nanog mailing list archives
Re: Traffic being directed at random infrastructure with pornhub.com host header (?)
From: John Kristoff <jtk () dataplane org>
Date: Wed, 13 Sep 2023 09:28:07 -0500
On Wed, 13 Sep 2023 13:35:30 +0000 Drew Weaver <drew.weaver () thenap com> wrote:
Has anyone else recently seen a spike of port 80 traffic being sent at seemingly random IP addresses that include the Pornhub host header?
Yes. The source possible, hopefully being research or commercial scanners perhaps? I've seen a host from a US midwest EDU source doing this. User agent string in that case was "Mozilla/5.0 quack/1.x" It may be some sort of censorship measurement or perhaps even something like this type of work: <https://www.usenix.org/conference/usenixsecurity21/presentation/bock> John
Current thread:
- Traffic being directed at random infrastructure with pornhub.com host header (?) Drew Weaver (Sep 13)
- Re: Traffic being directed at random infrastructure with pornhub.com host header (?) John Kristoff (Sep 13)
- Re: Traffic being directed at random infrastructure with pornhub.com host header (?) Dobbins, Roland via NANOG (Sep 13)