I only noticed this page as a fake because of the language being wrong. And using Chrome, accessing the same page results in a convincingly looking Chrome error page. I’d expect some malicious activity here, but there doesn’t seem to be any scripts whatsoever.
@WPalant very odd.
@WPalant it even redirects from https to http! i guess they don't want you to see the lock icon, which only appears after a connection has been established?
@leip4Ier That’s weird. I noticed plain HTTP but didn’t realize it was redirecting…
@WPalant Firefox is doing strange things nowadays, for example a few days ago (without config change) it tried to resolve DNS through other services than my local dnsmasq. I wonder what is going on...
@six Maybe DNS over HTTPS enabled? I think they are still running it as an experiment, enabling it only for some users. Not sure though, haven’t been following the development here.
@WPalant That might be a possibility, but in this case Mozilla did not give a notification about that. I should keep more traff dumps for such investigations.
A Mastodon instance for info/cyber security-minded people.