GoDaddy/Sucuri appears to be blocking the submission form for (some?) IP addresses

[rootwork]

Edit: This isn't just about the script. https://prolifewhistleblower.com/anonymous-form is blocked for me from a normal browser. Not sure how widespread this is, or if it's because of the website being about to be dropped from GoDaddy.

--

I first thought this was just because I was behind a VPN, but I tested both with and without the VPN, and I'm getting the same failure either way. When I have the VPN on, the response has its IP address; when I have the VPN off, the response has my actual IP address. Unless it used some other fingerprint on me when it saw my initial request was from a VPN, and identified me even from a different IP?

Anyway here is what I got after successfully completing the CAPTCHA. Happened in both Chromium and Firefox, on Linux.

17:44:17 bot.logger - [DEBUG] Did not find nonce.
17:44:17 bot.logger - [DEBUG] 403
17:44:17 bot.logger - [DEBUG] {'Server': 'Sucuri/Cloudproxy', 'Date': 'Sat, 04 Sep 2021 00:44:17 GMT', 'Content-Type': 'text/html', 'Transfer-Encoding': 'chunked', 'Connection': 'keep-alive', 'X-Sucuri-ID': '11004', 'X-XSS-Protection': '1; mode=block', 'X-Frame-Options': 'SAMEORIGIN', 'X-Content-Type-Options': 'nosniff', 'Content-Security-Policy': 'upgrade-insecure-requests;', 'X-Sucuri-Block': 'PAR010'}

And the HTML, which is easy enough to just read (IP address removed):

<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
<link rel="stylesheet" href="https://cdn.sucuri.net/css/whitelabel/typography.css?611e1e2" />
<link rel="stylesheet" href="https://cdn.sucuri.net/css/whitelabel.css?611e1e2" />
<link rel="stylesheet" href="https://cdn.sucuri.net/css/whitelabel/buttons.css?611e1e2" />
<link rel="stylesheet" href="https://cdn.sucuri.net/css/whitelabel/footer.css?611e1e2" />
<link rel="stylesheet" href="https://cdn.sucuri.net/css/whitelabel/header.css?611e1e2" />
<link rel="stylesheet" href="https://cdn.sucuri.net/css/fonts.css" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>GoDaddy Security - Access Denied</title>
</head>
<body>
<header class="app-header clearfix">
<div class="wrap"><a href="https://www.godaddy.com/" class="logo"></a>
<span class="logo-neartext">Security</span>
</div>
</header>
<section class="center clearfix"></section>

<section class="app-content access-denied clearfix"><div class="box center width-max-940"><h1 class="brand-font font-size-xtra no-margin"><i class="icon-circle-red"></i>Access Denied - GoDaddy Website Firewall</h1>
<p class="medium-text code-snippet">If you are the site owner (or you manage this site), please whitelist your IP or if you think this block is an error please <a href="https://supportx.sucuri.net/" class="color-green underline">open a support ticket</a> and make sure to include the block details (displayed in the box below), so we can assist you in troubleshooting the issue. </p><h2>Block details:</h1>
<table class="property-table overflow-break-all line-height-16">
<tr>
<td>Your IP:</td>
<td><span>XXX.XXX.XXX.XXX</span></td>
</tr>
<tr><td>URL:</td>
<td><span>prolifewhistleblower.com/wp-admin/admin-ajax.php</span></td>
</tr>
<tr>
<td>Your Browser: </td>
<td><span>Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.58 Safari/537.36</span></td>
</tr>
<tr><td>Block ID:</td>
<td><span>PAR010</span></td>
</tr>
<tr>
<td>Block reason:</td>
<td><span>Your request was not allowed (site lock down mode).</span></td>
</tr>
<tr>
<td>Time:</td>
<td><span>2021-09-03 20:44:17</span></td>
</tr>
<tr>
<td>Server ID:</td>
<td><span>11004</span></td></tr>
</table>
</div>
</section>

<footer class="app-footer clearfix"><span>Copyright &copy; 1999 &ndash; 2019 GoDaddy Operating Company, LLC. All rights reserved.</span>
<span class="padding-left-25"><a href="https://www.godaddy.com/Agreements/Privacy.aspx" class="underline" target="_blank" rel="nofollow noopener">Privacy Policy</a></span>
</footer>
</div>
</body>
</html>

Feel free to update the title of this report if what I'm assuming is inaccurate, or close it if somehow it's just me.

[rootwork]

https://prolifewhistleblower.com/anonymous-form itself is being blocked. Is this widespread?

[TheLandfill]

I tried and I got that it was in "Site Lockdown Mode".

[cat-turner]

I tried changing my internet source (mobile) and I was blocked. I think they are blocking everyone.

[Rolling2405]

@SeanDaBlack Just tried the IOS shortcut and got an error! Screenshot

Please update the Shortcut app and the apps for other platforms. We must keep fighting!

[ramblingjordan]

There have definitely been efforts to block IPs from outside the state and/or known VPNs.

We have new repos where we're actively developing here:

• Python Bot - https://github.com/ramblingjordan/AbBOT-python
• iOS Shortcut - https://github.com/ramblingjordan/AbBOT-iOS-shortcut
• Chrome Extension - https://github.com/ramblingjordan/AbBOT-chrome-extension
• Android App - https://github.com/ramblingjordan/AbBOT-android
• Web Site - https://github.com/ramblingjordan/AbBOT-frontend
• API - https://github.com/ramblingjordan/AbBOT-api

You can also speak with developers and get support on the discord server here: https://discord.gg/PrAWWCCpDg

Closing as this is a known issue, but appreciate the thorough write up!