A weird and disturbing thing is happening on my home network. I’d like some advice on how to diagnose it. My mastodon host (chaos.social) keeps blocking my IP address. I reached out to the admins and they told me it’s because they are getting HTTP requests with user agent string claiming it’s a Google bot. They shared a following log line with me.

[12/Mar/2025:08:55:14 +0100] my.ipv4.add.ress "GET /@lazurski HTTP/2.0" 403 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)

It is my IP address indeed, and the path is pointing to my profile, so it’s not random. It also happened while I was browsing Mastodon using Firefox on my laptop. The 403 response is strange, as I was logged in and also my profile is public and viewing it doesn’t require authentication. Maybe they blocked it because of the bot signature?

I have no idea what can be making these requests. Certainly not anything I run on purpose. My Firefox uses it’s standard user agent header. At home I have a few devices. At the time of this request I believe only the following were on:

• my laptop running NixOS and Firefox (I was actively using it when I got blocked)
• a RaspberryPi home server running NixOS
• my Android phone running Tusky (a 3rd party Mastodon client)
• a broadband router with stock software

I think I can exclude the phone from the suspects, because while the home IP is blocked I use my mobile network connection to access chaos.social and this IP is never blocked. I don’t think it’s the home server or the router. My suspicion is on Firefox extensions. I only use a few of them:

• Firefox DevTools ADB Extension
• Firefox Multi-Account Containers
• GNOME Shell integration
• Privacy Badger
• uBlock Origin
• Vimium

How can I troubleshoot it? I tried about:logging with networking preset, collected a ton of logs, but couldn’t figure out what to do with it. Or maybe it’s something completely different? 🤔