We are pleased to inform you that the temporary restrictions on our Spotters submission, deletion, and API services for users in Malaysia have now been lifted. All services are fully operational and available to users, regardless of ISP, as per normal.

All our services are back online as of 23 August 2023, and users should be able to access all our sites as usual.

Please take note that our Spotters submission, deletion, and API services are temporarily limited to users residing in Malaysia using locally certified Internet Service Provider (ISP) only until further notice.

Due to security measures, our Spotters submission, deletion, and API services are available to users residing in Malaysia using locally certified Internet Service Provider (ISP) only. If you are residing outside Malaysia, these services are suspended indefinitely and you are not allowed to use these service until further notice. Our other pages including main website is back in service.

We are currently experiencing technical issues on our official site. Users may not be able to visit the official site from now on until further notice. We apologize for any inconvenience caused and appreciate your understanding. Please stay tuned for further updates.

We have identified the attack source utilizing the following User Agents:

1. FeedValidator/1.3 (From AS3 MIT-GATEWAYS | US)
2. Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 SecurityHeaders (From AS14061 DIGITALOCEAN-ASN | US)

It appears the attackers manipulate Security Headers and the W3C Feed Validation Service to access our API. Consequently, we have blocked these User-Agents. As of August 17, 2023, 10:08 AM UTC+8, we've recorded 153.61k requests since August 16, 2023, 3:00 AM UTC+8.

The API access restrictions remain in place. Kindly await further updates; we apologize for any inconvenience caused.

As of August 16, 2023, 11:33 PM UTC+8, we have logged a total of 105.03k requests in the last 24 hours. This activity is highly unusual, considering there were only 403 unique visitors during the same timeframe. Currently, our CDN provider, Cloudflare, has automatically mitigated 46k of these requests.

Please stay tuned for further updates.

We have applied temporary rules to our Spotters and Rail Service Status API:

1. The mentioned APIs will only accept requests from Malaysian Telco IPs and Apple iCloud Private Relay connections.

2. Non-whitelisted IPs and Cloudflare WARP will encounter a 403 error.

These measures are temporary, and updates on the rule's removal will be provided here.

We are currently experiencing a DDoS attack targeting our Spotters and the Rail Service Status API. Please stay tuned for further updates.