pramod.io blocked intermittently

[pixyj]

https://pramod.io is blocked intermittently. It uses Flexible SSL by Cloudflare and the site is hosted on Google App Engine

Looks as though the issue is similar to #2

Here's the log

➜  ~ curl -vvv https://pramod.io
*   Trying 104.21.46.98...
* TCP_NODELAY set
* Connected to pramod.io (104.21.46.98) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-CHACHA20-POLY1305
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=sni.cloudflaressl.com
*  start date: Jul  6 00:00:00 2021 GMT
*  expire date: Jul  5 23:59:59 2022 GMT
*  subjectAltName: host "pramod.io" matched cert's "pramod.io"
*  issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fe84a80b000)
> GET / HTTP/2
> Host: pramod.io
> User-Agent: curl/7.64.1
> Accept: */*
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 200
< date: Mon, 10 Jan 2022 15:47:54 GMT
< content-type: text/html
< pragma: no-cache
< cache-control: no-cache
< cf-cache-status: DYNAMIC
< expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czqWJfM8RpOL57j%2BcPH9p2%2FlH6ni1TTEHiHdXa%2Bxq%2FRlqJB%2B%2FieWk6D%2Bb0g%2FnqGOXjnL1rEFb2Mn3YSsNRXC%2BDjspgTX21Shhxlh%2FgzvqV2Re20aO2wRlVMvLnE%3D"}],"group":"cf-nel","max_age":604800}
< nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
< server: cloudflare
< cf-ray: 6cb70be94b411da1-BLR
< alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
<
* Connection #0 to host pramod.io left intact
<meta name="viewport" content="width=device-width,initial-scale=1.0,maximum-scale=1.0"/><style>body{margin:0px;padding:0px;}iframe{width:100%;height:100%}</style><iframe src="https://www.airtel.in/court-orders/ " width="100%" height="100%" frameborder=0></iframe>* Closing connection 0

[captn3m0]

This is the first report I've seen about GAE, so this is super interesting, thanks for noting this.

Will add to the README.

[captn3m0]

Diff: 3e5ec73

[captn3m0]

You should switch to Strict SSL if you can meanwhile.

[pixyj]

Thanks, I'll do that!

[captn3m0]

The HTML is actually different though. Every other block uses https://www.airtel.in/dot/, while your site shows https://www.airtel.in/court-orders/.

Makes me wonder if there's a legit court order something else that's different in your case.

[pixyj]

I embedded a Streamable video on the home page to demo an app back in 2017. But I haven't hosted any illegal content. I haven't modified the site since then and didn't switch to another video host after Streamable was blocked in India.

I noticed the issue for the first time 3 months ago, but haven't gotten a chance to debug the issue.

I wonder if some company scraped the web and asked the Indian Govt to block all sites that embed Streamable content?

[Mateo02Andres]

10/10