Jump to content


Photo

i2.wp.com ?


Best Answer Chaos.Lady, 18 March 2016 - 06:46 AM

 

 

i2.wp.com is a wordpress host.


It is.

But why is Atomic/Gravatar using it? And more interestingly, why is it on an OpenDNS malware blacklist? (esp. when wordpress.com is not)

 

 

Could be associated with a hacking attempt into Atomic's login ,with Cyber's change password message it could be trying stop hacking into Wordpress too. Just a thought.

 

 

Nothing has changed on our end that I'm aware of.  And there has been no forum update either.

Go to the full post


  • Please log in to reply
12 replies to this topic

#1 SquallStrife

SquallStrife

    Really knows where his towel is

  • Atomican
  • 17,939 posts

Posted 16 March 2016 - 01:48 PM

The placeholder avatars seem to be coming from a url that looks like this:

http:// i2.wp.com/atomicmpc.com.au/public/......

Is this expected?
SyDjDDk.png [retro swim] | AzpUvwG.png @retroswimau | q5O6HgO.png +RetroSwim
四時半を待っています!

#2 Rybags

Rybags

    Immortal

  • Super Hero
  • 35,058 posts

Posted 16 March 2016 - 02:37 PM

So they are... I never bothered to check, just thought they were the forum defaults for when you don't provide one yourself.

 

A lot of them have supplied avs though, e.g. http://forums.atomic...-archive-error/

 

Possibly they got lazy and swapped to the generic ones at the same time they stopped changing their font.



#3 Cybes

Cybes

    Titan

  • Atomican
  • 18,055 posts
  • Location:Where I am

Posted 16 March 2016 - 02:53 PM

There are placeholders? In the entire time since this IPBoard went up, all I've seen is a black square. I just assumed it was showing the page underneath.

"Reality does not care what you think." - Dr Richard Feynman
"There is no "I" in team." - "True.  I will not be found in any team."


#4 Rybags

Rybags

    Immortal

  • Super Hero
  • 35,058 posts

Posted 16 March 2016 - 03:11 PM

Err... hang on.

 

Codecreeper has one of those avs, it's sourced from that place as well.  Probably the default just points there.



#5 SquallStrife

SquallStrife

    Really knows where his towel is

  • Atomican
  • 17,939 posts

Posted 16 March 2016 - 03:25 PM

I only noticed because of this:
 
zzPIm43.png
 
Left is my home PC, viewed through RDP. Right is my work PC. They use OpenDNS at work, and i2.wp.com is on a blocklist "due to a security threat".
 
This only started happening this week.
 
The HTML actually calls for http:// www.gravatar.com/avatar/c4f9f6e1359e30459bdb792c5b1bf414?s=100&d=http%3A%2F%2Fforums.atomicmpc.com.au%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

But that link gets a 302 response that bounces to the i2.wp.com address.

Edit: Gonna guess that what's actually happened is nothing on Atomic's side, but actually OpenDNS has added i2.wp.com to their blacklist, maybe in response to an XSS attack of some description.

Edited by SquallStrife, 16 March 2016 - 03:53 PM.

SyDjDDk.png [retro swim] | AzpUvwG.png @retroswimau | q5O6HgO.png +RetroSwim
四時半を待っています!

#6 codecreeper

codecreeper

    Champion

  • Atomican
  • 5,020 posts
  • Location:Adelaide, South Australia

Posted 16 March 2016 - 03:30 PM

That explains why board avatars are not working. lolz

 

I was using the default avatars from other version of forums ,was supposed to work on these forums.


Edited by codecreeper, 16 March 2016 - 03:31 PM.

Life is like a Straw , ...... it sucks.

 

 


#7 Jeruselem

Jeruselem

    Guru

  • Atomican
  • 14,034 posts
  • Location:Not Trump-Land

Posted 16 March 2016 - 04:23 PM

i2.wp.com is a wordpress host.


Having trouble with A [?]OS11.1?

 

2018 FIFA World Cup Russia - Australia in but Italy, Chile, Netherlands, USA = FAIL.


#8 SquallStrife

SquallStrife

    Really knows where his towel is

  • Atomican
  • 17,939 posts

Posted 16 March 2016 - 04:25 PM

i2.wp.com is a wordpress host.


It is.

But why is Atomic/Gravatar using it? And more interestingly, why is it on an OpenDNS malware blacklist? (esp. when wordpress.com is not)
SyDjDDk.png [retro swim] | AzpUvwG.png @retroswimau | q5O6HgO.png +RetroSwim
四時半を待っています!

#9 codecreeper

codecreeper

    Champion

  • Atomican
  • 5,020 posts
  • Location:Adelaide, South Australia

Posted 16 March 2016 - 07:17 PM

 

i2.wp.com is a wordpress host.


It is.

But why is Atomic/Gravatar using it? And more interestingly, why is it on an OpenDNS malware blacklist? (esp. when wordpress.com is not)

 

 

Could be associated with a hacking attempt into Atomic's login ,with Cyber's change password message it could be trying stop hacking into Wordpress too. Just a thought.


Life is like a Straw , ...... it sucks.

 

 


#10 codecreeper

codecreeper

    Champion

  • Atomican
  • 5,020 posts
  • Location:Adelaide, South Australia

Posted 17 March 2016 - 03:55 PM

Just update noscript its now reporting a dangerous cross site script on this site.

 

 

[NoScript InjectionChecker] JavaScript Injection in ///u/0/se/0/_/ 1/fastbutton?usegapi=1&size=small&count=false&hl=en-GB&origin=http://forums.atomic...ctoken=31793777
(function anonymous() {
_methods=onPlusOne,_ready,_close,_open,_resizeMe,_renderstart,oncircled,drefresh,erefresh /* COMMENT_TERMINATOR */
DUMMY_EXPR
})
[NoScript XSS] Sanitized suspicious request. Original URL [https://apis.google....ctoken=31793777] requested from [http://forums.atomicmpc.com.au/index.php/topic/57525-i2wpcom/]. Sanitized URL: [https://apis.google.com/#76880366355877147].
about:blank : Unable to run script because scripts are blocked internally.


Life is like a Straw , ...... it sucks.

 

 


#11 Rybags

Rybags

    Immortal

  • Super Hero
  • 35,058 posts

Posted 17 March 2016 - 04:05 PM

I don't think the avatars being hosted there are any direct problem.

It's probably been the case since the change to IP Board.

But yep, if the site is being flagged at a high level due to it being popular for hosting malware or spam assets, then it can mean false positives and some stuff breaking due to overprotective measures.



#12 Chaos.Lady

Chaos.Lady

    Goddess

  • Mod
  • 79,435 posts
  • Location:In your head

Posted 18 March 2016 - 06:46 AM   Best Answer

 

 

i2.wp.com is a wordpress host.


It is.

But why is Atomic/Gravatar using it? And more interestingly, why is it on an OpenDNS malware blacklist? (esp. when wordpress.com is not)

 

 

Could be associated with a hacking attempt into Atomic's login ,with Cyber's change password message it could be trying stop hacking into Wordpress too. Just a thought.

 

 

Nothing has changed on our end that I'm aware of.  And there has been no forum update either.


In the light universe I have been darkness. Perhaps in the dark zone I can be light...
 
Take the boat, promise me 
Never to tell
The secrets you know,
Of the Angel in Hell.


#13 SquallStrife

SquallStrife

    Really knows where his towel is

  • Atomican
  • 17,939 posts

Posted 18 March 2016 - 10:57 AM

So, it's as I suspected, and something has been added/changed on OpenDNS' end.

Cheers, Chaos!
SyDjDDk.png [retro swim] | AzpUvwG.png @retroswimau | q5O6HgO.png +RetroSwim
四時半を待っています!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users