A small reminder of Legitimate URLs for my content

I've had some reports come in of my site not loading correctly  via an onion (tor) address.

Upon further inspection, it's not actually an address operated by me, but is someone trying to ride on the back of my content to extract ad revenue. For avoidance of doubt 6zdgqjwwmjiphye3.onion is not legitimate.

 

 

That address is identifiable because

  • most of the page resources fail to load
  • They've injected an obtrusive ad at the bottom of the page

It also loads much more slowly than the genuine onion, because they appear to be proxying through to the genuine onion rather than acting as an exit and hitting the clearnet site.

The static content fails to load because they've attempted to inject a HTML meta tag into Javascript resources (they also do it to CSS, go figure)

<!-- <meta http-equiv="refresh"content="0; url=http://uujpz6aszhnrxyix.onion/"> -->

The domain referenced there claims to sell phished bank and paypal accounts... definitely not something I'm going to be pushing

I've dropped some additional defences in place which mean that if you do land on the wrong Onion address, you should get redirected to the correct one.

 

Legitimate Addresses

However, for reference, the legitimate addresses are

Anything else is not genuine.

If you're using Tor Browser Bundle (or some other Firefox based browser) then you can safely just hit the clearnet URLs. All content on my CDN uses Alt-Svc headers to serve content over Tor where possible, so while you may see www.bentasker.co.uk in the address bar, the underlying connection itself may in fact be Torified

 

 
 Share