Jump to content
SquallStrife

i2.wp.com ?

Recommended Posts

The placeholder avatars seem to be coming from a url that looks like this:

 

http:// i2.wp.com/atomicmpc.com.au/public/......

 

Is this expected?

Share this post


Link to post
Share on other sites

So they are... I never bothered to check, just thought they were the forum defaults for when you don't provide one yourself.

 

A lot of them have supplied avs though, e.g. http://forums.atomicmpc.com.au/index.php/topic/57454-rar-archive-error/

 

Possibly they got lazy and swapped to the generic ones at the same time they stopped changing their font.

Share this post


Link to post
Share on other sites

There are placeholders? In the entire time since this IPBoard went up, all I've seen is a black square. I just assumed it was showing the page underneath.

Share this post


Link to post
Share on other sites

Err... hang on.

 

Codecreeper has one of those avs, it's sourced from that place as well. Probably the default just points there.

Share this post


Link to post
Share on other sites

I only noticed because of this:

 

zzPIm43.png

 

Left is my home PC, viewed through RDP. Right is my work PC. They use OpenDNS at work, and i2.wp.com is on a blocklist "due to a security threat".

 

This only started happening this week.

 

The HTML actually calls for http:// www.gravatar.com/avatar/c4f9f6e1359e30459bdb792c5b1bf414?s=100&d=http%3A%2F%2Fforums.atomicmpc.com.au%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

 

But that link gets a 302 response that bounces to the i2.wp.com address.

 

Edit: Gonna guess that what's actually happened is nothing on Atomic's side, but actually OpenDNS has added i2.wp.com to their blacklist, maybe in response to an XSS attack of some description.

Edited by SquallStrife

Share this post


Link to post
Share on other sites

That explains why board avatars are not working. lolz

 

I was using the default avatars from other version of forums ,was supposed to work on these forums.

Edited by codecreeper

Share this post


Link to post
Share on other sites

i2.wp.com is a wordpress host.

It is.

 

But why is Atomic/Gravatar using it? And more interestingly, why is it on an OpenDNS malware blacklist? (esp. when wordpress.com is not)

Share this post


Link to post
Share on other sites

 

i2.wp.com is a wordpress host.

It is.

 

But why is Atomic/Gravatar using it? And more interestingly, why is it on an OpenDNS malware blacklist? (esp. when wordpress.com is not)

 

 

Could be associated with a hacking attempt into Atomic's login ,with Cyber's change password message it could be trying stop hacking into Wordpress too. Just a thought.

Share this post


Link to post
Share on other sites

Just update noscript its now reporting a dangerous cross site script on this site.

 

 

[NoScript InjectionChecker] JavaScript Injection in ///u/0/se/0/_/ 1/fastbutton?usegapi=1&size=small&count=false&hl=en-GB&origin=http://forums.atomicmpc.com.au&url=http://forums.atomicmpc.com.au/index.php/topic/57525-i2wpcom/&gsrc=3p&ic=1&jsh=m;/_/scs/apps-static/_/js/k=oz.gapi.en.cjMoLRgMYKE.O/m=__features__/am=AQ/rt=j/d=1/rs=AGLTcCNxRj05vz9TL38pdYLTAzt1mmgBfw#_methods=onPlusOne,_ready,_close,_open,_resizeMe,_renderstart,oncircled,drefresh,erefresh&id=I0_1458193946356&parent=http://forums.atomicmpc.com.au&pfname=&rpctoken=31793777
(function anonymous() {
_methods=onPlusOne,_ready,_close,_open,_resizeMe,_renderstart,oncircled,drefresh,erefresh /* COMMENT_TERMINATOR */
DUMMY_EXPR
})
[NoScript XSS] Sanitized suspicious request. Original URL [https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=small&count=false&hl=en-GB&origin=http%3A%2F%2Fforums.atomicmpc.com.au&url=http%3A%2F%2Fforums.atomicmpc.com.au%2Findex.php%2Ftopic%2F57525-i2wpcom%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en.cjMoLRgMYKE.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCNxRj05vz9TL38pdYLTAzt1mmgBfw#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1458193946356&parent=http%3A%2F%2Fforums.atomicmpc.com.au&pfname=&rpctoken=31793777] requested from [http://forums.atomicmpc.com.au/index.php/topic/57525-i2wpcom/]. Sanitized URL: [https://apis.google.com/#76880366355877147].
about:blank : Unable to run script because scripts are blocked internally.

Share this post


Link to post
Share on other sites

I don't think the avatars being hosted there are any direct problem.

It's probably been the case since the change to IP Board.

But yep, if the site is being flagged at a high level due to it being popular for hosting malware or spam assets, then it can mean false positives and some stuff breaking due to overprotective measures.

Share this post


Link to post
Share on other sites

 

 

i2.wp.com is a wordpress host.

It is.

 

But why is Atomic/Gravatar using it? And more interestingly, why is it on an OpenDNS malware blacklist? (esp. when wordpress.com is not)

 

 

Could be associated with a hacking attempt into Atomic's login ,with Cyber's change password message it could be trying stop hacking into Wordpress too. Just a thought.

 

 

Nothing has changed on our end that I'm aware of. And there has been no forum update either.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×