-
-
Save mvirkkunen/89f61a06819530e48b53 to your computer and use it in GitHub Desktop.
| https://chrome.google.com/webstore/detail/awesome-screenshot-captur/alelhddbbhepgpmgidjdcjakblofbmce | |
| How many trackers does a single Chrome extension need? | |
| Seven. | |
| https://ssl.google-analytics.com/ (manifest.json, javascripts/cga.js) | |
| https://cdn.extensionanalytics.com/ (manifest.json, javascripts/feedback.js) | |
| https://pixel.getpaidfordata.com/ (manifest.json, background.html) | |
| https://tags.crwdcntrl.net/ (manifest.json) | |
| https://s.sitebeacon.co/ (javascripts/CDBC/CDBC.js) | |
| https://collector.dataferb.com/ (javascript/DCM/cr-dcm-client.js) | |
| http://lb.crdui.com/, http://t.crdui.com/ (javascripts/Tr/tr.js) | |
| Probably wouldn't even have noticed if that last one wasn't sending my browsing history over the internet /in plain text/. |
Using Skitch, which is also a Chrome screenshot extension, I noticed frequent connexion requests to this domain. I'm keen to get some more info about it.
This helped me too. Thanks!
(I would not have noticed if not for the Chrome extension "Postman Intercepter")
It gets worse than that.
Some servers I manage were getting crawlers hitting urls with user-agent 'niki-bot'. The URLs were not publically accessible URLs - they were URLs of internal or administrative backend pages of various apps (such as Jenkins configuration URLs, which require staff authentication).
The nature of the URLs allowed us to pinpoint that they were all URLs visited by a specific user in the organisation. That user had installed this chrome extension 'awesomeschreesnot'.
In other words: not only is the extension tracking you, but they, or the advertisers they are selling the data to, return to conduct reconnaissance of all websites you visit, for who knows what purpose.
See another report of this by someone else: https://groups.google.com/forum/#!msg/google-appengine/jEihs3D7Gig/eM9xuJLfnRgJ
Thanks! If I had not read the reviews @chrome Web Store I might have installed "Awsome Screenshot App"- I have also sent a notification form through the webstore, since I find such app behaviour unacceptable.
Also seems to happen with the "Webpage Screenshot" extension.
Is this still the case with the "relaunched" Awesome Screenshot (https://www.awesomescreenshot.com)?
https://chrome.google.com/webstore/detail/awesome-screenshot-screen/nlipoenfbbikpbjkfpfillcgkoblgpmj
Thank you for posting this, I was wondering what collector.dataferb.com is. I was able to confirm it is initiated by chrome extension awesomescreenshot. As soon as I uninstalled it, requests to this domain have stopped.