[asplake]

Um, not sure I want to open that link. What does it do?

[bellyfullofbac]

Huh, press the "Find a Server" button, I can see in Developer Console it tries to connect to random IP addresses over http, returning "address invalid" or "address unreachable", I guess until it hits a valid IP with a live computer.

I wonder if some ISP's heuristics will flag someone's computer as part of a botnet...

[hsbauauvhabzb]

Microsoft or AWS may also use telemetry to flag you also.

[g3ol4d0]

Never thought of this. I constantly scan the internet using nmap, or similar, for pentest/bug bounty and never had a problem

[ALittleLight]

How are you pentesting without knowing the IPs of your in-scope targets?

[WJW]

If your scope is wide enough, everything is in-scope.

[g3ol4d0]

Some times you get a IP Range, or a domain-wide scope

[sodimel]

Here's the source: https://github.com/caioluders/server.casino

[aphroz]

It returns you a random server with port 80 or 443 open.

[wfriesen]

Just 80, it seems https://github.com/caioluders/server.casino/blob/354cec4c053...

That probably increases the odds that the servers it finds are "interesting"

[CountDrewku]

Not really.... almost all web servers with 443 will have port 80 open to function. Current browsers all still hit 80 first.

[savolai]

Not before you push the button on the page though.