:Jul 31 07:58:02 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3432:Jul 31 07:58:05 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
3433:Jul 31 07:58:05 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3434-Jul 31 07:58:05 dnsmasq[28748]: query[A] steamcdn-a.akamaihd.net from 192.168.1.1
3435-Jul 31 07:58:05 dnsmasq[28748]: forwarded steamcdn-a.akamaihd.net to 8.8.4.4
--
3442:Jul 31 07:58:08 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
3443:Jul 31 07:58:08 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3444:Jul 31 07:58:10 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
3445:Jul 31 07:58:10 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3446:Jul 31 07:58:15 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
3447:Jul 31 07:58:15 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3448-Jul 31 07:58:18 dnsmasq[28748]: query[A] radio.itunes.apple.com from 192.168.1.1
3449-Jul 31 07:58:18 dnsmasq[28748]: cached radio.itunes.apple.com is <CNAME>
--
3466:Jul 31 07:58:19 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
3467:Jul 31 07:58:19 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3468:Jul 31 07:58:23 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
3469:Jul 31 07:58:23 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3470:Jul 31 07:58:26 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
3471:Jul 31 07:58:26 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3472-Jul 31 07:58:47 dnsmasq[28748]: query[A] leaderboards.xboxlive.com from 192.168.1.1
3473-Jul 31 07:58:47 dnsmasq[28748]: forwarded leaderboards.xboxlive.com to 8.8.4.4
--
3486:Jul 31 07:58:58 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
3487:Jul 31 07:58:58 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3488-Jul 31 07:59:08 dnsmasq[28748]: query[A] wpad.ssnc.global from 192.168.1.1
3489-Jul 31 07:59:08 dnsmasq[28748]: cached wpad.ssnc.global is NXDOMAIN
--
3622:Jul 31 08:00:02 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
3623:Jul 31 08:00:02 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3624-Jul 31 08:00:03 dnsmasq[28748]: query[A] encrypted-tbn0.gstatic.com from 192.168.1.1
3625-Jul 31 08:00:03 dnsmasq[28748]: forwarded encrypted-tbn0.gstatic.com to 8.8.4.4
--
3756:Jul 31 08:01:22 dnsmasq[28748]: query[A] web.vortex.data.microsoft.com from 192.168.1.1
3757:Jul 31 08:01:22 dnsmasq[28748]: gravity blocked web.vortex.data.microsoft.com is 0.0.0.0
3758:Jul 31 08:01:22 dnsmasq[28748]: query[A] web.vortex.data.microsoft.com from 192.168.1.1
3759:Jul 31 08:01:22 dnsmasq[28748]: gravity blocked web.vortex.data.microsoft.com is 0.0.0.0
3760-Jul 31 08:01:22 dnsmasq[28748]: query[A] google.com from 192.168.1.1
3761-Jul 31 08:01:22 dnsmasq[28748]: cached google.com is 172.217.4.238
--
3791:Jul 31 08:02:10 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
3792:Jul 31 08:02:11 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3793-Jul 31 08:02:34 dnsmasq[28748]: query[A] apple.imap.mail.yahoo.com from 192.168.1.1
3794-Jul 31 08:02:34 dnsmasq[28748]: forwarded apple.imap.mail.yahoo.com to 8.8.4.4
--
3915:Jul 31 08:02:52 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.2
3916:Jul 31 08:02:52 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
3917:Jul 31 08:02:52 dnsmasq[28748]: query[type=65479] vortex.data.microsoft.com from 192.168.1.2
3918:Jul 31 08:02:52 dnsmasq[28748]: config vortex.data.microsoft.com is NODATA
3919:Jul 31 08:02:52 dnsmasq[28748]: query[A] web.vortex.data.microsoft.com from 192.168.1.2
3920:Jul 31 08:02:52 dnsmasq[28748]: gravity blocked web.vortex.data.microsoft.com is 0.0.0.0
3921:Jul 31 08:02:52 dnsmasq[28748]: query[type=65479] web.vortex.data.microsoft.com from 192.168.1.2
3922:Jul 31 08:02:52 dnsmasq[28748]: gravity blocked web.vortex.data.microsoft.com is 0.0.0.0
3923-Jul 31 08:02:55 dnsmasq[28748]: query[type=65479] keyvalueservice-g.fe.apple-dns.net from 192.168.1.2
3924-Jul 31 08:02:55 dnsmasq[28748]: forwarded keyvalueservice-g.fe.apple-dns.net to 8.8.4.4
--
4805:Jul 31 08:06:27 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
4806:Jul 31 08:06:27 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
4807-Jul 31 08:06:29 dnsmasq[28748]: query[A] clientservices.googleapis.com from 192.168.1.1
4808-Jul 31 08:06:29 dnsmasq[28748]: forwarded clientservices.googleapis.com to 8.8.4.4
--
5196:Jul 31 08:14:59 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
5197:Jul 31 08:14:59 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
5198-Jul 31 08:15:00 dnsmasq[28748]: query[A] e12930.dscksd.akamaiedge.net from 192.168.1.13
5199-Jul 31 08:15:00 dnsmasq[28748]: forwarded e12930.dscksd.akamaiedge.net to 8.8.8.8
--
7786:Jul 31 08:51:43 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.1
7787:Jul 31 08:51:43 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
7788-Jul 31 08:51:45 dnsmasq[28748]: query[A] webmail.sscinc.com from 192.168.1.1
7789-Jul 31 08:51:45 dnsmasq[28748]: forwarded webmail.sscinc.com to 8.8.4.4
--
9491:Jul 31 09:08:50 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.3
9492:Jul 31 09:08:50 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
9493:Jul 31 09:08:51 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.3
9494:Jul 31 09:08:51 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
9495-Jul 31 09:08:57 dnsmasq[28748]: query[A] graph.oculus.com from 192.168.1.1
9496-Jul 31 09:08:57 dnsmasq[28748]: forwarded graph.oculus.com to 8.8.8.8
--
10497:Jul 31 09:13:55 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.3
10498:Jul 31 09:13:55 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
10499-Jul 31 09:13:56 dnsmasq[28748]: query[A] g.live.com from 192.168.1.3
10500-Jul 31 09:13:56 dnsmasq[28748]: forwarded g.live.com to 8.8.8.8
--
11577:Jul 31 09:20:35 dnsmasq[28748]: query[A] vortex.data.microsoft.com from 192.168.1.2
11578:Jul 31 09:20:35 dnsmasq[28748]: config vortex.data.microsoft.com is 0.0.0.0
11579-Jul 31 09:20:35 dnsmasq[28748]: query[A] people-pa.googleapis.com from 192.168.1.13
11580-Jul 31 09:20:35 dnsmasq[28748]: forwarded people-pa.googleapis.com to 8.8.4.4
--
12069:Jul 31 09:23:32 dnsmasq[2586]: query[A] vortex.data.microsoft.com from 192.168.1.1
12070:Jul 31 09:23:32 dnsmasq[2586]: config vortex.data.microsoft.com is 0.0.0.0
12071-Jul 31 09:23:35 dnsmasq[2586]: query[A] nexusrules.officeapps.live.com from 192.168.1.1
12072-Jul 31 09:23:35 dnsmasq[2586]: gravity blocked nexusrules.officeapps.live.com is 0.0.0.0
--
14012:Jul 31 09:45:52 dnsmasq[2586]: query[A] vortex.data.microsoft.com from 192.168.1.1
14013:Jul 31 09:45:52 dnsmasq[2586]: config vortex.data.microsoft.com is 0.0.0.0
14014-Jul 31 09:45:55 dnsmasq[2586]: query[A] pbs.twimg.com from 192.168.1.13
14015-Jul 31 09:45:55 dnsmasq[2586]: forwarded pbs.twimg.com to 208.67.220.220
--
14709:Jul 31 09:56:56 dnsmasq[2586]: query[A] vortex.data.microsoft.com from 192.168.1.1
14710:Jul 31 09:56:56 dnsmasq[2586]: config vortex.data.microsoft.com is 0.0.0.0
14711:Jul 31 09:56:56 dnsmasq[2586]: query[AAAA] vortex.data.microsoft.com from 192.168.1.1
14712:Jul 31 09:56:56 dnsmasq[2586]: config vortex.data.microsoft.com is ::
14713-Jul 31 09:57:06 dnsmasq[2586]: query[A] i.ytimg.com from 192.168.1.1
14714-Jul 31 09:57:06 dnsmasq[2586]: forwarded i.ytimg.com to 208.67.222.222
--
14894:Jul 31 10:01:30 dnsmasq[2586]: query[A] vortex.data.microsoft.com from 192.168.1.9
14895:Jul 31 10:01:30 dnsmasq[2586]: config vortex.data.microsoft.com is 0.0.0.0
14896:Jul 31 10:01:30 dnsmasq[2586]: query[AAAA] vortex.data.microsoft.com from 192.168.1.9
14897:Jul 31 10:01:30 dnsmasq[2586]: config vortex.data.microsoft.com is ::
14898-Jul 31 10:01:31 dnsmasq[2586]: query[A] get-maps-bx.g.aaplimg.com from 192.168.1.2
14899-Jul 31 10:01:31 dnsmasq[2586]: forwarded get-maps-bx.g.aaplimg.com to 208.67.220.220
(I see you queried that domain quite a lot lately )
That last line should read regex blacklisted
rather than config
if it was indeed a regex entry.
Let's look for stray hostname definitions next.
On your Pi-hole machine, what's the output of:
grep -nR "vortex.data.microsoft.com" /etc/pihole/*.list /etc/hosts
I was trying my best to self troubleshoot... Didn't work
Nothing. It once again just goes to the next command line.
And one last location to look at:
grep -nR "vortex.data.microsoft.com" /etc/dnsmasq.d/
Where do you run your Pi-hole on?
"grep -nR "vortex.data.microsoft.com" /etc/dnsmasq.d/"
/etc/dnsmasq.d/filter_lists.conf:35458:address=/vortex.data.microsoft.com/#
It's on a raspberry pi zero running Raspbian
That's it !
That entry is responsible for the blocking.
Have a look at that file's content for what else is blocked that way:
cat /etc/dnsmasq.d/filter_lists.conf
Go and delete the offending line or the whole file accordingly.
Also, that is not a file Pi-hole would create.
Any idea what or who put that in there?
system
Closed
41
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.