 |
Post AtKAQP7sIBEZ3svTlo by [email protected] |
 |
More posts by [email protected] |
|
Post #AtG4uHxM8XJ59i27Ae by [email protected] |
|
0 likes, 3 repeats |
|
|
|
The web is broken, IMHOSo there is a (IMHO) shady market out there that gives a… |
|
|
|
Post #AtG4uI59fXXrXtgLKK by [email protected] |
|
0 likes, 1 repeats |
|
|
|
What these companies then sell to *their* customers is network access through t… |
|
|
|
Post #AtG4uJEPOcXd6t1FOC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Now, again, this company is just one of many selling similar services. And they… |
|
|
|
Post #AtG4uJkfSgLUiw70fg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
But this explains the explosion of bot traffic that really cripples a lot of sm… |
|
|
|
Post #AtG4uKILRTHgPNruAC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
I already blogged about this at https://jan.wildeboer.net/2025/02/Blocking-Stea… |
|
|
|
Post #AtG4uKtvBlLGHvRujY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Addendum: Trend Micro did some research on these companies back in 2023 and it … |
|
|
|
Post #AtG4uLNhP3A3mHNh9E by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Addendum 2: If you want to feel really dirty, go to https://proxyway.com/review… |
|
|
|
Post #AtG4uLrpb1GRHjTl7A by [email protected] |
|
0 likes, 0 repeats |
|
|
|
If you've made it to this final post of this thread — thank you for your … |
|
|
|
Post #AtG4uMLFpcnekzFFya by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Done: This thread is now a blog post at https://jan.wildeboer.net/2025/04/Web-i… |
|
|
|
Post #AtHS7gHJVndISOgPOS by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@jwildeboer Are there known C2 servers we could put into pi-hole? |
|
|
|
Post #AtJTxRMkgmPFXIOK0m by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Just as an example. In the past 24 hours I had "visitors" from 47 cou… |
|
|
|
Post #AtJTxRVc9pUlymXOpE by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@jwildeboer just found out today about Infatica's SDK. At a loss how to vet… |
|
|
|
Post #AtJZO36jUMBHtDPDWa by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@jwildeboer @janl related work: https://ieeexplore.ieee.org/document/8835239 |
|
|
|
Post #AtKA1NbIpIbP5il4AS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@[email protected] So is this a bot net that has been legitimized… |
|
|
|
Post #AtKA1NjoJfPLW6jrQe by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@lyrial @jwildeboer They approached me earlier this year (and have since been g… |
|
|
|
Post #AtKA1NtNk541znDVLc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@foosel I wonder, do you have those lines of TOS they suggest? I assume many de… |
|
|
|
Post #AtKA1O0TJijeLmXAOm by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@zombiecide @lyrial @jwildeboer They didn't suggest specific lines sadly, a… |
|
|
|
Post #AtKA40xbSWIBk5Rg3c by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer Oh my ... For me, that's just another good reason to avoid prop… |
|
|
|
Post #AtKA4HywAoScX9CTzs by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer not sure it is listed on it but a tool such as @exodus may be able … |
|
|
|
Post #AtKA5ynuRn1pdLqesy by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@[email protected] @[email protected] So how is this not a bigg… |
|
|
|
Post #AtKA5yuI448Hx8pkpc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@lyrial I am also wondering about that, TBH (To Be Honest). I do hope that some… |
|
|
|
Post #AtKA6EHAvGLpcSek5I by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboerWhat are we looking at here, if I may ask? Is that some kind of IDS … |
|
|
|
Post #AtKA6EMqaAt7u3JGvQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@yala That's just a csv file I've opened in Apple Numbers :) The csv fi… |
|
|
|
Post #AtKA7AWQMj0mGYEjuC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer I see some providers listed there that I used to scrape Google serv… |
|
|
|
Post #AtKA7Aevr5oigwDXAO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@dusoftcan you share your URL of the website that provided you the name of the … |
|
|
|
Post #AtKAB4c8GzMz6KliOu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@lyrial That's one way to see it. Not one I would subscribe to, though. Yes… |
|
|
|
Post #AtKACK7g65M5UT7UlE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer96 degrees in the shade |
|
|
|
Post #AtKAEP3uhhzfO9LoIq by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@xdej @jwildeboer You mean BrightData scraping? |
|
|
|
Post #AtKAEenqBEdyCvxCTI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@foosel @lyrial @jwildeboer Did they prescribe the text to be added to TOS, or … |
|
|
|
Post #AtKAEeuZmC20Xp6ZyC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@cwicseolfor See https://chaos.social/@foosel/114360318492193700 Of course the… |
|
|
|
Post #AtKAFZYDC10iCy51Wa by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboerI see ^_^ Thanks.There's some auto-grouping, pivot table thing g… |
|
|
|
Post #AtKAFZdsqvY0UYjYMi by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@yala Hahaha, no. Much simpler. I simply made column CC a category and sorted b… |
|
|
|
Post #AtKAFZkcRsw2pRsvrc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboerWe don't have such slick stuff on Linux. 🙃 |
|
|
|
Post #AtKAFZqI6nTL72XShk by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@yala Sure we have! LibreOffice can do the same, no problem. |
|
|
|
Post #AtKAHl8N679KiD2J84 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@dusoft I had to make my forgejo instance non-public, as 95% of the traffic tha… |
|
|
|
Post #AtKAIxKJFefUofBt0i by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer I am still amused by the number of IP addresses from Australia. Per… |
|
|
|
Post #AtKAJeJlPYmW9QGYd6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer Yep, the longer I use the internet, the more I seem to segregate my… |
|
|
|
Post #AtKALkrG48ol0ww8sy by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer It's a big problem. I run some serious infrastructure (6 really… |
|
|
|
Post #AtKAQ4eQPxnFYkzg5g by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@foosel @lyrial @jwildeboer in all earnesty, it feels highly inappropriate to s… |
|
|
|
Post #AtKAQ4lA0vBHte93aa by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@[email protected] @[email protected] @[email protected]… |
|
|
|
Post #AtKAQBOjKiOkU6hk6C by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer is there a way to block this traffic on the router level? I'm p… |
|
|
|
Post #AtKAQJ0Z2Roy5TSYXg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboerI did some of my own research on this topic but due to various reaso… |
|
|
|
Post #AtKAQP7sIBEZ3svTlo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer You inspired me to check my own webserver logs (~3 months of logs) … |
|
|
|
Post #AtKATWUZMV44mA1pRI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer je zou er bang van worden om je eigen mail of webserver op te zette… |
|
|
|
Post #AtKATWawymAX5x0vNw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@vank Yes, that's what many people and companies want you to feel. I don… |
|
|
|
Post #AtKAWYzwV7rnPu9XRQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer what does that traffic look like on the home LAN? I ask because I&#… |
|
|
|
Post #AtKAWZ7k286Zo5nlb6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@ktneely Most of the time it looks like legit traffic, browsing web pages etc. … |
|
|
|
Post #AtKAWZETd5Uc8yx960 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer that makes a lot of sense, and I figured it was something like that… |
|
|
|
Post #AtKAaOpCGcgd1UxJjc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboerI need to deal with some of this garbage (though not this particular… |
|
|
|
Post #AtKAbiYMP1wSV1i1sO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer If that's how the AI bots get their seemingly infinite amount o… |
|
|
|
Post #AtKAdVQkAEnsNY00um by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer @lyrial yeah... I thought long and hard about trying to get some at… |
|
|
|
Post #AtKAif0E0BjHVy3M0W by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer I am saying there are other use cases than the only one identified … |
|
|
|
Post #AtKAl4cfia15YMBf7Y by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboerIt's weird how close the name Infatica sounds to Infected. |
|
|
|
Post #AtKAmvQEtdP1b6FrCy by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Holy shit. I'd like to say I'm surprised but... only sorta?This sort of… |
|
|
|
Post #AtKAn7jT7xulmDLNqa by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer these should be picked up by #exodus #exodusprivacy and hopefully #… |
|
|
|
Post #AtKApxcpA7AxIZaYvQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mediapart @bastamedia voici une description du développement de la mafia du… |
|
|
|
Post #AtKArEPQFIObdsvTVI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@PANAFRICANSSI @jwildeboer Telstra sells cheap VPNs with Australian IPs. About … |
|
|
|
Post #AtKArcXkVzJiUf0Soa by [email protected] |
|
0 likes, 0 repeats |
|
|
|
please @foosel can you answer @zombiecide request? It will help a lot fighting … |
|
|
|
Post #AtKAuCq2Xf17dinKXQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@dusoft Sure. But I will block your scraperbot just like all the other ones. Th… |
|
|
|
Post #AtKAvXh2UQ8ObqDoX2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@xdej @zombiecide @lyrial @jwildeboer I did answer 2d ago? https://chaos.social… |
|
|
|
Post #AtKAvvtyTyk3guSU1g by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer THANK YOU! The explosion of Just Legitimate Enough traffic has been… |
|
|
|
Post #AtKAwORyLAZeESa1uC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@user59 And that's just one of many Libraries/SDKs that are out there. And … |
|
|
|
Post #AtLbKNSYT0tO4muSga by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer I did a search for "bitdefender and infatica.io" as there… |
|
|
|
Post #AtLbaIidrNDc0V1kI4 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer very good article and important to raise awareness of this. Any rec… |
|
|
|
Post #AtLbaIq5PhAoNaVgtU by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@marce I guess that’ll be part 3 of the series. |
|
|
|
Post #AtLck3gKirtEDhADrs by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer I had my Forgeojo instance (oddly same service) almost entirely unu… |
|
|
|
Post #AtMCUMsXB7rRTSgjoW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer In a more sane world, this would be the work of *investigative jour… |
|
|
|
Post #AtMCUMzGm5FToLq7JQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@JeffGrigg I trust that given enough reactions, this topic will be picked up by… |
|
|
|
Post #AtMCXoU8zhVRxmvHVY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer that's certainly part of the puzzle why we see so much scraping… |
|
|
|
Post #AtMCXoasaetUIg4f0S by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@sadmin Yes, they use the same IP addresses in the same timeframe. Seems that 9… |
|
|
|
Post #AtMCY421C2W0BBt2tE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer okay scraping is one thing. But brute forcing makes this a botnet p… |
|
|
|
Post #AtNEhVnhiBerybmgW8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@dusoft @xdej @jwildeboer Are you sure BrightData are legit? Are you sure you&#… |
|
|
|
Post #AtNEhVvrDsBENtbCE4 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@wako @xdej @jwildeboer Legit in what way exactly? They are a data provider, no… |
|
|
|
Post #AtNEi4cwECqJzM1560 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer yes, no doubt. For now though I'm looking at Microsoft's ZT… |
|
|
|
Post #AtNEkTc2Itee3hjxsO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@dusoft @xdej @jwildeboer scraping is one thing, scraping using "residenti… |
|
|
|
Post #AtNEkTi3wUTWMOYmGm by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@wako @xdej @jwildeboer It might be, but it also helps to scrape Google (that i… |
|
|
|
Post #AtNExNqv1wuBxWr98q by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@dusoft @jwildeboer Could you describe this "use case" and how it is … |
|
|
|
Post #AtNF8plpZYhljLw6me by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@JeffGrigg @jwildeboer Google indexes webpages, my script indexes some Google w… |
|
|
|
Post #AtNpKgpwD747qcoHFA by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer I am going to build the tech to destroy this business model. |
|
|
|
Post #AtNpKgyRhTs4H0n4VM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@ryancFake the library to take the cash without making the requests?@jwildeboer |
|
|
|
Post #AtNpKh4TL4gwZhbstk by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@xdej @jwildeboer real time proxy detection |
