I highly doubt this is an actual seizure. This is the same image they used for their 2018 April Fools prank and faked a domain seizure.

I know :))) But take into consideration that today is not the first of April. This event can also mean that the website was breached or that some admin just made a mistake

>This is the same image they used for their 2018 April Fools prank and faked a domain seizure.

The FBI is seizing domains for April Fools Day pranks? Does anyone else think that's an overreach?

I think they mean the website put up a fake seizure notice.

It actually is not the same image that was used in the April Fools prank. I believe this is either a legitimate seizure, or someone hacked the site. It is far more likely that this is an actual seizure, as their means of contact are all down and their Twitter account is silent.

Quick question, who makes that embedded image, the FBI? It has a specific WeLeakInfo logo on it, so it's not just a standard image they can reuse with each domain seizure.

My assumption is that it's an exported slide from an FBI powerpoint presentation.

Hah. That's good.

I think it's interesting they embed the image as base64. I guess a single file deployment is easier.

The background might be a standard template, and they just have someone paste a logo onto another layer.

The question I have is why paste it in as a data URL rather than just upload the image to the server, if they control the server?

Maybe they do not control the origin server, only the domain and it would be easier just to redirect everyone using DNS.

So the FBI controls the server to which the domain now points ...

Easier to just have all requests respond with exactly the same HTTP response, or something, based on the requested domain.

They are not so consistent with what image they use for seized domains but in some cases like this one they use the website's logo.

The logos of the law enforcement agencies probably change every time as well. This one shows the logos of German, English, Irish, Dutch and US law enforcement agencies.

I assume they made a custom one in this case because they wanted/needed to highlight their international collaborators for this investigation.

Confirmed by the Justice Department.

https://www.justice.gov/usao-dc/pr/weleakinfocom-domain-name...

What was it before?

A website that sold/publish personal info mostly e-mail/username and password combos.

the difference is that selling the information itself is technically illegal, but since these databases were leaked online you're only providing access to view them in a format which isn't necessarily illegal but governments can force their way to shutting them down. next best thing is for WLI or their next counterpart to just crop up a domain in Luxembourg.

That seems like a distinction without a difference.

I've used them before to lookup my own addresses and see how up to date the passwords. HIBP is great but sometimes you get hits for accounts you never remember making or were made as some one-off forever ago. It's helpful to see what actually got leaked, though obviously there are those using it for nefarious purposes.

Shouldn't that return an HTTP 451?

To be honest, it just makes more sense to use a image rather than a HTTP error return for the regular user to see and understand what is going on at the moment with said website.

Nothing preventing you from doing both.

I've heard that an HTTP 451 is for when a country prohibits your service in their country. Like, if you wanted to access a VPN providers website in a country where they cannot do business, the provider would return a 451 to indicate they are not allowed to serve your request.

Have there been other cases where government seized websites return a 451?

Collaboration betwen the FBI, Germany's BKA, UK's NCA, and Netherland's KLPD? That's surprising.

Interesting that the Police Service of Northern Ireland are also involved!

ha! here to comment the same

Your free speech doesn't extend to someone else's rights. In this case they were selling other people's account credentials to bad actors who wanted to misuse those credentials.

"Free speech advocates" should rightfully stay away from defending obviously illegal and immoral behaviour that causes actual harm. There's no abuse of power here; it was rightfully shuttered.

That argument suggests libraries should pull copies of "The Anarchist's Cookbook", doesn't it? If the misuse is being done by the purchasers, not the broker, why does the broker's site get seized?

The Anarchist's Cookbook was not trafficking in stolen goods. The stolen data may not have been hosted on this site directly, but it was certainly knowingly trafficking the data.

Speaking for myself as a free speech advocate, this looks to be an appropriate and correct use of government power.

should i be worried that i have used this site

If you have used the site for illegal reasons, then you bet your ass you should be worried.