Morning gang :) what did I miss?

@snacks @monkey the what now?

@snacks @monkey where they all on the same hosting provider?

@monkey eated a reeses

@snacks @monkey which side of the fediblock iron curtain are they on? that’ll help track down who done it

@snacks lol wait what DID I miss I thought you were joking.

@snacks @monkey i bet someone got upset that they didn’t comply with the whims of the fediblock witch hunts

@phnt @snacks @monkey yup, some tranny with a botnet is assmad about posts on the internet

@snacks @phnt @monkey pleroma crimes update

@phnt @snacks @monkey botnet attack confirmed

@phnt @monkey @snacks rangeban india and move on

@lain @phnt @snacks @monkey but nazis can’t use the mastodon network, german laws make that illegal!

@lain @phnt @monkey @jeff @snacks it's actually plerover

@VD15 @phnt @snacks @lain @monkey pleromer

@phnt @monkey @jeff @snacks >Common denominator is Pleroma :D

meanwhile on Poast TV (peertube)

Status for the jail: nginx-444
|- Filter
|  |- Currently failed: 0
|  |- Total failed:     949798
|  `- File list:        /var/log/nginx/access.log
`- Actions
   |- Currently banned: 42389
   |- Total banned:     42389

@phnt @snacks @lanodan @monkey what’s the vtuber chatter like on those servers?

https://ryona.agency/objects/238ec562-c93e-4718-a398-46bca83690ca

85.108.217.219 - - [02/Jan/2026:16:33:56 +0000] "GET / HTTP/2.0" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" "Corlu" "59" "TR" "-"
129.224.215.137 - - [02/Jan/2026:16:33:56 +0000] "GET / HTTP/2.0" 444 0 "https://poast.org" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" "Buenos Aires" "C" "AR" "-"
150.228.105.179 - - [02/Jan/2026:16:33:56 +0000] "GET / HTTP/2.0" 444 0 "https://poast.org" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" "Baghdad" "BG" "IQ" "-"
102.157.39.157 - - [02/Jan/2026:16:33:56 +0000] "GET / HTTP/2.0" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" "Tunis" "11" "TN" "-"
77.226.173.3 - - [02/Jan/2026:16:33:56 +0000] "GET / HTTP/2.0" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "Madrid" "MD" "ES" "-"
47.63.243.38 - - [02/Jan/2026:16:33:56 +0000] "GET / HTTP/2.0" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "Malaga" "AN" "ES" "-"
139.192.61.168 - - [02/Jan/2026:16:33:56 +0000] "GET / HTTP/2.0" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" "Srengseng" "JK" "ID" "-"
213.196.103.200 - - [02/Jan/2026:16:33:56 +0000] "GET / HTTP/2.0" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" "Belgrade" "00" "RS" "-"

@phnt @monkey @snacks @lanodan you know what’d be funny, if every IP that participated got put on every malware dnsbl.

@phnt @monkey @jeff @snacks I guess I haven't got hit then, none of those IPs match requests I got, and none of them have been ip-blocked.
(With cutting IPv6 to the /64)

@phnt @monkey @snacks @lanodan statement stands