Don't you love it when you take a look at a company frontend React code and GraphQL queries and they say you are hacking them? 🤔🤦🏻‍♂🤣

Wait... Do they sound like they don't want you to tell them their security vulnerabilities...

Like wtf? Shhhhh we don't want to hear how bad everything is

Did you tell them something?

They should just not bother building in any security.

People can't get around it if there is none ;)

Please be to not hacking us. It expensive to hide breach from regulators, many bribes.

How did they know it was you?

@NoMad they don't. That's how dumb they are. At most they see that there's one Portuguese IP in the apache/nginx logs. Proves nothing.

@N00bPancakes didn't even reply. They don't deserve a reply.

@rodrigograca31 well, A. you used a static IP address. and B. They are recording IP addresses and associated activities. which I don't think is very legal under GDPR.

Also, this is why you should use tor for investigation.

@NoMad as long as you have a pupouse which is clearly stated, like preventing instrusion, its not at all illegal to store anything according to GDPR. Especially not an IP-address.

@Mislead not just storing the IP address, but storing who uses which IP address, is misleading. He could literally email back and say "Hey, Sorry, that's not my IP address. I use a public network" and then see how much info they have actually stored of his activity by the response they give. Unless... He was logged in while trying to do his "investigation" in which case they have the right to tell him they basically don't want him to use their service a certain way... which is still a gray area because you should be able to use a service as you want, as long as you're not hurting anybody. Imagine if the company that makes your pen, say "no, you shouldn't write with it".

@subspace
@lmgtfy how to detect devtools open

@010001111
https://lmgtfy.com//...