Does Tinfoil Security sign its requests in any way? How can I filter them?We try to make it very easy for you to filter emails, logs, and support requests for items created by our scanner. In particular, every form filled out by our scanner will have the word tinfoil in the values submitted. You should be able to filter on tinfoil for any emails or support tickets created.
For logs, every single one of our requests is created with a user-agent containing the text: tinfoilsecurity.com. This should allow you to easier filter any logs for requests created by our scanner.
Requests from our scanner appear to originate from a single endpoint: scanner.tinfoilsecurity.com. The IP address for this endpoint is static and always set to 188.8.131.52.
The scanner endpoint may resolve to an AWS-internal IP address if performing a scan that stays within AWS's datacenters. The most accurate AWS-internal IP address can be always found by manually resolving scanner.tinfoilsecurity.com from within AWS, but please note that the AWS-internal IP is not guaranteed to stay constant within AWS and should be refreshed often.
If you'd like to whitelist our security group to access your website, you can use the following information to do so:
AWS Account Id: 053417869307
Security Group Id: sg-1c090974
As always, if you have any questions or issues at all, please feel free to contact us in our Support Chat or via any of the methods listed on our Contact Page and we'll be more than happy to assist.