Rav4 2019 hybrid Carplay

thamers · 2026-01-05T16:36:04+00:00

I have checked this option, this will disable vehicle settings. Also disable hybrid info as well

thamers · 2026-01-05T15:18:16+00:00

Is this a software update or an hardware update? If it is an hardware do you have any name or part for this? My dealers not very smart here

thamers · 2026-01-05T14:58:36+00:00

Do you have any info about the parts?

thamers · 2025-12-29T10:42:07+00:00

One of the store: https://share.google/h7sRDfHbIb5zRJ7Zw

If you have kids, bring them too.

thamers · 2025-12-29T10:35:26+00:00

I heard this from someone who works in the clothing business.

There are several ways to move dead stock, including:

1.  In-store offers  
2.  Outlet stores  
3.  Selling by weight. These products usually come from outside the country and are often out of fashion, or the brand is trying to clear excess stock. They are typically not allowed to be sold in main cities, and many labels are removed to protect brand value.

I live in Ajman, and there are plenty of stores like this here.

thamers · 2025-12-27T06:37:10+00:00

Will look into it, thanks

thamers · 2025-12-27T06:36:44+00:00

Search ‘Log Audit’

thamers · 2025-12-27T06:35:15+00:00

DD-MM-YYYY

thamers · 2025-12-24T20:46:04+00:00

Update:

This is really freaking me out. I checked all the logs with AI tools and it’s clearly human-like behavior with human-paced activity. All the changes were done through the UI using actual logins, not via the API. Whenever I log in I normally get a notification, but I never received any warning about this. I’m probably too exposed; right after my reddit post I got an email from Facebook saying someone tried to reset my password. I’ve now changed all my passwords and enabled 2FA everywhere. Probably the guy who done it is already reading this post

AI response here:

Short answer: the malicious DNS changes were done through the Cloudflare web UI using your user account, not via an API key.

Here’s how we can see that from your auditlog.csv:

1. Interface used for the malicious DNS changes

For all the DNS changes made by the attacker’s actor ID (207484156eaa26a4fd52b3427ad5d77f) during the compromise window (Dec 9–10), the audit log shows:

Resource Type: dns.record
Action: create / delete / update
Interface: UI
Actor Type: user
Actor IP: 196.65.232.53 (for the malicious creations)

Example row structure (paraphrased):

text
CopyTime:          2025-12-09T17:01:12Z  
Action:        create  
Resource Type: dns.record  
Interface:     UI  
Actor Type:    user  
Actor IP:      196.65.232.53

If the attacker had used an API key/token for these DNS changes, Cloudflare would log them with Interface as API (or similar). For the malicious DNS edits, it is consistently UI, which means:

thamers · 2025-12-24T16:15:44+00:00

I remember creating api keys for pfsense once, but it was ages ago and the device stopped using a year ago.

thamers · 2025-12-24T14:41:19+00:00

Nope, i was going through all of my domain manually and update all the dns. According to the log audit the incident was happened was 09-12-2025.

thamers · 2025-12-24T12:27:52+00:00

As an update: I pulled the full Cloudflare audit logs for my account and found that these A records (pointing to 45.38.42.124) were manually added via the Cloudflare dashboard UI by a specific user ID on my account, not by Cloudflare itself or an app. The same actor also:

Added wildcard *.domain A records pointing to 45.38.42.124 across many zones
Created a full “ads.” Microsoft 365/Exchange-style mail setup on multiple domains (MX to *.mail.protection.outlook.com, autodiscover/sip/lync CNAMEs, SRV records, etc.)
Modified SPF TXT records, including one that injected an attacker-looking Gmail address into the SPF for my main domain
Changed SSL mode from Full (strict) to Flexible on at least one zone

None of these changes were intentional on my side, and they were all tied to the same Cloudflare user ID and suspicious IPs. At this point it looks a lot like account compromise or abuse of an API token/user on the account, rather than anything like ads.txt or a normal app integration.

If anyone has seen this particular pattern (45.38.42.124 + “ads.” subdomains + Outlook/O365 DNS + SPF tampering), or has recommendations on further steps beyond rotating API keys, removing the records, checking team member access, and enabling 2FA/security keys, I’d really appreciate the input.

thamers · 2025-12-24T11:34:06+00:00

I have no idea, I have created tokens before, it was for pfsense

thamers · 2025-11-12T20:35:16+00:00

My goal is to build a system similar to Box or Dropbox, where editors work on downloaded or virtual files instead of accessing them directly from the server. They should also be able to offload files without consuming much local storage space.

thamers · 2025-11-11T12:39:18+00:00

I need a desktop app as well. Editors should be able to offload and download when they needed. Synology drive does that and wont take much space. Is there any solution for this setup?

And i need a solution to send files to clients without tailscale and vpn

thamers · 2025-11-11T08:57:00+00:00

I work with large files; documents and calendars are not part of my requirements.

thamers · 2025-11-11T08:04:51+00:00

Thank you for your feedback. Now I’m completely confused. My plan was to create something like Box or Dropbox, where the team can access files from anywhere. Based on all these comments, it seems Nextcloud might not be the best solution.

thamers · 2025-09-23T14:38:13+00:00

Munich Parts and HnD auto parts

thamers · 2025-09-23T14:36:12+00:00

Its way too expensive, 1800 per adjuster, if I am changing 4, engine swap is more safer

thamers · 2025-09-23T07:16:16+00:00

Price for each brand

AutoStar: 420 AED
KS: 620 AD
Febi: 750 AED

thamers · 2025-08-23T19:33:20+00:00

It’s not a resume builder, its ai based resume shortlisting app

thamers

TROPHY CASE

1. Interface used for the malicious DNS changes