07-08-2025, 06:56 AM
I did a deep dive into their backend behavior over the past couple weeks using a combination of network traffic interception and local environment fingerprinting. I configured a TLS-intercepting proxy and routed all board traffic through a controlled environment. What I found was that the site is actively harvesting IP addresses and pushing metadata to third-party endpoints disguised as CDN calls. Specifically, there's a persistent connection established after page load that quietly sends a JSON payload containing your IP, browser fingerprint, viewport dimensions and a detailed interaction history (clicks, scroll depth, dwell time etc). The request is deliberately delayed using randomized timeouts to avoid showing up in standard DevTools inspection. I also deobfuscated some of the front-end JavaScript and confirmed they're using a modified canvas fingerprinting library that combines multiple entropy sources, including audio context and WebGL rendering. What's more is that this data is being exfiltrated to a tracking domain under a separate ASN registered to a known data broker.
For people posting anything remotely sensitive there, just be aware your activity is being quietly monitored and sold off-platform.
For people posting anything remotely sensitive there, just be aware your activity is being quietly monitored and sold off-platform.
