Pinned toot
Pinned toot
Pinned toot
Pinned toot

Hundreds of machines that look just like this, with the same "Make sure to update your proxy address, proxy username and port." message. Most have a few entries in different abuse IPDBs. Maybe it's a podunk VPN provider... probably cheaper to spin up cloud machines and eventually burn their IPs and move on, scorched earth.

80/tcp open http
1080/tcp open socks
1085/tcp open webobjects
3128/tcp open squid-http

Show thread

I am seeing some oddly consistent, patterned traffic to my Searx instance. Traffic looks benign, but the pattern is incredibly robotic.

Looking closer, there are entire /24's FULL of machines sourcing the traffic, and they all look EXACTLY the same. Across all geos, mostly OVH/LeaseWeb but a mix all over.

Hitting any of them on port 80 returns "Not authenticated or invalid authentication credentials. Make sure to update your proxy address, proxy username and port."

Botnet? VPN provider?

This should help randomize filter bubbles / geo-blocking, and potentially help prevent the originating engines from getting cranky about excessive requests, lol

Show thread is now load-balanced between multiple backends.
There will probably be some additional variance depending on which node your search came from. Refresh to spin the wheel again.

This is an experiment, please report any issues :ed:

Searx instance took a hit, for a bit. Should be back in action, now.

this year's homecoming theme will be a burning village


coming up on the 1st anniversary of naming a disease after a type of virus caused by it and that virus after an earlier virus that was named after the name of the disease it caused

Watching independent newsies on YouTube be like

> a world war seems to be coming, so subscribe to my patreon

Show older

༼ຈل͜ຈ༽'s choices:

Open instance in the spirit of netizenship. Cyberpunk leaning, tech-forward, available to the public; I provide a lot of services that no one but me really uses, just 'cause.