I should say at the outset that Cheezburger is all kinds of awesome, and none of this is their fault. I feel for them in that, somewhere along the line, a misbehaving operator is sabotaging their stuff.
I’ve recently built a Sheevaplug as a caching DNS server for my home network, so it was a handy place to bring up a squid proxy. I configured it in proxy-only mode, and set it as the proxy on my iPhone so that I could capture all the phone’s traffic without faffing around with router reconfiguration. A few minutes of kitten admiration later, and it happened: the Cheezburger app suddenly launched the App Store page for something called ‘Clash of Clans’ (no, it doesn’t get a hyperlink here, because this is a bloody rude thing to do).
Digging through the tcpdump output with the lovely Wireshark (which is what my final year degree project should have been… but I digress), I found that the Cheezburger app issued a request to Tictacti, which redirected to Appia, which then redirected to
Presumably hastrk2.com is an advertising network; browsing to it gives a redirect to the Google Play store, which is a pretty misleading thing to do if it’s not Google’s domain. The domain is registered to an individual in Seattle, and the IP address is in Amazon Web Services‘ range, making me think it’s not Google at all. I hear that Google has a reasonable amount of hosting capacity without relying on AWS.
Anyway… the unpleasantness happens when hastrk2.com replies with
HTTP/1.0 302 Moved Temporarily
Well that’s not very friendly. itms-appss is a URL scheme that jumps to the App Store, and when the running app tries to open it, iOS faithfully jumps to that app’s page (as if you’d buy it after that nasty experience). Interestingly, searching for itms-appss documentation gives some Apple documentation pages, but none of them refer to that scheme any more, so I don’t think it’s meant to be used in this way.
There are of course many ways to block this sort of horribleness—a nice Privoxy rule comes to mind—but these squid directives did it for me:
acl appstore_jumpers dstdomain .hastrk2.com
http_access deny appstore_jumpers
Online advertising pays for some wonderful things, but being cretinous just makes people hate your customers. At worst, people suspect a fault and end up in an Apple Store looking confused. So, to those responsible for this crap, I say: Get it right up you, scumbags.