Why do some sites return a malicious (?) script through VPN?

S

Sergey Sokolov2020-07-29 13:10:08

JavaScript

Sergey Sokolov, 2020-07-29 13:10:08

I go online through my VPN at the DigitalOcean site in the Netherlands. I have had an IP address for several years, but some sites consider the entire DO subnet "gray". For example, Avito shows such

plug

With Avito, everything is clear: they write what the problem is and how to be. Question about other sites.

Some online stores, if you access them through this VPN, instead of their main page, return an empty white page without markup, and JS, which makes the browser think hard and after 10 seconds offer to stop further execution of scripts on this page.

For example, the Oldie store.
The code is minified, but there is something about md5, fonts - probably a browser fingerprint.

The site's HTTPS certificate is valid. Belongs to the declared domain. For example, for a site, oldi.rua certificate for *.oldi.ru:

certificate info

Maybe someone knows for sure what it is, why and for what it is sites? Or is it some kind of hack and content substitution in the middle?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

P

paran0id, 2020-07-29
@paran0id

There is such a thing - the ranges of ip-addresses of hosting, the same DO, are in the black lists of some sites. Protection from bots, parsers and bad people. There is no substitution - you get to the server you wanted to get to, it just gives you a stub instead of content. In some cases, they offer to solve the captcha.