There is a current "show your personal site" post on top of HN [1] with 1500+ comments. I wonder how many of those sites are or will be hammered by AI bots in the next few days to steal/scrape content.
If this can be used as a temporary guard against AI bots, that would have been a good opportunity to test it out.
My site is hosted on Cloudflare and I trust its protection way more than flavor of the month method. This probably won't be patched anytime soon but I'd rather have some people click my link and not just avoid it along with AI because it looks fishy :)
Yeah I meant using it as an experiment to test with two different links(or domains) and not as a solution to evade bot traffic.
Still, I think it would be interesting to know if anybody noticed a visible spike in bot traffic(especially AI) after sharing their site info in that thread.
I've been considering how feasible it would be to build a modern form of the denial of service low orbit ion cannon by having various LLMs hammer sites until they break. I'm sure anything important already has Cloudflare style DDOS mitigation so maybe it's not as effective. Still, I think it's only a matter of time before someone figures it out.
There have been several amplification attacks using various protocols for DDOS too...
Glad I’m not the only one who felt icky seeing that post.
I agree my tinfoil hat signal told me this was the perfect way to ask people for bespoke, hand crafted content - which of course AI will love to slurp up to keep feeding the bear.
LLM led scraping might not as it requires an LLM to make a choice to kick it off, but crawling for the purpose of training data is unlikely to be affected.
Sounds like a useful signal for people building custom agents or models. Being able to control whether automated systems follow a link via metadata is an interesting lever, especially given how inconsistent current model heuristics are.
What's up with the creepy ads on this website? It seems like they are actually sketchy ads and not just fake ads for comedic effect. One shows some scammy nonsense about your device being infected and the other links to a real VPN app.
This is fun. Is it not checking for previously submitted URLs though? I can seemingly re-submit the exact same URL and get a new link every time. I would expect this to fill the database unnecessarily but I have no idea how the backend works.
Am I missing something, or would these essentially be implemented via DNS records? It's not clear to me that keeping the links in a database would be necessary at all (unless the DNS records are what you mean by "database")
It seems appropriate that, for a website whose purpose is to make links which raise your suspicions, the visual design itself also raises your suspicions.
Msn.com
Office.com
Sharepoint.com
Hotmail.com
Etc, plus all the subdomains they insert before them. It makes it very easy to create phishing emails that look plausible.
I've been at a company that internally sends out fake links that log the user and links to an educational page on internet safety.
I honestly don't mind too much since it's a once a year thing (hacktober) and honestly companies should be trying to catch out employees who click any and all links.
I added google.com and it spit out https://twitterDOTc1icDOTlink/install_Jy7NpK_private_videoDOTzip
Interesting that it spit out a .zip url. Was not expecting that so I changed all the “.” to “DOT” so I don’t get punished for posting a spammy link despite this literally being a website to make links as spammy and creepy as possible.
I always end up making my own, they're so simple to write.
Saves using one of the "free" ones which looks like its free but you're actually on a free trial, then you can't access your links after that trial expires.
edit: gpt-oss 20B & 120B both eagerly visit it.
There is a current "show your personal site" post on top of HN [1] with 1500+ comments. I wonder how many of those sites are or will be hammered by AI bots in the next few days to steal/scrape content.
If this can be used as a temporary guard against AI bots, that would have been a good opportunity to test it out.
1. https://news.ycombinator.com/item?id=46618714
My site is hosted on Cloudflare and I trust its protection way more than flavor of the month method. This probably won't be patched anytime soon but I'd rather have some people click my link and not just avoid it along with AI because it looks fishy :)
Still, I think it would be interesting to know if anybody noticed a visible spike in bot traffic(especially AI) after sharing their site info in that thread.
There have been several amplification attacks using various protocols for DDOS too...
I agree my tinfoil hat signal told me this was the perfect way to ask people for bespoke, hand crafted content - which of course AI will love to slurp up to keep feeding the bear.
https://jpmorgan.c1ic.link/logger_zcGFC2_bank_xss.docm
Definitely not meta
Deceptive site issue
This web page at [...] has been reported as a deceptive site and has been blocked based on your security preferences.
What's going on? I can't find any setting to disable this.
I love this version and I hope you do too.
What would be a good name here? A URL redirector?
Thanks!
https://c1ic.link/campaign_WxjLdF_login_page_2.bat
You seem to be able to encode arbitrary text, so long as it follows [A-Za-z0-9]+\.[A-Za-z0-9]+
https://wellsfargo.c1ic.link/TODO_obfuscate_url_8wyS7G_hot_s...
And got: https://c1ic.link/account_kPvfG7_download_now.bat
https://c1ic.link/ad_k9OFWW_redeem_gift.bat
In example.com/blah, the /blah part is interpreted by the host itself.
And apart from that I would indeed consider DNS records a database.
Edit: looks like you need an invite code.
Bummer
https://news.ycombinator.com/item?id=31386108
Msn.com Office.com Sharepoint.com Hotmail.com Etc, plus all the subdomains they insert before them. It makes it very easy to create phishing emails that look plausible.
I honestly don't mind too much since it's a once a year thing (hacktober) and honestly companies should be trying to catch out employees who click any and all links.
Eventually we got asked to please make it stop. I asked them to please stop sending fake phishing emails to robots.
https://c1ic.link/bzSBpN_login_page_2
Edit: Chrome on Android warned me not to visit the site!
And got https://twitter.web-safe.link/root_4h3ku0_account_verificati...
Interesting that it spit out a .zip url. Was not expecting that so I changed all the “.” to “DOT” so I don’t get punished for posting a spammy link despite this literally being a website to make links as spammy and creepy as possible.
https://wiki.archiveteam.org/index.php/URLTeam
Saves using one of the "free" ones which looks like its free but you're actually on a free trial, then you can't access your links after that trial expires.