Someone pretends he doxxed me. I think he's bluffing. What do you think?

The guy says he’s been able to find the email address I used to comment on some blogs, just by looking up the relevant web pages on Wayback Machine or similar tools.

He alleges such tools allow hackers to see “behind” the Web page, so to speak, and extract the email address which is only supposed to be accessible to the blog author.

I’ve never heard of such a hack. I think he’s just trolling. Is that even possible ? Have you ever heard of anything like that ?

1 Like

I highly doubt it is for real, the wayback machine gets only the web content that is publicly accessible, they have no deal with hosting providers to my knowledge so unless the web is exposing your mail publicly then you should be ok. Maybe they exposed it but hidden with css, I dunno

1 Like

My mail is not accessible publicly. I just gave those blogs the username + email combo that’s usually required to comment (or it even might be optional, depending on the blog).

What do you mean by “exposed but hidden with css” ? Does that ever happen ? Would it have any purpose at all ? Many blogs take care to stress that the email you’re registering is for their eyes only – as everybody assumes.

Normally, data like e-mail addresses is stored in databases. In most cases, these databases aren’t directly accessible for clients like your web browser. They are accessed by web applications (including content management systems). Web applications get content from these databases and mix it with HTML/CSS to send it to your web browser.

So normally it shouldn’t be possible for anybody to get e-mail addresses by looking at some internet archives. Internet archives are also not able to directly access databases.

Of course, some websites could use custom web applications that load your e-mail address in hidden areas of the website. However, this sounds very unlikely.

2 Likes

That sounds doubtful, unless some blog was careless and exposed emails. Have you gone to the Wayback yourself to look at the archives of these blogs? Just go there then use the “View page source” function of your browser to see the webpage code. Search the code for any @ symbols for emails.

1 Like

That’s what I thought. Thanks a lot.

It seemed very unlikely that Wayback Machine could serve as a substitute for hacking a blog, or other websites.

2 Likes

Yes, I used Wayback Machine myself to check. But it have not used View Page Source. I’m off checking this as well, thank you.

Are there any similar archiving tools that I should look up ? To my understanding, Archive Today can only be used to deliberately archive a Web page, so you cannot generally look up old sites.

If they doxed you, where did they post it? Usually it’s on a pastebin or a site like Doxbin (most notoriously).

In that case, it was not supposed to have reached that stage. Only the stage of “I’ve got that mail you wanted to hide, I can do some funny stuff with it and I could even get more if I wanted”.

As an aside, I tried to look into the source of one of the webpages. First time I did such a thing. I did not find any email or other hidden information. But that seems to be a very complex tool to use.

2 Likes