New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
is this guy abusing Cloudflare or not?
Hi everyone
i found a porn site using Cloudflare to stream their videos, i know CF has service like Cloudflare stream or Cloudflare R2 can do this job, but after checking their price, i am not sure whether this free pron site can handle the bill or not, the URL is missav dot com, similarweb shows it has 200 Million visits per month, which is huge traffic
any idea?
Comments
They convert the videos into a playlist (HLS), and the fragments are "jpeg" so that CloudFlare caches it, but more so that it doesn't detect it as videos.
This is very common in movie sites, thats why they load instantly.
And now everyone is checking it out and bookmarking it.
LOL
Nice Marketing Strategy,
@Calin
Is this also hosted with you?
>
Most probality
Figured....
thanks. I never knew this site. will check it out tonight!!
Thanks for the reply,
i think CF knows exactly what they are doing, their system may not detect it as videos, but they can see the huge traffic, i had program use a few hundred TBs a month, then i get an email from their sales man.
it's wired that CF let these guys doing this, consider CF has their own streaming service, i really don't get it.
Are the pants wet/ripped?
Hmmmm, why on earth would you want to know
Way to know quality of content without visiting
ha ha ha, lol, without visiting, naaaaa
I bet my 2 cents that everyone that read this post checked out the site, it is about curiosity, part of human nature.
You lost your 2 cents now, I did not.
CF seems to be very inconsistent in who they contact for "technical meetings" (aka sales)...
Frankly, it makes then very more and more unattractive from a business point of view, because you have no clear idea what will trigger their "sales", what their forced price will be (and lets not kid around, its forced price).
I assume that they look at the profile of the client and try to figure who has more money? I personally always hated that "enterprise" tier on pro-products because its that whole trap. Get you into the system, too much trouble to move and BLAM....
Fyi: Its just a Japanese porn site, what is frankly more interesting is the amount of movies they seem to have at 150.000+. Love to know where they got the space to host so much data.
Never hear of this before, thanks for the info. Frankly, makes no sense that CF does not instant ban sites like that. We are talking probably insane amount of bandwidth usage.
I wonder if they use multi-domains to hide the traffic over a ton of proxies. Need to go check again, for ... research reasons. That is what i am telling the wife
Yeah, they have rotating domains, they just get cheap $1 domains, setup free account on CF and integrate in their system to rotate them, easy.
That is normally my idea but they are not doing that.
Its basically the url with main domain / some kind of movie id / size / images.jpg
Looking a bit deeper, and that traces back to surrit.oss-eu-central-1.aliyuncs.com
And that goes to ... alibabacloud and basic bucket response from the API...
For the covers they are using a different domain but also alibabacloud
I assume the operator is Chinese?
I'm referring to the movie sites I've seen
at least in the past 2 month, they didn't route any domains on CF
150.000 movies in like say 1200kbps bit rate, you gonna need around 200-300 TB space, HDD is enough because CDN handle the traffic, so it is not expensive, but like you said, they use Alibaba Cloud Object Storage Service (OSS) to store the file, that gonna cost some money
and yes, they are Chinese, however i think they are from taiwan, not the mainland
According to wikipedia, Taiwan belongs to China. They are chinese, nothing wrong with that.
Cloudflare is very prone to abuse. There is a method out there to abuse their referral program for the paid 1.1.1.1 VPN. It still works today, and they just don't bother with it.
Thanks, a great resource for my study material folder!
So how do you know that the movies are actually thousands of jpeg images? For the normal user the movies on the site look like movies so any hint for me to figure that the movies are actually images? This is a very interesting topic
Check network requests maybe
Not image actually. A mpeg ts file(s). Just use
mediainfoon the file to detect it. ≈≈Edit : [ I'll put some examples later, still on my phone atm ]As I understand it, the video split into multiple mpeg ts files which then included into .m3u8 file.
So instead, like in mp3 player which the playlist contain multiple mp3 files, this work like the playlist contain correct sequence of those mpeg ts stream (multiple mpeg ts file) to play by the video player.
This thing defined by name as HLS. See their explanation on wikipedia as 'HTTP Live Streaming'.
In this particular abuse case, the file itself can be named anything as long it was a correct mpeg ts format. Each file size also small ranging from few KB to few MB. As seen by provider (Cloudflare in this case) it just normal file http(s) GET requests.
If I'm not wrong, they allow it so that they can get network data to improve their connectivity for Argo smart routing users. The more you use, the more they will get updated about routing congestions. It actually helps them improve the paid users. But they will eventually block you if you use a lot of bandwidth. They'll allow you up to a certain limit. This is what happened when I tested it a year ago. I got 20 peta bytes by using that tool and next day my account got blocked 🤣. But later, I opened another account and got some GB using the tool. Till now, it's working perfectly, as I rarely use it for testing or sometimes visiting blocked sites.
20pb ... Excuse me dear sir ... Will you be my sugar daddy??
Wait, as jpeg really? Why are they even doing this? This should be slow as hell even if cached by superfast cdn networks, just because too many images have to be sent.
Standard practice is sending 6-10 seconds of content per chunk. Because you know, how video compression works, (h264/h265 is standard for HLS) the compression algorithm doesn't store every frame, but only a few full frames and some data about what "changes" in next frame. So for 25 fps video, it would theoretically be a lot less to store and send compared to images. I don't understand what's the catch here to send images instead of small file segments. And those segments can still be cached by CDN's.
Yep, taken from their video.m3u8
Some other websites instead of jpeg, they use a mix of .css .js .png .gif .txt, etc. anything that CloudFlare wont detect as video
For me it instantly loads, and if I skip over its instant as well. Literally instant, no buffering. I can see its cached in my city, sub 2ms ping to CF.
Interesting. I am not in a position to openly browse and analyze this site right now, but from what I could see on my phone, it's sending around ~850(?) images for a 56 minutes video? normally this shouldn't be enough to play that long of a video. 850/25 is only ~35 seconds. Perhaps they are sending binary blobs just disguised with jpeg extension? Feel free to tell me if it interests you or you check it out more.
So just the file extension, but the actual content is video, not jpeg?
That makes a lot more sense then.
You would think they would be able to detect the content they are serving though, especially when they like to convert jpeg images to webp.
NOT jpeg, the file is "mpeg ts" stream format. For filename it could be anything as long as in the correct format. See my explanation above
Yea, its just h.264 video that has been cut into pieces, and renamed as jpeg. I checked the binary from a few chunks and amazingly even the header information is basic video format (and you can even spot FFmpeg in the first 2kb of the chunk lol)
Each Chunk seems to be between 12 to 18MB "jpegs", so they stay under a specific size and these probably align with i-frames in the video file?
For some reason Cloudflare does no checks on files... Maybe they do so much data, that checking every file eats too much resources. Makes sense, especially with images etc...
What i want to know more, is where they hell are they storing that amount of data. I was wrong, as the "HD" section alone has over 188k video's, so it was not 150k. The chunk i am looking at right now, was 720p but with a 3.5k bitrate. Rather high...
And yea, almost all seem to be full blown movies, as they all have 1.5 to 2.5h runtimes (on those that i researched
)...
So we are not talking 200TB but probably 500TB+ ... Cheapest i can find is probably around 1.2 Euro / TB, if you run your own servers, but anything cloud is expensive as hell. Think the cheapest is like China with Baidu Cloud, but that was still almost 3 dollar, and no way those files are hosted their unencrypted (Chinese cloud providers scan for porn and other "illegal" content). So at minimum they are paying 1.5k / month, but probably more for some backups or other failsafe in their data.