From Public wiki of Kevin P. Inscoe
Jump to navigation
Jump to search
|
|
| (20 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| I have been using Web of Trust also known as "WoT" (https://www.mywot.com/) as a plugin for first Firefox and then 8 years ago when I switch to Chrome. Recently I noticed something I have been able to correlate back to WoT. I began noticing login failures to certain private web sites I administer that are sufficiently off the radar or in other words not indexed by means of [http://www.robotstxt.org/ robots.txt] file. This particular IP kept showing up in the web server logs shortly after I visited the sites which require authentication to access. The IP which I recognized as an Amazon Web Services owned IP block is 52.71.155.178. In short it looks like an [http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html Elastic IP] or an external IP for an AWS instance. If you reverse DNS lookup the IP address it belongs to [https://www.crunchbase.com/organization/kontera#/entity Kontera] ad crawler service. In June 2014 Kontera was acquired by [https://en.wikipedia.org/wiki/Amobee Amobee].
| | This page has moved to [[Journal:2016/04/12 2016/04/12 - Tuesday]]. |
| | |
| <pre>
| |
| $ dig +noall +answer -x 52.71.155.178
| |
| 178.155.71.52.in-addr.arpa. 300 IN PTR nat-service.aws.kontera.com.
| |
| </pre>
| |
| | |
| What is interesting is for a while I could not figure where these requests were coming from. They clearly ignore indexing rules and my robots.txt settings. I was concerned was I compromise in some way? Was it just my desktop? Thorough the process of elimination I noticed they stopped completely after I disabled the WoT plugin in ALL my computers. My Macbook, desktop and laptops. Even my wife's computer. Only after I did all of that did the requests completely disappear. This just started in March 2016.
| |
| | |
| So beware if you use WoT it is feeding Kontera in some way.
| |
Latest revision as of 17:19, 2 May 2016