[slyall]

They managed to break https://www.spacejam.com/ though. It redirects to https://www.spacejamanewlegacy.net/ which has a bad cert and then goes into a redirect loop.

So broken after just 4 years

[genewitch]

Hey give Disney a break they're a small company with only a few employees. Maybe tbe certifier is on vacation.

[backspace_]

Looney toons is a Warner Brothers property, not Disney.

[genewitch]

I wasn't thinking. you are of course correct. My brain conflated because both are based in burbank. yeah, that's what i am going with.

[Thorrez]

Hmm, I didn't get a redirect https://www.spacejamanewlegacy.net/

[a57721]

http://www.spacejamanewlegacy.net/ responds with "HTTP 301, Location: https://www.spacejam.com/"

[Thorrez]

Sorry, my previous comment omitted a word. I meant to say "I didn't get a redirect to https://www.spacejamanewlegacy.net/ ".

slyall claimed to be redirected to https://www.spacejamanewlegacy.net/ .

[shakna]

I got the loop in both desktop Chrome and Firefox, as well as Android Chrome, Brave and Firefox (though these timed out after a few loops, unlike the desktop).

Were you maybe on Safari/iOS?

[Thorrez]

I visited https://www.spacejam.com/ with Chrome on Windows, Firefox on Windows, and Chrome on Android. It didn't redirect for any of them.

[shakna]

The loop most definitely exists. It's rather odd you're not seeing it. Everything I can use to talk to the server gets the 301/302 redirects.

Using yet another machine and curl:

    curl -vvv --insecure https://spacejam.com
     < HTTP/2 301 
     < date: Fri, 16 May 2025 10:45:08 GMT
     < content-type: text/html; charset=iso-8859-1
     < content-length: 233
     < location: https://www.spacejam.com/
     < server: nginx
     < cache-control: max-age=600
     < expires: Fri, 16 May 2025 10:51:34 GMT
     < 
     <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
     <html><head>
     <title>301 Moved Permanently</title>
     </head><body>
     <h1>Moved Permanently</h1>
     <p>The document has moved <a href="https://www.spacejam.com/">here</a>.</p>
     </body></html>
     ...
     \* Connection #0 to host www.spacejamanewlegacy.net left intact

    curl -vvv --insecure www.spacejamanewlegacy.net
     < HTTP/1.1 302 Found
     < Date: Fri, 16 May 2025 10:46:53 GMT
     < Server: Apache/2.4.62 () OpenSSL/1.0.2k-fips
     < X-Powered-By: PHP/8.0.30
     < Strict-Transport-Security: max-age=15768000
     < Upgrade: h2,h2c
     < Connection: Upgrade
     < Location: https://www.spacejamanewlegacy.net/
     < Transfer-Encoding: chunked
     < Content-Type: text/html; charset=UTF-8
     \* Connection #0 to host www.spacejam.com left intact

[Thorrez]

Your request to https://spacejam.com is redirected to https://www.spacejam.com/ .

Your request to http://www.spacejamanewlegacy.net is redirected to https://www.spacejamanewlegacy.net/ .

You never tried making a request to https://www.spacejam.com/ .

Go to https://reqbin.com/ and enter https://spacejam.com . It gives 1 redirect (to https://www.spacejam.com/ ) then HTML.

[shakna]

I think you missed which servers are connected at the end of which request, there.

Reqbin receives an upgrade request to HTTP2, that it never follows.