Tech talk, cold comfort.

! · 2026-04-11 13:46 »

Steven W wrote: 2026-04-11 08:05 Bruh, you got me blocked through VPN. I am on TOR at the moment.

Oh sorry! Hm, I set it like this:

1. Cloudflare: Attack mode activated.
2. I filter IPs with AbuseIPDB, if it's found there and marked abusive, it's blocked.
3. I filter IPs with AbuseIPDB, if it's found there but not marked as abusive, but it's marked as "Data Center/Web Hosting/Transit", it's blocked.

Because we are talking about almost 2 MILLION hits PER DAY. I have to filter out what's not "normal" user, otherwise, the friend's computer just rips apart. CPU usage so high almost 100%, serving 2 MILLION is no small task.

My guess is, a VPN / TOR will be marked as "Data Center/Web Hosting/Transit" and it gets blocked.

It's not ideal to block VPNs, but I really don't have a choice. Almost HALF A MILLION of these are just from USA. No other way to filter them out. I don't know what else to do, short of taking the website offline.

Please let me know if you can reach the site now or not.

! · 2026-04-11 13:53 »

Here is an example: https://www.abuseipdb.com/check/52.167.144.235, this is from USA, Microsoft, reported almost 2000 times, several pages of reports, nothing has been done and it keeps coming back. It's marked as "Data Center/Web Hosting/Transit" so I automatically block any such marks. They are either bots or attacker bots 99%. Normal users like you probably will be marked as "Data Center/Web Hosting/Transit" if using VPN. Normal line is "Fixed Line ISP".

: 2026-04-11 13.50.53 www.abuseipdb.com 32d1eb95fe12.png (79.85 KiB) Viewed 53 times

: 2026-04-11 13.51.28 www.abuseipdb.com ff16594ed669.png (125.71 KiB) Viewed 53 times

! · 2026-04-11 14:00 »

Code: Select all

array(1) { ["data"]=> array(14) { ["ipAddress"]=> string(15) "149.102.235.111" ["isPublic"]=> bool(true) ["ipVersion"]=> int(4) ["isWhitelisted"]=> bool(false) ["abuseConfidenceScore"]=> int(0) ["countryCode"]=> string(2) "CZ" ["usageType"]=> string(31) "Data Center/Web Hosting/Transit" ["isp"]=> string(16) "Datacamp Limited" ["domain"]=> string(9) "cdn77.com" ["hostnames"]=> array(1) { [0]=> string(34) "unn-149-102-235-111.datapacket.com" } ["isTor"]=> bool(false) ["totalReports"]=> int(0) ["numDistinctUsers"]=> int(0) ["lastReportedAt"]=> NULL } }

Is the response example from AbuseIPDB. There is a "isTor" field, I currently don't block those. I need to see how much attack comes from those.

! · 2026-04-11 14:05 »

Even stuff in Japan is fucked up now. The internet is basically 99% bots. I think almost no actual normal humans online anymore. They are online on the big platforms nowadays.

https://www.abuseipdb.com/check/52.243.57.116

: 2026-04-11 14.04.42 www.abuseipdb.com 019ba26d8695.png (57.37 KiB) Viewed 51 times

! · 2026-04-12 12:42 »

So basically, except me and you, there is ZERO and I mean ZERO legitimate traffic coming into this website. How sick is that? I think 99.99% is just bots trying to find security holes or random attacks etc., the internet is surely dead. This is no longer a theory, it's dead and long gone it seems. Or well, the "domains" are dead. People just go into platforms nowadays. No one clicks on domains anymore. Sad and scary.

! · 2026-04-12 12:54 »

Also, look how systematic this is. It comes in waves, very very systematic up down up down and it's all from random IPs. Means, this is a pattern. I think this isn't just "random people" behind this thing. It's too big, too systematic and too "simple pattern". Almost as if corporations are doing this to kill off domain names and shoo everyone into their own platforms, now THAT is a conspiracy for you!

It just doesn't make sense for this pattern to be this obvious. Random IPs, random countries etc., but they ALL come in the exact same time and wave? The pattern should be very random but it's not.

: 2026-04-12 12.53.26 dash.cloudflare.com 556b4b43e248.png (69.82 KiB) Viewed 48 times

: 2026-04-12 12.53.13 dash.cloudflare.com 2596e6c2bd83.png (85.33 KiB) Viewed 48 times

: 2026-04-12 12.48.52 dash.cloudflare.com 952953320fac.png (21.39 KiB) Viewed 48 times

Steven W · 2026-04-12 17:20 »

! · 2026-04-13 08:41 »

Steven W wrote: 2026-04-12 17:20Sad.

Very much so indeed.

! · 2026-04-13 09:46 »

I'm going to start yanking out countries, now, like Africa and places, I think no need to serve the attack bots from those places, chance of actual user interested in things here is basically almost zero. I will also be yanking out TOR, a LOT of attacks coming from there. Although, ironically, USA is bigger than China in attack bots, it's all bots bots bots bots from USA. It seems like a third world country now.

Europe has but a bit more cleaner it seems. China is a lot too, also strangely, Hong Kong etc., I thought there would at least have clean internet without bots and attackers.

On the positive side, my friend's little MSI laptop is a fucking beast, handling 2 MILLION visitors like a champ. LOL! Well, the CPU usage is high and all but still, I can't believe it could handle it. Go MSI and Intel 14700HX!

! · 2026-04-13 11:08 »

Here, look at these fuckers, coming from Apple.com, all bots.

: Screenshot_20260413_110701.png (163.79 KiB) Viewed 38 times

Allowing only these now, testing it out and see how it goes. I mean, what do I care serving attack bots in Africa or Asia etc., we have never had even one user from there, one comment, one anything.

: 2026-04-13 12.14.01 dash.cloudflare.com ff1ab747edcd.png (32.33 KiB) Viewed 33 times