I am sorry if this post is off-meta or misplaced but i wanted to share this with you and obtain some insights.
Recently while accessing gitlab.com my Bitdefender started blocking a connection to the following addresses:
After analysing the source i realized that this happens whenever i access gitlab.com rootpage.
Whois or tracing the IP does not give any safety meta data, I was unable to associate this request with anything related with advertising or gitlab servicing.
The domain appears to be a parking page.
Is this gitlab? is it safe to add to exceptions?
What is it doing?
Well I run on Linux, and I see this lr-in loading something every 3 seconds or so. Attached screenshot below:
I only get it on the main page though (about.gitlab.com). If I go to gitlab.com where I can access my projects then it doesn’t exist.
I’m not a Gitlab employee, but seems strange that the page is making post requests every 3 seconds, and I’m also interested as to what it is attempting to post and where.
I’d leave it blocked for the time being, as I don’t know what it is.
Examining the call stack it might be related to LogRocket which is a frontend monitoring and product analytics tool.
Yeah, I just saw that when clicking the cdn.lr-in.com in the browser. So looks legit I guess.