Tracker pixels are surprisingly commonly used by legitimate senders… your bank, your insurance company, any company you patronize. These assholes hide a 1-pixel image in HTML that tracks when you open your email and your IP (thus whereabouts).

I use a text-based mail client in part for this reason. But I got sloppy and opened an HTML attachment in a GUI browser without first inspecting the HTML. I inspected the code afterwards. Fuck me, I thought… a tracker pixel. Then I visited just the hostname in my browser. Got a 403 Forbidden. I was happy to see that.

Can I assume these idiots shot themselves in the foot with a firewall Tor blanket block? Or would the anti-tor firewall be smart enough to make an exception for tracker pixel URLs?

  • CameronDev
    link
    fedilink
    arrow-up
    4
    ·
    24 days ago

    Its not a browser thing, its HTTP. The return codes are specific to the request, not the server.

    GET example.com could validly return 403, while GET example.com/tracking123.gif returns 200 or anything else.