All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

OpenAI Appears to Scrape Certificate Transparency Logs for New Websites to Crawl

By

pavel_lishin

5mo ago· 4 min readenInsight
Bagel score 95 of 100
95/100
Golden Brown
Bagelometer

Sesame, salt, and substance. A flagship bake.

Score95TypeanalysisSentimentneutral

Summary

A technical blog post describes how the author discovered that OpenAI appears to be scraping Certificate Transparency (CT) logs to find new websites to crawl. After minting a new TLS certificate, the author observed near-instantaneous requests from OpenAI's crawler to their server's robots.txt file, suggesting automated monitoring of CT logs for new domains to index.

Key quotes

· 3 pulled
I minted a new TLS cert and it seems that OpenAI is scraping CT logs for what I assume are things to scrape from, based on the near instant response from this:
Dec 12 20:43:04 xxxx xxx[719]: l=debug m="http request" pkg=http httpaccess= handler=(nomatch) method=get url=/robots.txt host=autoconfig.benjojo.uk duration="162.176µs" statuscode=404 proto=http/2.0 remoteaddr=74.7.175.182:38242 tlsinfo=tls1.3 useragent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome
I minted a new TLS cert and it seems that OpenAI is scraping CT logs for what I assume are things to scrape from, based on the near instant response from ...
Snippet from the RSS feed
lol. I minted a new TLS cert and it seems that OpenAI is scraping CT logs for what I assume are things to scrape from, based on the near instant response from ...

You might also wanna read

Understanding WebAuthn credential protection policy and discoverable credentials

This article explains the WebAuthn credential protection policy, specifically how developers can use the `residentKey` option to control whe

pilcrowonpaper.com·7d ago

Let's Encrypt's Challenge: Creating Intentionally Broken Certificates for Testing

Let's Encrypt, as a Certificate Authority, faces unique challenges in testing certificate validation systems. While most tools focus on main

letsencrypt.org·1mo ago

Website Uses Anubis Proof-of-Work System to Protect Against AI Scraping

The article explains that the website uses Anubis, a Proof-of-Work system similar to Hashcash, to protect against AI companies aggressively

wesnoth.org·1mo ago

Firefox 148 Introduces Standardized Sanitizer API for Enhanced XSS Protection

Firefox 148 introduces the standardized Sanitizer API as a security enhancement to protect against cross-site scripting (XSS) attacks. The n

hacks.mozilla.org·3mo ago

Website Blocks Old Browsers to Combat LLM Training Crawlers

A website owner explains that visitors are seeing an error message because their browsers are being blocked by anti-crawler measures. The si

utcc.utoronto.ca·3mo ago

Website Implements Anubis Proof-of-Work System to Block AI Scraping

The article explains that the website is using Anubis, a Proof-of-Work system similar to Hashcash, to protect against AI companies aggressiv

git.kernel.org·4mo ago