Coffeehouse Thread

1 post

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

Anyone know what this could be from?

Back to Forum: Coffeehouse
  • User profile image
    Cannot​Resolve​Symbol

    [edit] never mind.  Network admin has one of the servers that provides Ars Technica's ads redirected to 127.0.0.1 in DNS.  Oops.  (Remember, kids, think before you post.)

    Just noticed a number of odd records in my Apache2 access.log (it's not a permanent server, just a server I start every now and then to play with it):

    127.0.0.1 - - [24/Sep/2006:20:37:07 -0500] "GET /ad/bn/4340-34508-10420-0?mpt=1159148227346 HTTP/1.1" 404 318

    127.0.0.1 - - [24/Sep/2006:20:38:30 -0500] "GET /ad/js/4340-34508-10420-5?mpt=[CACHEBUSTER]&mpvc= HTTP/1.1" 404 318

    127.0.0.1 - - [25/Sep/2006:07:29:15 -0500] "GET /ad/js/4340-34508-10420-1?mpt=331718980&mpvc= HTTP/1.1" 404 318

    127.0.0.1 - - [25/Sep/2006:07:29:16 -0500] "GET /ad/js/4340-34508-10420-4?mpt=[CACHEBUSTER]&mpvc= HTTP/1.1" 404 318

    127.0.0.1 - - [25/Sep/2006:07:33:05 -0500] "GET /ad/js/4340-34508-10420-5?mpt=[CACHEBUSTER]&mpvc= HTTP/1.1" 404 318

    127.0.0.1 - - [25/Sep/2006:07:33:06 -0500] "GET /ad/js/3992-41799-10420-3?mpt=[CACHEBUSTER]&mpvc= HTTP/1.1" 404 318

    127.0.0.1 - - [25/Sep/2006:12:09:02 -0500] "GET /ad/bn/43925?mpt=[CACHEBUSTER] HTTP/1.1" 404 305

    127.0.0.1 - - [25/Sep/2006:12:09:26 -0500] "GET /ad/js/41644?mpt=60024975&mpvc=http%253A//red.as-us.falkag.net/red%253Fcmd% [snip random looking hex] dat%253D HTTP/1.1" 404 305

    127.0.0.1 - - [25/Sep/2006:12:19:55 -0500] "GET /ad/js/4340-34508-10420-6?mpt=[CACHEBUSTER]&mpvc= HTTP/1.1" 404 318

    127.0.0.1 - - [25/Sep/2006:12:21:19 -0500] "GET /ad/bn/43925?mpt=[CACHEBUSTER] HTTP/1.1" 404 305

    127.0.0.1 - - [25/Sep/2006:12:27:00 -0500] "GET /ad/js/43921?mpt=43561671&mpvc=http%253A//red.as-us.falkag.net/red%253Fcmd%253Durl% [snip random looking hex] 526dat%253D HTTP/1.1" 404 305

    Anyone heard of any adware or anything that tries to pull ads from an HTTP server on localhost?  Windows Defender scans come out fine on this machine and I don't see anything unusual in Task Manager...

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.