Comments on: What Is paypal.112.2o7.net

By: JiHem

JiHem — Wed, 08 Dec 2010 18:12:55 +0000

Apparently paypal is not the only site concerned : I’ve noticed the address oracle.112.2o7.net appearing quickly in Firefox status bar while connecting to Oracle support website

By: Clark

Clark — Thu, 28 Oct 2010 16:23:26 +0000

Ironically: Ghacks (who host this blog) are apparently using kontera.com for their analytics! I refused to accept the kontera cookies, of course! I have strong feelings about experimental ethics and privacy. It’s generally accepted, in modern scientific practice, that the informed consent of the subject is required for any experimentation. If an experiment might cause harm to the subject (e.g. an identity theft in this instance) then it is generally considered unethical to run the experiment unless all reasonable mitigations have been taken to minimise the harm, and unless there’s some counterbalancing “good” that will accrue to the class of fully-informed, consenting subjects.

I found this blog after I got annoyed with repeated requests, from a Wiley InterScience website, to accept a cookie from 112.2o7.net. At that time I was retrieving an article from Wiley InterScience. Librarians generally abide by a professional code of ethics, e.g. in the ALA: “We protect each library user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted.”

The usual argument in favour of tracking-cookies is that they don’t contain any personally-identifiable information. This may well be a sufficient legal defense in jurisdictions with weak or non-existent privacy laws, however it doesn’t take too many bits of “npn-personally identifiable” information about a person’s activities, interests, IP addresses, etc to get a pretty good “fix” on who they are… should you be interested in identifying someone. So… lusers must rely on the ethics of the market researchers themselves, unless they’re lucky/wealthy enough to have access to a legal recourse against the marketing research firm, or unless they appeal to the “court of public opinion”.

http://uneasysilence.com/archive/2008/01/12827/ is an amusing blog entry describing Adobe’s response to a similar concern about 112.2o7.net, a couple of years ago. Amusingly (I’m really not paranoid about this stuff — even though it *is* rather a worry) Adobe purchased Omniture a year later. See http://www.omniture.com/en/privacy/2o7.

By: CougarMutt

CougarMutt — Thu, 29 Jul 2010 00:54:20 +0000

I use PC Tools for my AntiVirus/Spyware.

It pops up to the 112.2o7.net and I hit Perm-Block.

End of story.

By: Yair Tendler

Yair Tendler — Sun, 11 Jul 2010 08:27:31 +0000

I agree, they should remove objectspaypal.com and 2o7.net
Had to google it out,

By: C!$C0^211

C!$C0^211 — Wed, 12 May 2010 14:53:59 +0000

On my Last Post, its “Adblock Plus” a Firefox Plugin.

Internet Explorer 8 doesnt have the same problem, it seems like IE8 is filtering it automatic.

(Sorry for my bad english :O )

~211^

By: Martin

Martin — Wed, 12 May 2010 11:33:04 +0000

That is the firefox add-on firebug

By: Mehran

Mehran — Wed, 12 May 2010 11:31:24 +0000

hey brother can some one tel me which software is this please

http://cdn.ghacks.net/wp-content/uploads/2010/02/paypal1-500×381.jpg

By: C!$C0^211

C!$C0^211 — Tue, 04 May 2010 23:58:01 +0000

to block paypal.112.2o7.net, u can use this filter:

|https://paypal.112.2o7.net/*

since i added this filter, there is no upcoming phishing warning from AntiVir.

If u turned Javascript off then its loaded as Gif-Image.

(Sorry for my bad english :O )

~211^

By: H.E

H.E — Mon, 01 Mar 2010 22:40:46 +0000

Also it isn’t that hard to notice since this considerably slows the transaction down… it took me like 5mn … while the status bar showed “transferrin’ data from paypal.112.2o7.net” … which made me look & find this good explanation u hav here.
Not being an informatic pro, i wonder what “analytics” this Omniture company collects about me…

By: Martin

Martin — Tue, 09 Feb 2010 18:37:57 +0000

You can for instance use Firebug which is what I have used. It is mainly used for web development but excellent for this purpose as well as it shows all connections and elements that are loaded by the website.

By: Duckeenie

Duckeenie — Tue, 09 Feb 2010 18:30:41 +0000

What tool is required too analyse a website like that Martin?

By: Mr C

Mr C — Tue, 09 Feb 2010 12:16:41 +0000

You should also notice that the script is embedded into another script. Bypassing any protection you have against it, like adblock. Sneaky sneaky. There is no legit reason for that element to be there. It doesn’t enhance privacy or functionality. Avoid ebay-Paypal. They are not a trustworthy company.

By: Jojo

Jojo — Tue, 09 Feb 2010 09:44:52 +0000

If I see a URL like that I would think phishing definitely and would cancel the site immediately.

Is Paypal really this STUPID?

By: philoSurfer

philoSurfer — Mon, 08 Feb 2010 22:01:46 +0000

Good eye!

First off, this is a lack of innovation on PayPal’s part to write their own analytics… Pretty sad if you ask me.. sombody’s god knows they have enough money.

And then to integrate with the 3rd party vendor in this manor (sending end-user to initiate the tracking code…), is amateur at best…

tisk tisk pay pal.

By: Cross

Cross — Mon, 08 Feb 2010 20:12:48 +0000

They aren’t getting things secured.

Think about Omniture get down by someone and they replace the scripts called by Paypal’s server with anything else :)

What would happen?