FaucetBOX.com Discussion - page 71. | Bitcointalksearch.org

thekingajew

newbie

Activity: 55

Merit: 0

Quote from: BitBustah on January 16, 2016, 04:02:10 AM

Quote from: thekingajew on January 16, 2016, 03:59:02 AM

Anyone elses FaucetBox balances showing 0? 1.6M satoshi & 4K doge showing 0, checked the payouts and user statistics and it doesn't add up. Is there an issue with FaucetBox?

CloudFlare says site is offline.

Edited: It's back. Balances on faucet and dashboard match.

Hopefully it's an issue. Send some more deposits, in the dashboard it just shows 0 as-well. No increase in user activity, Less likely to of been hacked. Checked my logs and no SQL injections.

BitBustah

hero member

Activity: 1218

Merit: 534

Quote from: thekingajew on January 16, 2016, 03:59:02 AM

Anyone elses FaucetBox balances showing 0? 1.6M satoshi & 4K doge showing 0, checked the payouts and user statistics and it doesn't add up. Is there an issue with FaucetBox?

CloudFlare says site is offline.

Edited: It's back. Balances on faucet and dashboard match.

thekingajew

newbie

Activity: 55

Merit: 0

Anyone elses FaucetBox balances showing 0? 1.6M satoshi & 4K doge showing 0, checked the payouts and user statistics and it doesn't add up. Is there an issue with FaucetBox?

BitBustah

hero member

Activity: 1218

Merit: 534

Quote from: ryandanielt on January 15, 2016, 05:48:14 PM

Quote from: BitBustah on January 15, 2016, 05:45:00 PM

please syare ip ranges, thanks

I will contact my Proxy/Bot provider to see if they can provide me with a list of all IP's that were used in the attack.

Will update shortly...

Thanks. I want to run these IPs against my "IP check service" to see what they say it is.

trinaldao

copper member

Activity: 1218

Merit: 1007

Post your ann & bounty just contact me

Quote from: hawkfx on January 15, 2016, 08:19:56 PM

Faucetbox is down??

NO i can acces https://faucetbox.com/ normally without any problem

It's just you. http://faucetbox.com is up.
http://www.downforeveryoneorjustme.com/faucetbox.com/

hawkfx

newbie

Activity: 14

Merit: 0

Faucetbox is down??

ryandanielt

sr. member

Activity: 267

Merit: 250

Quote from: misterbit on January 15, 2016, 07:11:02 PM

Quote from: ryandanielt on January 15, 2016, 07:08:03 PM

Quote from: misterbit on January 15, 2016, 07:04:19 PM

Quote from: ryandanielt on January 15, 2016, 07:02:00 PM

Quote from: misterbit on January 15, 2016, 06:56:44 PM

Guys, them heavier use histats.com and ipinfo.io together to check the ips and detect ranges.
I have the almost controlled subject.

In Log Analyzer, you can see that IP has been that more visits to generated, in my case I have seen a range of Opera Mini do hundreds of visits a day.
141.0.12.0/22 - Opera Mini Servers https://ipinfo.io/AS39832

In histats can visits in real time, operating systems, browsers etc... normally when I see Linux it is usually some VPS server

You cant go by that either, 85% of the time I am using a linux operating system and so is millions of other people online.

You cant determine VPS by operating system lol

Also neither of those sites are going to save your coins unless you are sitting there for hours just watching and logging your visitors.

There are many factors to consider, I would rather keep paying for a service that saves me hours of monitoring.

That is used for ipinfo.io, personally am not going to pay for something I can do I.

IPInfo only gives you the information on provider, wheres the risk factors? Paid services have very large databases of BOT, PROXY, SPAMMER and Bad IP addresses and provide you with that information so that way you know what to block and not.

Basing your judgement on a users browser or ip data is not sufficient.

Block IPS for spam do not think that it is good solution

I figured you would think that but I guess you never thought to factor in that 80% of spam is created by form targeting bots. The rest is done by under qualified spammers not realizing that this is the 21st century with less time consuming means.

And besides I dont block there IP from my site, they can visit my site all they want they are just provided with a nice little error message when claiming

misterbit

sr. member

Activity: 350

Merit: 250

Quote from: ryandanielt on January 15, 2016, 07:08:03 PM

Quote from: misterbit on January 15, 2016, 07:04:19 PM

Quote from: ryandanielt on January 15, 2016, 07:02:00 PM

Quote from: misterbit on January 15, 2016, 06:56:44 PM

Guys, them heavier use histats.com and ipinfo.io together to check the ips and detect ranges.
I have the almost controlled subject.

In Log Analyzer, you can see that IP has been that more visits to generated, in my case I have seen a range of Opera Mini do hundreds of visits a day.
141.0.12.0/22 - Opera Mini Servers https://ipinfo.io/AS39832

In histats can visits in real time, operating systems, browsers etc... normally when I see Linux it is usually some VPS server

You cant go by that either, 85% of the time I am using a linux operating system and so is millions of other people online.

You cant determine VPS by operating system lol

Also neither of those sites are going to save your coins unless you are sitting there for hours just watching and logging your visitors.

There are many factors to consider, I would rather keep paying for a service that saves me hours of monitoring.

That is used for ipinfo.io, personally am not going to pay for something I can do I.

IPInfo only gives you the information on provider, wheres the risk factors? Paid services have very large databases of BOT, PROXY, SPAMMER and Bad IP addresses and provide you with that information so that way you know what to block and not.

Basing your judgement on a users browser or ip data is not sufficient.

Block IPS for spam do not think that it is good solution

ryandanielt

sr. member

Activity: 267

Merit: 250

Quote from: misterbit on January 15, 2016, 07:04:19 PM

Quote from: ryandanielt on January 15, 2016, 07:02:00 PM

Quote from: misterbit on January 15, 2016, 06:56:44 PM

Guys, them heavier use histats.com and ipinfo.io together to check the ips and detect ranges.
I have the almost controlled subject.

In Log Analyzer, you can see that IP has been that more visits to generated, in my case I have seen a range of Opera Mini do hundreds of visits a day.
141.0.12.0/22 - Opera Mini Servers https://ipinfo.io/AS39832

In histats can visits in real time, operating systems, browsers etc... normally when I see Linux it is usually some VPS server

You cant go by that either, 85% of the time I am using a linux operating system and so is millions of other people online.

You cant determine VPS by operating system lol

Also neither of those sites are going to save your coins unless you are sitting there for hours just watching and logging your visitors.

There are many factors to consider, I would rather keep paying for a service that saves me hours of monitoring.

That is used for ipinfo.io, personally am not going to pay for something I can do I.

IPInfo only gives you the information on provider, wheres the risk factors? Paid services have very large databases of BOT, PROXY, SPAMMER and Bad IP addresses and provide you with that information so that way you know what to block and not.

Basing your judgement on a users browser or ip data is not sufficient.

misterbit

sr. member

Activity: 350

Merit: 250

Quote from: ryandanielt on January 15, 2016, 07:02:00 PM

Quote from: misterbit on January 15, 2016, 06:56:44 PM

Guys, them heavier use histats.com and ipinfo.io together to check the ips and detect ranges.
I have the almost controlled subject.

In Log Analyzer, you can see that IP has been that more visits to generated, in my case I have seen a range of Opera Mini do hundreds of visits a day.
141.0.12.0/22 - Opera Mini Servers https://ipinfo.io/AS39832

In histats can visits in real time, operating systems, browsers etc... normally when I see Linux it is usually some VPS server

You cant go by that either, 85% of the time I am using a linux operating system and so is millions of other people online.

You cant determine VPS by operating system lol

Also neither of those sites are going to save your coins unless you are sitting there for hours just watching and logging your visitors.

There are many factors to consider, I would rather keep paying for a service that saves me hours of monitoring.

That is used for ipinfo.io, personally am not going to pay for something I can do myself.

ryandanielt

sr. member

Activity: 267

Merit: 250

Quote from: misterbit on January 15, 2016, 06:56:44 PM

Guys, them heavier use histats.com and ipinfo.io together to check the ips and detect ranges.
I have the almost controlled subject.

In Log Analyzer, you can see that IP has been that more visits to generated, in my case I have seen a range of Opera Mini do hundreds of visits a day.
141.0.12.0/22 - Opera Mini Servers https://ipinfo.io/AS39832

In histats can visits in real time, operating systems, browsers etc... normally when I see Linux it is usually some VPS server

You cant go by that either, 85% of the time I am using a linux operating system and so is millions of other people online.

You cant determine VPS by operating system lol

Also neither of those sites are going to save your coins unless you are sitting there for hours just watching and logging your visitors.

There are many factors to consider, I would rather keep paying for a service that saves me hours of monitoring.

misterbit

sr. member

Activity: 350

Merit: 250

Guys, I recommend you use histats.com and ipinfo.io together to check the ips and detect ranges.
I have the almost controlled subject.

In Log Analyzer, you can see that IP has been that more visits to generated, in my case I have seen a range of Opera Mini do hundreds of visits a day.
141.0.12.0/22 - Opera Mini Servers https://ipinfo.io/AS39832

In histats can visits in real time, operating systems, browsers etc... normally when I see Linux it is usually some VPS server

ryandanielt

sr. member

Activity: 267

Merit: 250

Quote from: BitBustah on January 15, 2016, 05:45:00 PM

please syare ip ranges, thanks

I will contact my Proxy/Bot provider to see if they can provide me with a list of all IP's that were used in the attack.

Will update shortly...

NeedIfFindIt

full member

Activity: 500

Merit: 100

Quote from: misterbit on January 14, 2016, 06:14:20 PM

Is there a way to get random captcha? for example that funcaptcha are rotating and are you human?

I've seen such script in action, but it was buggy like hell.

Even without bugs the truth is that the bot will reload the page until he gets the captcha he wants Angry

It is way better to change it manually on a daily basis and stop using the captchas that don't stop bots at all.

The other idea is if you are uncertain if the user is using proxy or not ... just send him 1~2MB of incompressible data in the html before the faucet form. Most open proxies are slow and the connection may timeout or the bot may hang

But don't do it to every user since your host will kick your ... Roll Eyes

BitBustah

hero member

Activity: 1218

Merit: 534

please syare ip ranges, thanks

ryandanielt

sr. member

Activity: 267

Merit: 250

Quote from: misterbit on January 15, 2016, 10:36:20 AM

Quote from: FaucetRank.com on January 15, 2016, 10:33:23 AM

Quote from: misterbit on January 15, 2016, 10:20:16 AM

Do you know if there are bots jumping funcaptcha?

nope I didn't hear such matter that funcaptcha can be avoided.

OK thanks

Just thought I would share because I can guarantee that I am not the only person that will get hit, there is a user running a very large and successful BotNet that is designed to bypass captchas and drain faucets. I was hit today and luckily enough I was able to catch it in time, person got away with 0.5 + BTC. The user is using a subnet of ip's and I mean hundreds of ip's all from Vietnam with an ASN ID of AS7552 Viettel Corporation.

I got it reported to my Proxy/Bot protection provider pretty fast and they managed to mitigate the attack pretty quickly by indexing all IP's as bots.

Sad part is the BTC was still lost because my timing was not fast enough but thankfully that was all they got.

Hope this helps to prevent further attacks by this person on any other faucets!

misterbit

sr. member

Activity: 350

Merit: 250

Quote from: FaucetRank.com on January 15, 2016, 10:33:23 AM

Quote from: misterbit on January 15, 2016, 10:20:16 AM

Do you know if there are bots jumping funcaptcha?

nope I didn't hear such matter that funcaptcha can be avoided.

OK thanks

FaucetRank.com

hero member

Activity: 868

Merit: 500

Quote from: misterbit on January 15, 2016, 10:20:16 AM

Do you know if there are bots jumping funcaptcha?

nope I didn't hear such matter that funcaptcha can be avoided.

misterbit

sr. member

Activity: 350

Merit: 250

Do you know if there are bots jumping funcaptcha?

Kazuldur

legendary

Activity: 971

Merit: 1000

Quote from: BrannigansLaw on January 15, 2016, 06:02:34 AM

Quote from: misterbit on January 14, 2016, 06:14:20 PM

Is there a way to get random captcha? for example that funcaptcha are rotating and are you human?

I thought this but then worried perhaps it then wouldn't matter which captcha was completed.

Even if it would matter which captcha was completed (you can implement something like that easily), it wouldn't help against bots. It's trivial for a script to check which captcha it has to solve.

Topic: FaucetBOX.com Discussion - page 71. (Read 237001 times)