Home About

February 2024 Update

#Website Updates
~4 min read
by Administrator, 2024-03-01

Since Spy.pet was launched in November of last year, I haven't really posted public updates about the website, other than some small posts on Telegram. Today, this is going to change. This is the first of a series of monthly updates for Spy.pet.

Changelog

Getting DDoSed

The main change this month is Spy.pet getting attacked by certain individuals who really don't want their messages archived. The first DDoS attack was on the 2nd of February, and it SUCKED.

This was my first experience with a DDoS, which is why I was unprepared and the website went offline for a grand total of 14 minutes. It had two thousand unique IPs and 9.5 million requests, pretty weak compared to what is to come.

Around the 25th of February, spy.pet got (I'm guessing) shouted out in a server with both people who hate being tracked and people who love tracking others. Aka, every single server on Discord. That night, I got a DDoS attack of 346 thousand requests, which was so little that it doesn't even show up on the Cloudflare graph.

In the following few days, the same person (or group of people) spent way too much time trying to take my website offline. On the 27th, I got hit with a 31 million requests DDoS, coming from 19 thousand IPs, all of which were blocked by Cloudflare. Outside of that, they have tried searching for endpoints which overload the server, and were able to find a grand total of 2, which I patched a few hours after they were being abused.

On the 28th, the same pattern continued, but with attacks directed at specific endpoints instead of just the site in general. All of them coming from residential proxies. Kind of funny to think that this person (or group of people) is willing to spend money on residential proxies just to attempt to take a website offline.

On the 29th, I was attacked by 73 million requests, coming from 13 thousand IPs, all of them right before I went on a walk before going to bed. All of them were detected by Cloudflare, thus I was able to peacefully walk in the night while certain individuals, in certain parts of the world, were sitting in front of a computer screen refreshing my website while complaining to themselves that it's not offline.

As a conclusion to this story, please step outside. Walking in the night is much more enjoyable than running ddos.py while complaining about why it's not working, trust me. All of these attacks caused minimal damage to myself personally or the website in general. All of this effort caused only 50 minutes of downtime. That's it.

Before being DDoSed, I was strongly against Cloudflare and the centralization of the internet, and I still am. But now I understand how it's impossible for a website, no matter its size, to stay online without the help of Cloudflare.

Getting banned from Coinbase Commerce

On a date unknown to me, my account at Coinbase Commerce was locked. I'm assuming this had either something to do with the same certain individuals complaining to Coinbase, or Coinbase somehow getting mad about the funds customers send. Which one it is, I will never know, since Coinbase never contacted me about them terminating my account.

I had to find out the wrong way by logging into my Coinbase Commerce account and being prompted with a cute little "Your account has been locked" popup. Super annoying. Never trust Coinbase with your money, they will run with it if you don't use the Coinbase Commerce plan which allows you to keep your seed phrase.

Conclusion

I would like to thank everyone who read this and everyone who uses Spy.pet in general for giving me your money. I would also like to thank the very unskilled group of individuals who have attempted DDoSing me for finding bugs for me, very much appreciated.