this post was submitted on 10 Jul 2023
248 points (97.0% liked)

Asklemmy

43770 readers
2316 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

Are they just an issue with wefwef or trying to use an exploit

you are viewing a single comment's thread
view the rest of the comments
[–] tarjeezy@lemmy.ca 20 points 1 year ago (3 children)

The encoded string contains the URL zelensky dot zip. Zip is one of the newer top-level domains. It itself is not a zip file, but I am not going to visit that site to find out whatever treasures it has to offer..

[–] Dirk@lemmy.ml 7 points 1 year ago (2 children)

Another reason to block this TLD in the firewall solution.

[–] tarjeezy@lemmy.ca 6 points 1 year ago (1 children)

Yea I've got both .zip and .mov blocked on my pihole

[–] erre@feddit.win 5 points 1 year ago

Curl didn't return anything. They're likely just using it to log requests since the request path contains the data they need.

[–] Gellis12@lemmy.ca 3 points 1 year ago

Not just that, it looks for a navAdmin cookie in your browser and sends that to zelensky(dot)zip/save/<your cookie here> in the form of a GET request.