Is this a common thing? I have just recently installed the extension, so I am not sure if there are a lot of other websites who do it.
Since looking into it, I noticed that uBlock Origin already has the default list "Block Outsider Intrusion into LAN" but it wasn't enabled.
1MB of obfuscated fingerprinting + portscan + Webgl . But oddity this one is trying to find burp suite specific route's.
That being said, I think this is an overall win, hopefully Firefox implements it in a consistent manner as well.
So much better.
Modern web design is a joke.
It looks useful and looks good, there's minimal unneeded whitespace and I'm glad it looks as it does. We'd be better off if the entire web switched to a style like this.
When I visit the site from Safari on macOS I see this in the console. Are there any particular services that use port 8888 for the website to do this?
It seems to be part of some "bot defense" product by these F5 people, to "test the different browser capabilities". I doubt it's intended to hit a real endpoint on any system.
https://www.digitalsamba.com/blog/metas-localhost-spyware-ho...
How does that work? A browser extension can't influence how your router and other machines in your network react to incoming requests.
It would be good if the Indian government could block the scammers but I guess it’s a lower priority for the moment.
It actually makes sense to have a paid service that makes this abomination less painful. Though they work with VFS Global for collecting the applications and relevant documents, the VFS Global itself is an abomination and doesn't help with the handling of the form filling anyway.
Recently EU streamlined the Schengen visa application process for Turkish citizens as those "visa agencies" that are the official agencies and the only way to apply for a visa for many countries don't actually help with anything and are scamming people by selling the "good hours" for the visa appointment on the black market. An agency was dropped for this and the scams by agencies were listed among the reasons to streamline the application process.
Both with US and EU people are losing scholarships etc. due to outrageous wait times that are sometimes are years ahead or there's an issue with the systems handling the applications.
I guess there must be an opportunity there to fix all this together with smaller stuff like handling transliteration and character encodings, I wonder if some of those scam site are not scams and actually help with it. An AI agent can be useful here.
The rejection rates are also not bad and EU has a "return agreement" with Turkey, which is designed to keep the middle eastern refugees in Turkey(essentially, if you come from Turkey EU can send you back to Turkey right away ).
Crime rates for Turks show up among the lowest ones, unlike others from the region. So I don't think that EU is trying to reduce visas for Turks.
https://home-affairs.ec.europa.eu/news/visa-applications-rea...
https://ec.europa.eu/eurostat/statistics-explained/index.php...
It's pretty much just USA and Israel that have institutional racism on the books in 2025.
Using uMatrix was very annoying at first, most websites are broken without their CDNs, but after a few months or so, the whitelist grew and it contains 90% of websites I visit.
On my system https://ceac.state.gov/genniv/ tries to connect to captcha.com, google-analytics, googletagmanager, 127.0.0.1 and "burp" (a local hostname that doesn't exist in my network). Interestigly, the browser console doesn't list connection attempts to localhost or burp. If I allow 127.0.0.1 and "tcpdump -i lo", I see connections to port 8888, which isn't open.
But I found what "burp" is: https://portswigger.net/burp/communitydownload
Somewhat more worryingly, Little Snitch doesn't report them at all, though that might just be because they were already blocked at the browser.
That looks so much like test code that was shipped to prod.
Searches for that string on GH does return results.
If you're on OSX, the permission to "discover on the local network" prevents it from happening ( System Settings -> Privacy & Security -> Local Network -> yourbrowser )
Could also be 'network' permissions on firefox ( Go to Settings > Privacy & Security > Permissions ) which is on a per site level, but iirc that could be set site-wide at some point.
The other browsers likely have similar configs, but this is what I have found.
This is a container that FB gives you to host that lives under your domain (it can be your main domain) that slurps up user data and sends it to Facebook from the server side. You embed some JS in your website, and they hoover up the data.
There are options to not load JS, images, XMLHttpRequests, frames, cookies, for each site, but it doesn't list individual files.
That will be this burp: https://portswigger.net/burp/documentation/desktop/tools/pro...
Sounds like they don't want you to analyze their site.
For those who want to try blocking more stuff you can enable hard mode and bind relax blocking mode keyboard shortcut
I'd recommend also enabling filter lists(I advice yokoffing/filterlists and your region/language)
https://github.com/gorhill/uBlock/wiki/Blocking-mode:-hard-m...
Besides, uMatrix works fine. It's that kind of program that doesn't need any updates.
There is also a lot of fingerprintable material within such a port scan from clock skew, TCP ISN, and a few other areas.
You can sieve this quite easily with this available, thanks to Roku's, Phone's, and other things doing this while just sitting locally in a shared collision domain (a digital soldier quartered in every home).
The metadata node graph of devices locally acts as a unique fingerprint once in RFC1918 space, technically not unique but close enough.
I remember years back when people would run these firewalls and we'd get complaints from home users about normal traffic.
Thinks like complaints our mail servers was scanning them on port 25 when they sent email.
Although, from personal experience, it used to require java and it worked only on internet explorer and since it has been retired and replaced with chromium, i am not sure what is the way to make it work nowadays, as i have not been able to figure out to use it when i needed the last time.
Are you seeing connection attempts to other IPs?
Could also be incompetence :D until I fixed it, deploying from my local machine rather than CD resulted in one of the baked in URLs being localhost rather than the public host on the project I'm working on now. Their local development server might just be at port 8888. Wouldn't surprise me.
https://my.f5.com/manage/s/article/K000138794
> These requests are caused by the bot profile to test the different browser capabilities.
> 'http://127.0.0.1:xxxx' request is a call to the localhost/client machine, which is normal when trying to protect assets like end-server using ant-bot defense. It does not have any impact regarding application page load.
Remember back in June when Facebook/meta got caught tracking users trough a webserver on Android phone thought Messenger and Instagram? Same thing.
See: https://news.ycombinator.com/item?id=44169115 and https://news.ycombinator.com/item?id=44175940
* uBlock Origin and Lite have it as an option under Filter List > Privacy > Block Outsider Intrusion into LAN
* Brave prevents it, tested with Aggressively block Trackers and Ads.
It's insane to allow any random website to port scan my LAN. If this wasn't a "feature", I would have considered this a high severity vulnerability
(There is some language online suggesting PNA has not actually shipped, but I experienced it myself in stable Chrome several years ago, so I am unsure of the current state).
Firefox doesn't implement either approach -- I assume this is indicative of their lack of development resources.
Never knew that this existed. Thank you!
"Hacks and Hops" doesn't even have a valid home page. The extension links to https://g666gle.me/ which does not exist. The domain name itself does not want to make me give access to all my data for all websites to them.
As nice as this extension seems, I would ever in a million years install it.
I will give it a try and see what happens and if I see anything I will add it here.
Maxious•5h ago
Like a less sophisticated Tor/VPN that is easily detected by port scans