-
October 21st, 2002, 11:49 PM
#1
Strange Log entries
I just pulled this out of my log file any idea what it means. Kindof odd
http://207.68.164.250/cgi-bin/linkrd...tz%2en3t%2enet
I went to http://207.68.164.250 and it is a login for Hotmail, any idea why someone would try a url such as the one above?
Violence breeds violence
we need a world court
not a republican with his hands covered in oil and military hardware lecturing us on world security!
-
October 21st, 2002, 11:54 PM
#2
Unless it is the IP address of the hotmail site, just converted from hotmail.com, it could be someone setting up a fake login to steal your password. I'd watch out, I've seen plenty of these with Hotmail, AOL, and even Credit Card reports.
-
October 21st, 2002, 11:56 PM
#3
yea thats what it looks like to me. I just dont understand why they would use a url like that and use my site at the end of it
oh yea, I thought i gave the whole log entry but i didnt
here it is
212.138.47.11 - - [21/Oct/2002:17:51:11 -0500] "GET / HTTP/1.0" 200 745 "http://207.68.164.250/cgi-bin/linkrd?_lang=EN&lah=414a403c1944088c764bcd8a049dc56d&lat=1035236038&hm___action=http%3a%2f%2fersatz%2en3t%2enet" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0; YComp 5.0.0.0)"
Violence breeds violence
we need a world court
not a republican with his hands covered in oil and military hardware lecturing us on world security!
-
October 21st, 2002, 11:58 PM
#4
I don't know about the using your site part, but by using that url, they could signup for like .tk and use a hotmaillogin.tk thing to fool people. I'm not sure why their using your site or what exactly it is, but they can definitely use a free re-direction service to make the url look better or more catchy.
-
October 22nd, 2002, 12:06 AM
#5
This just in..... Used trusty AO IP locater and got this
cache1-2.ruh.isu.net.sa (212.138.47.11) is located in Riyadh, Ar-riyad (administrative Region), Al-wusta (region), Saudi Arabia.
Violence breeds violence
we need a world court
not a republican with his hands covered in oil and military hardware lecturing us on world security!
-
October 22nd, 2002, 06:19 AM
#6
Is this a web server log?
They might have been looking for a proxy...
Ammo
Credit travels up, blame travels down -- The Boss
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|