[ooni-dev] Ooniprobe in Latvia

Aleksejs Popovs popoffka at gmail.com
Thu Jan 8 20:47:57 UTC 2015

On 8 January 2015 at 16:46, Aaron Gibson <aagbsn at extc.org> wrote:
> Do they MITM connections to any cloud providers such as Amazon,
> CloudFlare, Google, etc?

I have just parsed the official list of blocked domains
(http://www.iaui.gov.lv/images/Blokesana/Block_domain.pdf ->
https://popovs.lv/crap/ooni/domains.txt) and resolved them and checked
the ASs of their IPs (also comparing the reports from my network with
reports from a host in Croatia: I didn't see any differences in IPs
that weren't due to multiple A DNS records, although it's important to
note I'm using Google Public DNS instead of Lattelecom DNS)
(https://popovs.lv/crap/ooni/domains_resolved.txt). There are a bunch
of websites hosted/proxied by Cloudflare and Amazon (AS13335 and
AS16509, respectively), I took a random one: lucky31.com, hosted on by Cloudflare.
http://www.tcpiputils.com/browse/ip-address/ told me
that unitedcostumes.com.au was also hosted on that IP.
unitedcostumes.com.au is available to me over HTTP, and seems to not
have any gambling-related content. Accessing it over HTTPS, however,
is impossible from the Lattelecom network, because the TLS connection
times out, in exactly the same manner as I previously observed while
attempting to query blocked HTTPS servers while requesting a
non-blocked server name. Also, I was able to access
unitedcostumes.com.au via HTTPS through Tor. To conclude, this is a
real case of a non gambling-related page being blocked, although
almost definitely by accident. I will notify Lattelecom about this.

Thank you for your suggestion to check this.

Best regards,
Aleksejs Popovs

More information about the ooni-dev mailing list