Seems working like a "fake Googlebot", but for what purpose.
DNS will not resolve on "bad requests" and producing bad domain names.
Re discussion here:
https://stackoverflow.com/questions/31902776/mysterious-cloudfront-bad-requestSo the address is only producing errors from the CloudFront end up. What do they have to hide.
This is kicking up bad SEO for thoise that use such domain names.
Read here:
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.htmlBut for what reason they hide? Is this Amozon cdn policy?
Cloudfront would only know you were looking for the x.cloudfront.net endpoint if that were what had been typed into the browser directly
This opens up great possibilities for abuse, but by whom?
The risk is manifold: "*.cloudfront.net hostname are shared by tens or hundreds or thousands of other distributions. The Host: header sent by the browser is the mechanism CloudFront uses in order to work out which distribution the request will be processed by and the "Alternate Domain Names" configuration is how these are provisioned" Info credits StackOverflow's Michael.
So whenever something goes wrong with a hack or there is a data-breach, you have an enormous incident.
Who is checking on the clowns that think of such less secure infrastructure just for profit or surveillance?
At least we need an insecure content fixer here.
And a constant check here:
https://www.cloudconformity.com/conformity-rules/CloudFront/cloudfront-insecure-origin-ssl-protocols.htmlAt least good Google Safebrowsing blocks and alerts the insecure aspects of it
before you open such an IP address in Google Chrome.
polonus (volunteer website security analyst and website error-hunter)
