Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Tracker-ish URLs found from "Awesome Screenshot" source code
https://chrome.google.com/webstore/detail/awesome-screenshot-captur/alelhddbbhepgpmgidjdcjakblofbmce
How many trackers does a single Chrome extension need?
Seven.
https://ssl.google-analytics.com/ (manifest.json, javascripts/cga.js)
https://cdn.extensionanalytics.com/ (manifest.json, javascripts/feedback.js)
https://pixel.getpaidfordata.com/ (manifest.json, background.html)
https://tags.crwdcntrl.net/ (manifest.json)
https://s.sitebeacon.co/ (javascripts/CDBC/CDBC.js)
https://collector.dataferb.com/ (javascript/DCM/cr-dcm-client.js)
http://lb.crdui.com/, http://t.crdui.com/ (javascripts/Tr/tr.js)
Probably wouldn't even have noticed if that last one wasn't sending my browsing history over the internet /in plain text/.
@fuzaylov

This comment has been minimized.

Show comment Hide comment
@fuzaylov

fuzaylov Jun 9, 2014

Thank you for posting this, I was wondering what collector.dataferb.com is. I was able to confirm it is initiated by chrome extension awesomescreenshot. As soon as I uninstalled it, requests to this domain have stopped.

fuzaylov commented Jun 9, 2014

Thank you for posting this, I was wondering what collector.dataferb.com is. I was able to confirm it is initiated by chrome extension awesomescreenshot. As soon as I uninstalled it, requests to this domain have stopped.

@bruno451

This comment has been minimized.

Show comment Hide comment
@bruno451

bruno451 Jun 30, 2014

Using Skitch, which is also a Chrome screenshot extension, I noticed frequent connexion requests to this domain. I'm keen to get some more info about it.

Using Skitch, which is also a Chrome screenshot extension, I noticed frequent connexion requests to this domain. I'm keen to get some more info about it.

@roanosullivan

This comment has been minimized.

Show comment Hide comment
@roanosullivan

roanosullivan Jul 11, 2014

This helped me too. Thanks!

(I would not have noticed if not for the Chrome extension "Postman Intercepter")

This helped me too. Thanks!

(I would not have noticed if not for the Chrome extension "Postman Intercepter")

@mig5

This comment has been minimized.

Show comment Hide comment
@mig5

mig5 Aug 10, 2014

It gets worse than that.

Some servers I manage were getting crawlers hitting urls with user-agent 'niki-bot'. The URLs were not publically accessible URLs - they were URLs of internal or administrative backend pages of various apps (such as Jenkins configuration URLs, which require staff authentication).

The nature of the URLs allowed us to pinpoint that they were all URLs visited by a specific user in the organisation. That user had installed this chrome extension 'awesomeschreesnot'.

In other words: not only is the extension tracking you, but they, or the advertisers they are selling the data to, return to conduct reconnaissance of all websites you visit, for who knows what purpose.

See another report of this by someone else: https://groups.google.com/forum/#!msg/google-appengine/jEihs3D7Gig/eM9xuJLfnRgJ

mig5 commented Aug 10, 2014

It gets worse than that.

Some servers I manage were getting crawlers hitting urls with user-agent 'niki-bot'. The URLs were not publically accessible URLs - they were URLs of internal or administrative backend pages of various apps (such as Jenkins configuration URLs, which require staff authentication).

The nature of the URLs allowed us to pinpoint that they were all URLs visited by a specific user in the organisation. That user had installed this chrome extension 'awesomeschreesnot'.

In other words: not only is the extension tracking you, but they, or the advertisers they are selling the data to, return to conduct reconnaissance of all websites you visit, for who knows what purpose.

See another report of this by someone else: https://groups.google.com/forum/#!msg/google-appengine/jEihs3D7Gig/eM9xuJLfnRgJ

@WhisperingWempe

This comment has been minimized.

Show comment Hide comment
@WhisperingWempe

WhisperingWempe Aug 11, 2014

Thanks! If I had not read the reviews @chrome Web Store I might have installed "Awsome Screenshot App"- I have also sent a notification form through the webstore, since I find such app behaviour unacceptable.

Thanks! If I had not read the reviews @chrome Web Store I might have installed "Awsome Screenshot App"- I have also sent a notification form through the webstore, since I find such app behaviour unacceptable.

@billythekid

This comment has been minimized.

Show comment Hide comment
@billythekid

billythekid Sep 9, 2015

Also seems to happen with the "Webpage Screenshot" extension.

Also seems to happen with the "Webpage Screenshot" extension.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment