[CKAN-Security] Your CDN cache seem to be polluted

Adrià Mercader adria.mercader at okfn.org
Tue Sep 3 10:57:41 UTC 2019


Glad to hear it!

Thanks again

Adrià

On Tue, 3 Sep 2019 at 12:52, Masaki Hidano <masagon at info-lounge.jp> wrote:

> Hello Adrià,
>
> It seems to be working fine now.
> Thank you very much.
>
>
> 2019年9月3日(火) 19:40 Adrià Mercader <adria.mercader at okfn.org>:
>
>> Dear Masaki Hidano,
>>
>> Thanks very much for your report. We have just been recently dealing with
>> this problem on the hosting side. We've purged the CDN cache and ask for a
>> Google reindex but it might take a while to propagate.
>> Can you confirm if you are still getting malicious results on your end?
>>
>> Many thanks and apologies
>>
>> Adrià
>>
>> On Tue, 3 Sep 2019 at 12:31, Masaki Hidano <masagon at info-lounge.jp>
>> wrote:
>>
>>> Hello CKAN admin
>>>
>>> When I access to https://ckan.org/ in Japan with Accept-Language is ja,
>>> it's redirect to unrelated shopping web site.
>>>
>>> I think CDN cache in Japan (5106e1631fd72e1f-NRT) is polluted.
>>>
>>> <Good: Accept-Language=en>
>>> $ curl -s -D - -o /dev/null https://ckan.org  -H 'Accept-Language: en'
>>> *HTTP/2 200*
>>> date: Tue, 03 Sep 2019 10:01:08 GMT
>>> content-type: text/html; charset=UTF-8
>>> set-cookie: __cfduid=d7dac7acfc07186503a33d6db696a10911567504865;
>>> expires=Wed, 02-Sep-20 10:01:05 GMT; path=/; domain=.ckan.org;
>>> HttpOnly; Secure
>>> link: <https://wp.me/P7GnYI-mo>; rel=shortlink
>>> expect-ct: max-age=604800, report-uri="
>>> https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
>>> server: cloudflare
>>> cf-ray: 5106e1631fd72e1f-NRT
>>>
>>> <Bad: Accept-Language=ja>
>>> $ curl -s -D - -o /dev/null https://ckan.org  -H 'Accept-Language: ja'
>>> *HTTP/2 302*
>>> date: Tue, 03 Sep 2019 10:01:37 GMT
>>> content-type: text/html; charset=UTF-8
>>> set-cookie: __cfduid=da5370a7f633472a2f59a6457ab98675d1567504896;
>>> expires=Wed, 02-Sep-20 10:01:36 GMT; path=/; domain=.ckan.org;
>>> HttpOnly; Secure
>>> *location: http://www.vog79.com/ <http://www.vog79.com/>*
>>> expect-ct: max-age=604800, report-uri="
>>> https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
>>> server: cloudflare
>>> cf-ray: 5106e221ada3d641-NRT
>>>
>>>
>>> --
>>> ※2018年9月1日より株式会社になりました。
>>> ***********************************
>>> インフォ・ラウンジ株式会社 http://info-lounge.jp/
>>> 〒224-0032 横浜市都筑区茅ケ崎中央47-7 センターステージビル2F
>>> TEL: 045-482-4361 FAX: 045-345-0703
>>>
>>> 代表取締役社長 肥田野 正輝 masagon at info-lounge.jp (090-2620-2379)
>>> ***********************************
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "CKAN Security" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to security+unsubscribe at ckan.org.
>>> _______________________________________________
>>> CKAN security
>>> https://lists.okfn.org/mailman/listinfo/security
>>> https://lists.okfn.org/mailman/options/security/adria.mercader%40okfn.org
>>>
>>> Repo: https://github.com/ckan/ckan-security
>>
>>
>
> --
> ※2018年9月1日より株式会社になりました。
> ***********************************
> インフォ・ラウンジ株式会社 http://info-lounge.jp/
> 〒224-0032 横浜市都筑区茅ケ崎中央47-7 センターステージビル2F
> TEL: 045-482-4361 FAX: 045-345-0703
>
> 代表取締役社長 肥田野 正輝 masagon at info-lounge.jp (090-2620-2379)
> ***********************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.okfn.org/mailman/private/security/attachments/20190903/4e4f8c01/attachment-0001.html>


More information about the Security mailing list