leroymerlin.fr / sncf-connect.com CAPTCHA and then blocks
Categories
(Web Compatibility :: Site Reports, defect, P1)
Tracking
(Not tracked)
People
(Reporter: gerard-majax, Unassigned)
References
()
Details
(Keywords: webcompat:needs-contact, webcompat:needs-diagnosis)
User Story
platform:windows,mac,linux,android impact:site-broken configuration:general affects:some
Attachments
(2 files)
STR:
- Reach https://www.leroymerlin.fr/
- CDN reports you are on the same network as a bot (?)
- Solve CAPTCHA
- "You're blocked"
I'm not using a VPN, just plan Orange FR FTTH.
Repro on:
- Nightly Linux desktop (Android is fine for me) upto 2023-04-13 according to mozregression
- Current stable (snap) still shows CAPTCHA but grants access, as well as under Chromium
Running mozregression got me this https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=a445f1762c895000bcdabd9d95697522359d41ed&tochange=5c9aa60ea6f47114a9367f56c50cd13299aa1d29
No enhanced tracking protection as much as I know, no uBlock enabled, repro in private window with tracking protection disabled, wondering how much it might be similar to bug 1840235, given it repros back in time and I clearly accessed the website a few days/weeks ago from the same IP and computer...
Reporter | ||
Comment 1•21 days ago
|
||
Reporter | ||
Comment 2•21 days ago
|
||
Reporter | ||
Comment 3•21 days ago
|
||
Looks like the error is served from https://geo.captcha-delivery.com/captcha/?initialCid=[...]==&hash=[...]&cid=[...]&t=fe&referer=https://www.leroymerlin.fr/&s=[...]&e=[...]&dm=cd
Reporter | ||
Comment 4•21 days ago
|
||
And the 403 occurs on the leroymerlin.fr server, reporting LMCDN
Reporter | ||
Comment 5•21 days ago
|
||
$ host www.leroymerlin.fr
www.leroymerlin.fr is an alias for j.sni.global.fastly.net.
j.sni.global.fastly.net has address 199.232.170.132
Reporter | ||
Comment 6•20 days ago
|
||
This morning it's working? Did they react to my support message request on the blocking page ?
Comment 7•19 days ago
|
||
This site is another site hosted by Fastly, and we've seen a bunch of those reports. Let's add a KB bug and try to reach out.
Reporter | ||
Comment 8•19 days ago
|
||
I also saw reports about Intermarché: https://mamot.fr/deck/@LaurentChemla@piaille.fr/112319351773058388
Reporter | ||
Comment 9•18 days ago
|
||
Now happening on sncf-connect, which is going to be really really complicated ...
Reporter | ||
Comment 10•18 days ago
|
||
They all seem to use geo.captcha-delivery.com
service
Comment 11•18 days ago
|
||
Dennis, do you know if we have contacts at captcha-delivery?
Comment 12•17 days ago
|
||
That is Fastly. I'm trying to find a contact.
Comment 13•15 days ago
|
||
I alerted a friend at Fastly.
Updated•11 days ago
|
Comment 14•5 days ago
|
||
This issue was fixed upstream, so there's nothing left for us to do here. Closing.
Description
•