Replace TCP DNS ISP block detection with Globalping SNI block detection

Korean ISPs use SNI-based DPI (not DNS hijacking) to block sites. TCP DNS queries to ISP servers from Cloudflare Workers returned real IPs even for blocked domains. Now uses Globalping eyeball probes (KT, LG U+) to detect ECONNRESET on HTTPS — the signature of SNI-based blocking. Verified: pornhub.com correctly detected as blocked by Korea Telecom. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-12 08:45:07 +09:00
parent 8120c42951
commit 8eb89da6c0
3 changed files with 72 additions and 241 deletions
--- a/src/types.ts
+++ b/src/types.ts
@@ -464,13 +464,37 @@ export interface TcpCheckResult {
  error?: string;
 }

+export interface GlobalpingProbeResult {
+  city: string;
+  network: string;
+  asn: number;
+  isEyeball?: boolean;
+  blocked?: boolean;
+  blockReason?: string;
+  ping?: {
+    min: number;
+    avg: number;
+    max: number;
+    loss: number;
+  };
+  http?: {
+    statusCode: number;
+    totalMs: number;
+    dnsMs: number;
+    tcpMs: number;
+    tlsMs: number;
+    firstByteMs: number;
+  };
+  error?: string;
+}
+
 export interface NetworkDiagnosticReport {
  domain: string;
  timestamp: string;
  dns: DnsResolverResult[];
-  ispBlocking: IspDnsBlockResult[];
  http: HttpCheckResult[];
  tcp: TcpCheckResult[];
+  koreaProbes: GlobalpingProbeResult[];
  summary: string[];
 }