Have a look at where those IP addresses came from: There were 15,573 requests from AS23969 across 82 unique IP addresses. This is the output of a little log analyser I wrote that breaks requests down by ASN (and other metrics) over the past hour. How? Well let's pull the logs from Cloudflare and see: Even with the rate limit of 1 request every 1,500ms per IP address enforced, that graph shows a very clear influx of requests peaking at 14k per minute. There's 1.06M requests in that 24 hour period with 491k of them in the last 4 hours. This is executions of the V2 API that enables you to search an individual email address. The other 2 are changing today and I want to clearly explain why. One of those changed nearly 3 years ago now - I had to add a rate limit. I highlighted 3 really important attributes at the time of launch: My thinking at the time was that it would make the data more easily accessible to more people to go and do awesome things build mobile clients, integrate into security tools and surface more information to more people to enable them to do positive and constructive things with the data. The very first feature I added to Have I Been Pwned after I launched it back in December 2013 was the public API.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |