Assuming this referrer is truly from Scansafe.
I don't know how this Scansafe works, are they trying (or their client) or have they blocked that page for some reason? If so, for what? And I can't find a way to check up on their website. By the way, their website has a big chuck Flash.
Because it is a referrer, therefore someone must be viewing that page and its URL is that looooooooooooooong. Only a few days ago, I posted about not so good URLs, Google Search's is long, but this Scansafe's is a real champion.
I have to mask portions of the screenshot, I didn't try to decrypt it, but someone maybe want to and they maybe own malicious websites, which certainly will be qualified dangerous website and whoever uses Scansafe will check out. It is like reverse-honeypot.
That cryptic long text may contain encrypted sensitive information or not, but I will guess it does not. You hardly will see URL mis-include sensitive information nowadays.
There is one more thing is strange, that is HTTP. I think HTTPS will not be sent in referrer header. I am not sure about this, never thought about this part, have to check the spec. or something. Anyway, Scansafe is a security product, then how come it is only a HTTP connection when a client needs to be ensured with the maximal security while they are using Scansafe website?
Of course, the stuff above is assuming the referrer is legitimate. What if it is not, it is bogus? Then the question is who sent that and why.
If it was sent by Scansafe for whatever testing or checking purpose, then they become bad bots; if it was sent by someone else, then what's the purpose to impersonate Scansafe? Which I don't have an answer for that.
Off-topic: What is a good way to block by specific Referrer on Blogger? Seems that JavaScript is the only way. But it is not real blocking, but masking content when certain referrer is matched.
I don't know how this Scansafe works, are they trying (or their client) or have they blocked that page for some reason? If so, for what? And I can't find a way to check up on their website. By the way, their website has a big chuck Flash.
Because it is a referrer, therefore someone must be viewing that page and its URL is that looooooooooooooong. Only a few days ago, I posted about not so good URLs, Google Search's is long, but this Scansafe's is a real champion.
I have to mask portions of the screenshot, I didn't try to decrypt it, but someone maybe want to and they maybe own malicious websites, which certainly will be qualified dangerous website and whoever uses Scansafe will check out. It is like reverse-honeypot.
That cryptic long text may contain encrypted sensitive information or not, but I will guess it does not. You hardly will see URL mis-include sensitive information nowadays.
There is one more thing is strange, that is HTTP. I think HTTPS will not be sent in referrer header. I am not sure about this, never thought about this part, have to check the spec. or something. Anyway, Scansafe is a security product, then how come it is only a HTTP connection when a client needs to be ensured with the maximal security while they are using Scansafe website?
Of course, the stuff above is assuming the referrer is legitimate. What if it is not, it is bogus? Then the question is who sent that and why.
If it was sent by Scansafe for whatever testing or checking purpose, then they become bad bots; if it was sent by someone else, then what's the purpose to impersonate Scansafe? Which I don't have an answer for that.
Off-topic: What is a good way to block by specific Referrer on Blogger? Seems that JavaScript is the only way. But it is not real blocking, but masking content when certain referrer is matched.
0 comments:
Post a Comment