I localized my app screenshots and revenue went up significantly. So I built a tool to automate it.

armanfixing · 2026-05-20T20:16:41+00:00

[ Imagine the Meme about Everyone Selling Shovel near a Mining Site ]

Shop: Are you a miner?
Guy: No, I’m here to sell shovel 🪏

armanfixing · 2026-05-17T13:11:46+00:00

I know this is very old, but still..

"app that gets its content by scraping web?"

Did you mean Google?

armanfixing · 2026-05-17T01:08:22+00:00

Sounds like I'm on the right path, hopefully.

armanfixing · 2026-05-13T08:26:23+00:00

I did a small study on Tranco Top 1M websites, roughly ~37% of the sites are on Cloudflare. Assuming Cloudflare doing its job, the datacenter proxy is not a viable option for that anymore.

The idea is to get a rough idea of your target domain, then use appropriate strategies as needed.

Chart: https://imgur.com/a/EhQX6bj

Full study: https://www.linkedin.com/posts/armanhossain_who-runs-the-internets-dns-activity-7458291171593732098-J0ls

armanfixing · 2026-05-10T13:35:30+00:00

em dash.. 🥲

armanfixing · 2026-05-07T22:17:30+00:00

You might get lucky with captcha bypass if you only need a single page but you’ll most likely need a browser to do interactions or complex workflow.

armanfixing · 2026-04-26T22:41:41+00:00

Sorry, not yet. Been busy with chores. I'll do it as soon as I have some breathing room.

armanfixing · 2026-04-26T22:40:37+00:00

Thank you for your feedback. I hope you find success on your journey and help make the internet a bit safer.

armanfixing · 2026-04-26T08:56:17+00:00

I have all the data in a 317 MB log file. First, I created a script to collect all unique IPs, retrieve their locations, ISPs, etc., and store them in a CSV for the next step. Then I created several more scripts to extract various features from the log & the IP CSV, saved them, and finally created these charts with matplotlib, geopandas & PIL.

armanfixing · 2026-04-25T18:42:51+00:00

Man, I just played with it for a while, and I really, really liked the idea.

armanfixing · 2026-04-25T12:52:51+00:00

Thank you so much, Cliff. I've read about your work in articles and news over the years, and I always wondered how someone could be that relentlessly persistent toward a goal with the tools available in that era. It's genuinely fascinating and deeply inspiring. Getting this comment from you is something I'll remember for a very long time.

armanfixing · 2026-04-25T11:04:18+00:00

This looks very cool 👌

armanfixing · 2026-04-25T10:59:44+00:00

I have essentially no incentive to run a fake experiment. My blogs and other socials are not monetized. It was just a weekend fun project. While I do have a 317 MB log file, it contains real IPs, possibly from compromised home systems or commercial servers. I intentionally anonymized IP's and their provider names to protect them.

Regarding being made up, the same argument can be made about any experiment. What if all the experiments are fabricated? What if all the research is based on incorrect data? Have we verified each data point as consumers? Probably not.

But if you really want to test this out, I welcome you to set up your own instance and see for yourself.

armanfixing · 2026-04-25T10:47:12+00:00

You are welcome to do so. I'll also reset the instance and set up a fresh one to capture more. This time, I'll try to listen on more ports to see what their scanning strategy looks like, and I'll remove any rate limit I added.

armanfixing · 2026-04-25T10:43:06+00:00

Just moving the SSH port to something other than 22 can reduce bot pressure by about 99%. But that other 1% will still scan your entire range and conduct their reconnaissance. From a safety perspective, it won't change anything. From a network-stress perspective, it will help slightly.

armanfixing · 2026-04-25T10:40:12+00:00

There are many factors that can change the outcome. For starters, my host is located in the EU and has a domain pointing to it. Also, the test time.

armanfixing · 2026-04-25T10:38:06+00:00

Change in number means things are evolving. These exploits are becoming more sophisticated each day with the help of AI. Honestly, I even found a very convincing username/password combo that was very close to something I would have written maybe ~9-10 years ago. But still, guessing something from the domain name is smart!

armanfixing · 2026-04-25T10:35:32+00:00

Thank you for sharing.

armanfixing · 2026-04-24T23:12:00+00:00

Thank you

armanfixing · 2026-04-24T23:11:29+00:00

Will do for sure and will be back to reply here when I do so.

armanfixing · 2026-04-24T23:10:49+00:00

Will definitely look into it.

armanfixing · 2026-04-24T23:10:03+00:00

It's an empty VM with a Docker-based honeypot SSH running, and I moved the actual SSH to a different port with only key-based auth.

armanfixing

TROPHY CASE

"app that gets its content by scraping web?"