When I try to login to PayPal I now see:

Please enable JS and disable any ad blocker

Here’s the thing. PayPal takes fees from transactions and payments received and sent.

I have very right not have ads shoved in my face for something that isn’t actually free in the first place and costs money to use. If PayPal would like to continue to piss off folks me like, then I’ll happily close my PayPal account and go somewhere else that doesn’t shove ads in my face and consume 30-40% of my Internet bandwidth on useless garbage/crap.

#PayPal #Ads

(#7dtwepq) @shinyoukai@neko.laidback.moe Haha 🤣 Nice typo there!

(#kzoqkdq) @shinyoukai@neko.laidback.moe I’m mostly against it because it forces Javascript™ on the client(s) at a blanket level. Doing “Proof-of-Work” explicitly IMO is fine™, but not at an Ingress/Edge level IMO – Which is why I haven’t adopted it myself.

(#u3q2tea) @arne@uplegger.eu Das klingt interessant. Aber wer definiert, welche Projekte darunter fallen? Keine Ahnung wie das sonst so mit dem Ehrenamt ist, aber das müssen ja dann auch gemeinnützige Vereine oder etwas Vergleichbares sein, oder? :-?

Wenn ich in der Petition schon wieder KI les, wird mir gleich anders.

(#7dtwepq) @prologic@twtxt.net Oh shit, that’s not healthy! :-(

(#d2pj7pq) @movq@www.uninformativ.de @bender@twtxt.net @prologic@twtxt.net That’s fine with me. It could be even the 1st January 2026, as simple as the change really is.

But it would be also alright to just stick with July, so that I don’t have to update the tests. :-P

(#vqbmi5a) @movq@www.uninformativ.de Dang it. :-(

My day (yesterday), stand up at 09:30AM (AEDT), P2 Incident at 10:20AM. End of my day 04:30AM (AEST) the next day! Oh my 🤣 🔥 🤦‍♂️

(#ocuiada) @movq@www.uninformativ.de @bender@twtxt.net I’ll also start spamming from my upcoming Vietnam holiday (flying out this Friday) for a couple of soliday weeks 🤣

(#d2pj7pq) @movq@www.uninformativ.de Seems fine to me! Plenty of time to get our shit™ in order! 🙌

(#ocuiada) @bender@twtxt.net Once Advent of Code starts, I’ll start spamming, don’t worry. 😅

(#d2pj7pq) Hm, so regarding the hash change:

https://git.mills.io/yarnsocial/twtxt.dev/pulls/28

How about 2026-03-01 00:00:00 UTC as the cut-off date? 🤔

(#qjlgy4q) @lyse@lyse.isobeef.org Probably wouldn’t help, since almost every request comes from a different IP address. These are the hits on those weird /projects URLs since Sunday:

    1 IP  has  5 hits
    1 IP  has  4 hits
   13 IPs have 3 hits
  280 IPs have 2 hits
25543 IPs have 1 hit

The total number of hits has decreased now. Maybe the botnet has moved on …

(#xyy4hrq) @shinyoukai@neko.laidback.moe Welcome back! 🤟 You have been missed! 😅

(#ykqom5q) @shinyoukai@neko.laidback.moe Welcome back 🤟

(#qjlgy4q) @movq@www.uninformativ.de Fail2ban to the rescue? :-?

(#usa342a) @movq@www.uninformativ.de In my current project I’m typically far away from this pile of shit. Let’s see how the project will be in this regard.

(#2ueqd7a) @bender@twtxt.net Unfortunately, this also breaks the browser search.

(#d2pj7pq) @movq@www.uninformativ.de I’m raising my hand for tt.

Not a day goes by at work, where I’m not either infuriated or frustrated by this wave of AI garbage. In my private life, I can avoid it. But not at work. And they’re pushing hard for it.

Something has to change in 2026.

The classified information in the future classified information the surface so classified information is classified information and I wasn’t hurt

In fact, look at how soft this ball is

~ Mikuru Asahina The Elder (The Melancholy of Suzumiya Haruhi-chan)

Say what, npf(7) is throwing up and won’t block anything, yare yare :facepalm:

(#d2pj7pq) @prologic@twtxt.net the only one other that exists is htwtxt which may as well be Yarn’s ancestor

(#d2pj7pq) Obviously yarnd 🙋‍♂️

(#xyy4hrq) that is to say, chaotic.ninja still exists (although I don’t directly control it anymore as of last year), the rest is classified information ;P

Do not expect me to not hit other people’s nerves. You have been warned.

@prologic@twtxt.net I have returned

Which actively maintained Yarn/twtxt clients are there at the moment? Client authors raise your hands! 🙋

(#jryh2ba) This is what this looked like visually 😳

(#jryh2ba) @prologic@twtxt.net Time to make a new internet. Maybe one that intentionally doesn’t “scale” and remains slow (on both ends) so it’s harder to overload in this manner, harder to abuse for tracking your every move, … Got any of those 56k modems left?

(I’m half-joking. “Make The Internet Expensive Again” like it was in the 1990ies and some of these problems might go away. Disclaimer: I didn’t have my coffee yet. 😅)

(#jryh2ba) At this point I’m considering starting a class action lawsuit for all the self-hostess and little-web folks that want to host a small thing or two and sue these fucking inconsiderate fucking corporate giants, hopefully win, and make them respect others on the web.

Fark me 🤦‍♂️ I woke up quite late today (after a long night helping/assisting with a Mainframe migration last night fork work) to abusive traffic and my alerts going off. The impact? My pod (twtxt.net) was being hammered by something at a request rate of 30 req/s (there are global rate limits in place, but still…). The culprit? Turned out to be a particular IP 43.134.51.191 and after looking into who own s that IP I discovered it was yet-another-bad-customer-or-whatever from Tencent, so that entire network (ASN) is now blocked from my Edge:

+# Who: Tentcent
+# Why: Bad Bots
+132203

Total damage?

$ caddy-log-formatter twtxt.net.log | cut -f 1 -d  ' ' | sort | uniq -c | sort -r -n -k 1 | head -n 5
  61371 43.134.51.191
    402 159.196.9.199
    121 45.77.238.240
      8 106.200.1.116
      6 104.250.53.138

61k reqs over an hour or so (before I noticed), bunch of CPU time burned, and useless waste of my fucking time.

(#uvddnqa) @movq@www.uninformativ.de That’s what tests are for. To fix them. :-D

(#ifjh3pa) @lyse@lyse.isobeef.org Oops. 😅 But yay, it’s working. 🥳

All my newly added test cases failed, that movq thankfully provided in https://git.mills.io/yarnsocial/twtxt.dev/pulls/28#issuecomment-20801 for the draft of the twt hash v2 extension. The first error was easy to see in the diff. The hashes were way too long. You’ve already guessed it, I had cut the hash from the twelfth character towards the end instead of taking the first twelve characters: hash[12:] instead of hash[:12].

After fixing this rookie mistake, the tests still all failed. Hmmm. Did I still cut the wrong twelve characters? :-? I even checked the Go reference implementation in the document itself. But it read basically the same as mine. Strange, what the heck is going on here?

Turns out that my vim replacements to transform the Python code into Go code butchered all the URLs. ;-) The order of operations matters. I first replaced the equals with colons for the subtest struct fields and then wanted to transform the RFC 3339 timestamp strings to time.Date(…) calls. So, I replaced the colons in the time with commas and spaces. Hence, my URLs then also all read https, //example.com/twtxt.txt.

But that was it. All test green. \o/

(#kyfenpq) And regarding those broken URLs: I once speculated that these bots operate on an old dataset, because I thought that my redirect rules actually were broken once and produced loops. But a) I cannot reproduce this today, and b) I cannot find anything related to that in my Git history, either. But it’s hard to tell, because I switched operating systems and webservers since then …

But the thing is that I’m seeing new URLs constructed in this pattern. So this can’t just be an old crawling dataset.

I am now wondering if those broken URLs are bot bugs as well.

They look like this (zalgo is a new project):

https://www.uninformativ.de/projects/slinp/zalgo/scksums/bevelbar/

When you request that URL, you get redirected to /git/:

$ curl -sI https://www.uninformativ.de/projects/slinp/zalgo/scksums/bevelbar/
HTTP/1.0 301 Moved Permanently
Date: Sat, 22 Nov 2025 06:13:51 GMT
Server: OpenBSD httpd
Connection: close
Content-Type: text/html
Content-Length: 510
Location: /git/

And on /git/, there are links to my repos. So if a broken client requests https://www.uninformativ.de/projects/slinp/zalgo/scksums/bevelbar/, then sees a bunch of links and simply appends them, you’ll end up with an infinite loop.

Is that what’s going on here or are my redirects actually still broken … ?

(#sxlpyva) I just noticed this pattern:

uninformativ.de 201.218.xxx.xxx - - [22/Nov/2025:06:53:27 +0100] "GET /projects/lariza/multipass/xiate/padme/gophcatch HTTP/1.1" 301 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36"
www.uninformativ.de 103.10.xxx.xxx  - - [22/Nov/2025:06:53:28 +0100] "GET http://uninformativ.de/projects/lariza/multipass/xiate/padme/gophcatch HTTP/1.1" 400 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36"

Let me add some spaces to make it more clear:

    uninformativ.de 201.218.xxx.xxx - - [22/Nov/2025:06:53:27 +0100] "GET                       /projects/lariza/multipass/xiate/padme/gophcatch HTTP/1.1" 301 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36"
www.uninformativ.de 103.10.xxx.xxx  - - [22/Nov/2025:06:53:28 +0100] "GET http://uninformativ.de/projects/lariza/multipass/xiate/padme/gophcatch HTTP/1.1" 400 0 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36"

Some IP (from Brazil) requests some (non-existing, completely broken) URL from my webserver. But they use the hostname uninformativ.de, so they get redirected to www.uninformativ.de.

In the next step, just a second later, some other IP (from Nepal) issues an HTTP proxy request for the same URL.

Clearly, someone has no idea how HTTP redirects work. And clearly, they’re running their broken code on some kind of botnet all over the world.

My webserver is getting millions of hits per month at the moment.

All bots.

(#dkc24ma) @thecanine@twtxt.net @movq@www.uninformativ.de Unfortunately, yes.

(#dkc24ma) @thecanine@twtxt.net That image is correct.

Great things happening over at the Xhitter.

(#wmobsaa) @bender@twtxt.net Thanks. That pulley is just to hang back up the telephone wire (on the ground in 16) for that farm and restaurant in 04 once they finish logging. Hahahahahaaahaaaa, I didn’t see the nails on top of the pole. :-D

Yup, these ice crystals are just lovely. :-)

(#g3u6i2q) @prologic@twtxt.net Who’s got a life besides work, huh? Yeah, no, thanks, mate! Scratch that.

(#g3u6i2q) @bender@twtxt.net Don’t even think that was on the cards I’m afraid 😳 But yes I’ve said that in a message to the recruiter.

(#xdrqwrq) @kiwu@twtxt.net I’m glad you’re liking the updates haha 😆

(#g3u6i2q) @lyse@lyse.isobeef.org @bender@twtxt.net Pfft, they want folks to relocate to Sydney. Fuck that 🤣 Sydney is a bit like San Francisco, I’m not actually sure which is worse. Fuck’n expensive as hell, the only palce you’d be able to afford to buy or rent is at least ~2hrs out of the city by public transport (i.e: train) and by that time you’ve just pissed your life down the toilet, because you’d be expected ot work a 9-10hr day + 2-3hrs of travel each way, buy the time you factor in having to wake up super early to get ready to travel in to work, you basically have zero time for anything else, let alone your ufamily,

Fuck that.

Hmmm

Hello @therealprologic@bridge.twtxt.net 👋

(#gg45s6a) @thecanine@twtxt.net Cool! Let’s hope they truly keep their word.