hellais
commented
4 years ago This is not caused by censorship, but is rather that the domain has gotten squatted.
Closed anadahz closed 4 years ago
hellais
commented
4 years ago This is not caused by censorship, but is rather that the domain has gotten squatted.
anadahz
commented
4 years ago Isn't this ISP dependent? IIUC the control measurement is not presenting the same URL.
hellais
commented
4 years ago Yeah it's probably dependent on the origin IP, but it's most likely server-side, not implemented by the ISP.
When I access that site from my network (Vodafone italia), I also get on some weird redirect chain which leads to some spammy/malwary websites. It's very common for popular domains to get squatted and then to put on it some malware or ads.
A potential malware page located in Italy.
I have the impression that this malware was only available for Windows variants, however this measurement indicates its presence in iOS (
ooniprobe-ios), maybe tethering? Perhaps an interesting case @bassosimone ?Example measurement: https://explorer.ooni.io/measurement/20190116T180550Z_AS49367_IofqhUpheFl2VhDSutIgRrbIaFz1rh4SWPifn3OxK4njvW1wDq?input=http:%2F%2Ffilm-stream.org%2F