there was a link on a well known german website for discounts/info on discounted products and I clicked on one of the links from the deal description while being in Tor browser
- link I clicked on → can’t share this apparently or forum mods just let my post disappear even without a comment on why
- deal-link with all the information about the discounted SSD → can’t share this apparently or forum mods just let my post disappear even without a comment on why
…but then I got redirected to INTERPOL | The International Criminal Police Organization with this stating on the website:
You don’t have permission to access “http://www.interpol.int/failover/failover-waf.html?” on this server.
Reference #18.ba91dd58.1701105265.43e7cb8b "
So any idea why I got redirected to Interpol lol?
The deal/discounted product from the website was “SK hynix Platinum P41 2TB PCIe NVMe Gen4 M.2 2280 Internal SSD” and it was discounted on Amazon (maybe only german version of Amazon)…Interpol now selling discounted SSDs on Amazon lol? Or did I get a Tor exit node from Interpol?
Maybe there is a normal explanation for this, but this is kinda really strange…
I guess it’s theoratically possible that the guy who made the post about the discounted ssd on “link I can’t share or my post will just disappear even without a comment on why” just made a mistake and linked the wrong site, because he/she was researching something on the Interpol website on a another tab and just copied the wrong link in the deal post?..I dont know…
Why would someone who makes posts on a website for discounts on products mistakenly link the Interpol website? And exactly (probably) the one guy using the website with the Tor browser gets that mistake?
Again theoratically possible, but how are the chances?
Btw I tried the link like 8 times in different tabs and it was always the same. Only like 5-10 minutes later when I changed my Identity with “New Identity” in Tor browser the link was correctly redirecting me to the website it should have been instead of the Interpol website.
Am I too paranoid lol or is there a good explanation for this?
Im on Ubuntu 22.04.03 with Tor browser version 13.0.5. This problem was just some hours ago (Edit: now that I’m doing this again, because moderators apparently just delete your post without even a comment on why or a chance to edit it…and this post is almost a 1 to 1 copy from the first try to post…it’s now about two days later).
One reason I can think of is geo-location blocking on certain phishing sites which send you to a random URL and that URL cannot be accessed via Tor (not saying your link was to a phishing site but am thinking it).
One site I can think of which is not accessible via Tor is the IRS service of the US government. Interpol is another. There are more.
Well the company behind only this one website I was on has about 40-50 employees if I remember correctly (they have also similar websites in a few other european countries). But not all of them are working full time. Counting all their websites, this company has about 200-300 employees.
What I want to say with this information is: It is not just one or two random dudes collecting information about discounted products on their amateur website. It’s more or less a professional business and website. So I would not categorize the website I was on as a phishing site. But of course everybody can post deals/discounts on their website, not only the employees.
Also I was browsing this website like almost 2 years (not daily of course) with TOR browser and never had something like this. Actually never had something like this on any website.
Don’t know why I did not think of it before. No need to program.
Whether Linux or Windows you can use wget on the command line:
wget -U “Mozilla/5.0” YOUR-URL-HERE
Then look at the output for redirections
Everybody is the magic word.
I am not saying the site you were on -where the person was posting a discount link- is a phishing site. The link destination URL probably was or may have been compromised.
Or did I read your post wrong?
What you need is a site which just returns the actual content of the request but does not follow redirections of any kind. I know of 2 but will not post here since it will lead to abuse of course. If you know how to program then you can do it. If not then you must know someone who can.
Have no idea if you are on a telephone or a computer. When you hover on a link it should show the URL underneath.
I know what the destination URL should have been. It was a ssd test site, where a more or less random guy apparently tests all SSDs for their speed in read and write. Even if that destination URL was compromised…why a redirection to the Interpol website? I don’t think that someone would have any luck with phishing on the Interpol website, and btw the REAL Interpol website.
Doesn’t make any sense.
I was wrong about wget on the command line in Windows. It is not part of Windows. I have had it so long on my systems that I thought it was.
You need to download it and it does not work with Tor.
It’s too bad they won’t let you post that page where you say Everybody can post a link. I could then see for myself what is going on instead of imagining a scenario and try to explain it out.
Let me explain my imaginary scenario:
This site, where employees or anyone can post a review of an SSD and give a link.
The link says ThisFineReview but that is what you see in underlined blue but when clicked it redirects to ThisRandomSite or some URLshortener which redirects to ThisPhishingSite or ThisCompromisedSite.
The final destination tests the IP. For one reason or other it does not want to show you the phish and redirects you to Interpol or CNN or BBC or anything else. Usually Google.
The goal of the phish is to get you to buy this incredible deal and get your credit card info. Of course you never receive the SSD. You just got got.
I did not notice before but you are on Linux so my wget example will work but not through Tor.
For that you could use curl:
With Tor started issue this on the command line: curl --proxy socks5h://127.0.0.1:9150 yourURLhere
I guess I will unfortunately never find out…but I will say this: It could have redirected me to Google like you said or something similar…but it redirected me to the Interpol website as a Tor browser user?
Not impossible, but I think highly unlikely that this incident was just a random mistake by someone.
To freak you out. It worked. Are there black SUVs buzzing around?