Seeing lots of these in my web server logs:
which are sent there from a sentinel redirection mechanism on a different web server.
A number, maybe 10 or so? Amazon hosts are now doing this.
I am guessing this would be real darned easy to trace back to the sources. And either someone’s instance in the cloud is not under their control, or someone is paying Amazon to let them run bots.
I’ll guess the former.
Not enough of an annoyance to have me take active deflection measures yet, but we could easily do this.
What’s more interesting is that this appears to be based upon a guess about our stack, probably due to what corresponds to the popular stacks. I find this absolutely fascinating … its as if I am looking and watching an infection attempt in real time.
Viewed 52057 times by 3596 viewers