Normalize
Protocols, paths, query strings, and letter case are removed. Internationalized names are converted to Punycode, and only a syntactically valid hostname is queried.
Methodology · version 2
The report preserves the measurement window, sample size, source type, protocol pattern, and uncertainty behind every answer.
The browser sends one normalized domain and a 7, 30, or 90 day window to our Cloudflare Worker. The Worker queries sources server-side and returns one bounded report.
Protocols, paths, query strings, and letter case are removed. Internationalized names are converted to Punycode, and only a syntactically valid hostname is queried.
OONI Web Connectivity aggregation is grouped by probe country. The report retains measurement counts and DNS, TCP, and TLS fields.
Voidly's aggregated regional API is checked for China, Russia, Iran, and Türkiye. GreatFire is a link-only China reference.
The response shows each source separately. Aggregators that may reuse OONI are disclosed instead of presented as independent votes.
The headline, explorer, country, incident, and feed surfaces read one scheduled, versioned snapshot. Opening those pages never starts source fan-out.
A bounded watchlist is measured by the scheduled scanner. Each run records its start, finish, successes, failures, and evidence window.
Headline incidents require repeated confirmation and a publishable sample. Pending, stale, and failed rows never become attention-grabbing claims.
The overview, rankings, incident collection, and Atom/JSON feeds use the same cached state and stable incident identifiers.
Headlines lead with the finding. Provider names, shared inputs, license constraints, and source limitations remain in evidence details and the source ledger.
We avoid a binary claim because both positive signals and missing data need interpretation.
At least one OONI country crossed a 0.50 blocking score or an available regional cross-check reported a restriction. The report still shows sample size and provenance.
There was usable recent evidence, but no country or supplemental source crossed the restriction rule. This does not prove universal access.
No source returned enough usable data to support either state. Upstream failure is also never silently converted into “clear.”
Different networks, dates, methods, and source inputs can disagree. The interface flags that instead of averaging the conflict away.
Bounded caching protects upstream measurement services and keeps common reports responsive.
Successful public API responses can be served from the Cloudflare edge for up to six hours. The report shows when its evidence was checked and whether it came from the hot-domain cache.
A small configured watchlist can be refreshed into KV for up to 24 hours. Live and failure-detail requests neither read nor write that stored result.
/api/v1/overview, country detail, incidents, and public feeds are KV-only reads. They expose generated and scan timestamps so clients can reject stale data.
Normal lookups, uncached detail requests, and actual upstream fan-out have separate limits. A rejected request returns 429 with a one-minute retry window before any evidence source is called.
Use the report as evidence for investigation, not as legal attribution or proof of nationwide policy.