[Bug]: Constant errors when logging in or playing, Airsonic tries to access dnsscan.shadowserver.org?

[DutchComputerKid]

What happened?

Since the UI update Airsonic has been throwing errors every time someone is listening or logging in.
ERROR --- o.a.p.s.LoggingExceptionResolver : 127.0.0.1: An exception occurred while loading http://[my ip here]/error?name=dnsscan.shadowserver.org&type=A
Then failing that it tries to show the user the error page but cant due to not using the subdomain, and it continues:
ERROR --- o.a.p.s.LoggingExceptionResolver : 127.0.0.1: An exception occurred while loading http://[my ip here]/error?dns=x38BAAABAAAAAAAABmdvb2dsZQN2dsZQNjb20AAAEAAQ

And these calls are using a direct IP, not a domain URL, which Airsonic does know since it even mentions it a couple lines up with closed connections.
Is this some anti-bot thing, telemetry or misconfiguration? I have no idea.

Steps to reproduce

1. Try to log in or/and play a couple songs.
2. This pops up in the logs or fills the entire box in the about page. (Edit, or, not when trying to reproduce, adding more confusion)
   (also, the about page says Terms of use, might want to look at that.

Version

11.1.x (Edge)

Version Detail

11.1.4-SNAPSHOT.20240228232921

Operating System

Debian 12

Java Version

OpenJDK Runtime Environment (build 17.0.10+7-Debian-1deb12u1)

Database

Other

DB Detail

Built In

Configuration paramter

JWTKey=
SettingsChanged=
EncryptionKeyPassword=
EncryptionKeySalt=
IndexCreationInterval=1
IndexCreationHour=3
FastCacheEnabled=false
OrganizeByFolderStructure=true
UploadsFolder=/mnt/media/Normal/Incoming
ExcludePattern=
IgnoreSymLinks=false
EnableCueIndexing=false
HideIndexedFiles=false
GettingStartedEnabled=false
IndexString=A B C D E F G H I J K L M N O P Q R S T U V W X-Z(XYZ)
IgnoredArticles=The El La Los Las Le Les
GenreSeparators=; , / &
Shortcuts=New Incoming Podcast
PlaylistFolder=/var/playlists
MusicFileTypes=mp3 ogg oga aac m4a m4b flac wav wma aif aiff ape mpc shn mka opus alm 669 mdl far xm mod fnk imf it liq wow mtm ptm rtm stm s3m ult dmf dbm med okt emod sfx m15 mtn a>VideoFileTypes=flv avi mpg mpeg mp4 m4v mkv mov wmv ogv divx m2ts webm
CoverArtFileTypes2=cover.jpg cover.png cover.gif folder.jpg jpg jpeg gif png
CoverArtSource=FILETAG
CoverArtConcurrency=4
CoverArtQuality=100
SortAlbumsByYear=true
WelcomeTitle=
WelcomeSubtitle=
WelcomeMessage2=
LoginMessage=
server.servlet.session.timeout=60m
Theme=slick
LocaleLanguage=en
LocaleCountry=
LocaleVariant=
DownloadBitrateLimit=0
UploadBitrateLimit=0
LdapEnabled=false
LdapUrl=ldap://host.domain.com:389/cn=Users,dc=domain,dc=com
LdapSearchFilter=(sAMAccountName={0})
LdapManagerDn=
LdapAutoShadowing=false
SmtpServer=
SmtpEncryption=STARTTLS
SmtpPort=587
SmtpUser=
SmtpFrom=
SmtpPassword=
CaptchaEnabled=false
ReCaptchaSiteKey=
SplitOptions=-ss %o -t %d
SplitCommand=ffmpeg %S -i %s -vcodec copy -acodec copy -f %f -
DownsamplingCommand4=ffmpeg %S -i %s -map 0:0 -b:a %bk -v 0 -f mp3 -
HlsCommand4=ffmpeg -ss %o -i %s -s %wx%h -async 1 -c:v libx264 -flags +cgop -b:v %vk -maxrate %bk -preset superfast -copyts -b:a %rk -bufsize 256k -map 0:0 -map 0:%i -ac 2 -ar 44100 >JukeboxCommand2=ffmpeg -ss %o -i %s -map 0:0 -v 0 -ar 44100 -ac 2 -f s16be -
VideoImageCommand=ffmpeg -r 1 -ss %o -t 1 -i %s -s %wx%h -v 0 -f mjpeg -
SubtitlesExtractionCommand=ffmpeg -i %s -map 0:%i -f %f -
TranscodeEstimateTimePadding=2000
TranscodeEstimateBytePadding=0
PodcastUpdateInterval=168
PodcastEpisodeRetentionCount=-1
PodcastEpisodeDownloadCount=-1
FullScan=false
ClearFullScanSettingAfterScan=false
spring.liquibase.parameters.mysqlVarcharLimit=384
DbBackupUpdateInterval=168                                                                                                                                                             DbBackupRetentionCount=3
spring.servlet.multipart.max-file-size=2048MB
spring.servlet.multipart.max-request-size=2048MB

Proxy Server

NGINX

client detail

Not browser dependant

language

English

Relevant log output

No response

[kagemomiji]

@DutchComputerKid

Based on this log, it looks like parameters for DNS queries over HTTP(s) are being passed. Since Firefox has a feature for DNS-over-HTTPS, it's possible that this feature could be causing the issue, although I couldn't reproduce it in my environment using Firefox.
Alternatively, it might be an attempt to exploit a DNS amplification attack from external sources, but it's unclear since the path is "/error". Normally, this path requires authentication to access.
Referencing nginx logs might provide more details. Please check them.

There's a possibility that misconfigurations in nginx's reverse proxy settings or Airsonic's startup options could be preventing the correct logging of the request origin IP address and accessed URL.
Could you provide your Airsonic startup options (/etc/systemd/system/airsonic.service configuration or Docker settings) and nginx configuration? This would be helpful for troubleshooting and attempting to reproduce the issue.

[DutchComputerKid]

Ah yes that could make sense, DNS-over-HTTP failures. I tried accesing that domain but it just does not connect to anything.
Been waiting all day for the error to pop up, but the main IP logging says nothing on NGINX, will log airsonic's own subdomain access as well, see if that comes up with anything. But anyways:

airsonic.service:

[Unit]
Description=Airsonic Media Server
After=remote-fs.target network.target
AssertPathExists=/var/airsonic

[Service]
Type=simple
Environment="JAVA_JAR=/var/airsonic/airsonic.war"
Environment="JAVA_OPTS=-Xmx4096m"
Environment="AIRSONIC_HOME=/var/airsonic"
Environment="PORT=4534"
Environment="CONTEXT_PATH="
Environment="JAVA_ARGS=-Dserver.forward-headers-strategy=native"
EnvironmentFile=-/etc/default/airsonic
ExecStart=/usr/bin/java \
          $JAVA_OPTS \
          -Dairsonic.home=${AIRSONIC_HOME} \
          -Dserver.servlet.contextPath=${CONTEXT_PATH} \
          -Dserver.port=${PORT} \
          -jar ${JAVA_JAR} $JAVA_ARGS
User=airsonic
Group=music

[Install]
WantedBy=multi-user.target

And the NGINX proxy, cut down a bit due to the comments:

server {
        listen 80;
        listen [::]:80;

        root /var/www/html;

        # Add index.php to the list if you are using PHP
        #index default.html;

        server_name airsonic.unitedandco.net;
        return 301 https://$host$request_uri;

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #       deny all;
        #}
}

server {
    #listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/airsonic.unitedandco.net/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/airsonic.unitedandco.net/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

        root /var/www/html;

        # Add index.php to the list if you are using PHP
        index default.html;
        server_name airsonic.unitedandco.net; # managed by Certbot

        #location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
        #       try_files $uri $uri/ =404;
        #}

        location / {
         #Disallowance
         location = /robots.txt {
               add_header Content-Type text/plain;
               return 200 "User-agent: *\nDisallow: /\n";
         }
         #Logo Edit
         #location '/seasonic.svg' {
         #     #default_type "text/plain";
         #root /var/www/sonicinjects/;

         #Payload too large
         client_max_body_size 2048M;
         #Proxy
         proxy_set_header X-Frame-Options 'ALLOW-FROM https://airsonic.unitedandco.net';
         add_header X-Frame-Options SAMEORIGIN;
         proxy_set_header Upgrade           $http_upgrade;
         proxy_set_header Connection        "Upgrade";
         proxy_http_version 1.1;
         proxy_set_header X-Real-IP         $remote_addr;
         proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto https;
         proxy_set_header X-Forwarded-Host  $host;
         proxy_set_header X-Forwarded-Port  $server_port;
         proxy_set_header Host              $host;
         proxy_max_temp_file_size           0;
         proxy_pass                         http://127.0.0.1:4534/;
         proxy_redirect                     http:// https://;
         proxy_buffering off;
         proxy_request_buffering off;

         #client_max_body_size 0;

         #access_log      /var/log/nginx/airsonic_access.log;
         #error_log       /var/log/nginx/airsonic_error.log;
         access_log      off;


         # deny access to .htaccess files, if Apache's document root
         # concurs with nginx's one
         #
         #location ~ /\.ht {
         #      deny all;
         #}
        }
}

[thewriteway]

Are you still encountering this error on the latest build?