blog documentation FAQ followers forum marketplace services youtube

node-fetch client in log

The Jamroom Network » Forum » Using Jamroom » Page » node-fetch client in log
SteveX
SteveX
@ultrajam
7 years ago
2,584 posts
I have a few of these in the log today with a node-fetch client.

What I'm wondering is how does it find the url given that it has always been a private tracker item and has not been linked to from anywhere?

Quote: Message 404 Page not found: /steve/tracker/383/a-how-to-use-google-workbook
Date 21/03/17 06:04:20PM
IP Address 35.160.36.119
URL /steve/tracker/383/a-how-to-use-google-workbook
Memory 2MB
Data
Array
(
[_post] => Array
(
[_uri] => /steve/tracker/383/a-how-to-use-google-workbook
[module_url] => steve
[module] => jrTracker
[option] => 383
[_1] => 383
[_2] => a-how-to-use-google-workbook
[_profile_id] => 2
)

[referrer] => none
[client] => node-fetch/1.0 (+https://github.com/bitinn/node-fetch)
)



--
¯\_(ツ)_/¯ Education, learning resources, TEL, AR/VR/MR, CC licensed content, panoramas, interactive narrative, sectional modules (like jrDocs), lunch at Uni of Bristol. Get in touch if you share my current interests or can suggest better :)
updated by @ultrajam: 06/23/17 12:22:43AM
michael
@michael
7 years ago
7,719 posts
If its always been private and not linked to, hmmm.

My first guess that seams plausible would be spyware on your pc sending info back to a central location that controls the system that is using the node-fetch.

Other ideas:
Has that link ever traveled to you via email? sniffer on the routing servers seeing what urls pass through. which leads to the question, is it on https or http.

Just guesses, your thoughts?
SteveX
SteveX
@ultrajam
7 years ago
2,584 posts
Thanks Michael.

The site is on http. Nothing on my mac, but previously the site was sending tracker emails to someone elses pc so it could be that.

I'll keep an eye on it.


--
¯\_(ツ)_/¯ Education, learning resources, TEL, AR/VR/MR, CC licensed content, panoramas, interactive narrative, sectional modules (like jrDocs), lunch at Uni of Bristol. Get in touch if you share my current interests or can suggest better :)
SteveX
SteveX
@ultrajam
7 years ago
2,584 posts
I now have 17 of these Not Founds in the log since they started yesterday.

One of those pages has definitely never been emailed. It was a page I renamed and then deleted 5 minutes later whilst demonstrating something to a colleague (SteveH) whilst on my work pc. No link to the page would have appeared to a not logged in user - it remained unpublished until it was deleted.

All 17 do have some things in common though:
1. The IP addresses are all US Amazon addresses.
2. They are all either on the Steve profile or the SteveH profile. Bizarre!

Could these be something to do with the Backup module?

Thanks


--
¯\_(ツ)_/¯ Education, learning resources, TEL, AR/VR/MR, CC licensed content, panoramas, interactive narrative, sectional modules (like jrDocs), lunch at Uni of Bristol. Get in touch if you share my current interests or can suggest better :)
michael
@michael
7 years ago
7,719 posts
not sure about the backup module idea, the idea that jumps to me is, is there any external javascript links to external services.

If something was calling, say, google analytics, then google analytics would know the url. Any other external links that may be sending back that fetch bot to pickup more information for their records perhaps.
SteveX
SteveX
@ultrajam
7 years ago
2,584 posts
That would make sense, google analytics are in use on the site.

I will keep an eye on it and report back here if any new info comes to light.

Thanks


--
¯\_(ツ)_/¯ Education, learning resources, TEL, AR/VR/MR, CC licensed content, panoramas, interactive narrative, sectional modules (like jrDocs), lunch at Uni of Bristol. Get in touch if you share my current interests or can suggest better :)

Tags