Re: Possible Hijacking from Globix

This WebDNA talk-list message is from

2002


It keeps the original formatting.
numero = 42738
interpreted = N
texte = I like these better: http://review.mondominishows.com/minibytes/shirley.html http://review.mondominishows.com/god_and_devil/bill.html http://review.mondominishows.com/trailer_court/play_pilot.htmlOkay, seriously, I don't understand why someone would proxy a dynamically generated product page and strip the javascript and add to cart button out of it. If they want to show the content of the page without the functionality and essentially cloaking its true identity, why not just copy the dang html and images and serve it themselves locally? I don't get it. Why keep hitting my server for a page that they might as well just make a hard copy of?MikeOn Tuesday, August 20, 2002, at 05:03 PM, Stuart Tremain wrote:> Try this > > http://wtv-zone.com/JBond/chowmein.swf > > > > -- > Stuart Tremain > idfk web developments - Australia > > On Wednesday, 21 August 2002, Michael Davis > wrote: >> I've already done a whammy on the page for those two addresses. >> You don't even want to know what kind of images I've swapped in >> place of the images of The Beatles. :O. Hopefully it'll get >> someone's attention. >> >> Mike >> >> On Tuesday, August 20, 2002, at 04:48 PM, Stuart Tremain wrote: >> >>> Put a >>> >>> [hideif [ipaddress]=theiripaddress] all the good stuff [/HideIf] >>> >>> in the page! >>> >>> -- >>> Stuart Tremain >>> idfk web developments - Australia >>> >>> On Wednesday, 21 August 2002, Michael Davis >>> wrote: >>>> A page on my server is being hit at a rate of about 20 hits/hr from >>>> the same two IP addresses registered to a company in GB called >>>> Scrollock Computers. They seem to be owned by Globix >>>> (globix.com). I see that Globix does proxy services. I'm >>>> wondering if this is what is hitting my page. I haven't seen a >>>> reply from them to a message I sent inquiring, but it may be that >>>> it's too late there. The page being hit is a products details page >>>> for a few Beatles CD's we carry. I've done some statistics: >>>> 1. Always the same browser UA. Mozilla/4.0 (compatible; MSIE 5.0; >>>> Windows NT; DigExt) >>>> 2. Only 1 out of 100 hits includes a cookie that I set on the page >>>> (return visitor) >>>> 3. All hits from two IP addresses: 213.219.017.220, 213.219.058.019 >>>> 4. Javascript Code seems to be stripped out of what the final >>>> viewer sees. >>>> (I assume this because I put a javascript in the page that would >>>> preload an image. >>>> I added some variables to the image request so that I could >>>> possibly see what url >>>> the person behind the proxy was visiting and what UA they were >>>> using. So far, no >>>> hits to that image.) >>>> 5. Always the same [cart] string. So they are proxying a page that >>>> is useless as an actual e-commerce application. >>>> 6. After three days of this, that cart file is still empty. This >>>> leads me to believe that they may also be stripping out the click >>>> to order button on the page. >>>> >>>> Globix looks pretty big from their web site. Has anyone else had >>>> an experience with them like this? >>>> >>>> >>>> >>>> Mike ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Possible Hijacking from Globix (Dale Therio 2002)
  2. Re: Possible Hijacking from Globix (Glenn Busbin 2002)
  3. Re: Possible Hijacking from Globix (Stuart Tremain 2002)
  4. Re: Possible Hijacking from Globix (Michael Davis 2002)
  5. Re: Possible Hijacking from Globix (Michael Davis 2002)
  6. Re: Possible Hijacking from Globix (Stuart Tremain 2002)
  7. Re: Possible Hijacking from Globix (Michael Davis 2002)
  8. Re: Possible Hijacking from Globix (Stuart Tremain 2002)
  9. OT: Possible Hijacking from Globix (Michael Davis 2002)
I like these better: http://review.mondominishows.com/minibytes/shirley.html http://review.mondominishows.com/god_and_devil/bill.html http://review.mondominishows.com/trailer_court/play_pilot.htmlOkay, seriously, I don't understand why someone would proxy a dynamically generated product page and strip the javascript and add to cart button out of it. If they want to show the content of the page without the functionality and essentially cloaking its true identity, why not just copy the dang html and images and serve it themselves locally? I don't get it. Why keep hitting my server for a page that they might as well just make a hard copy of?MikeOn Tuesday, August 20, 2002, at 05:03 PM, Stuart Tremain wrote:> Try this > > http://wtv-zone.com/JBond/chowmein.swf > > > > -- > Stuart Tremain > idfk web developments - Australia > > On Wednesday, 21 August 2002, Michael Davis > wrote: >> I've already done a whammy on the page for those two addresses. >> You don't even want to know what kind of images I've swapped in >> place of the images of The Beatles. :O. Hopefully it'll get >> someone's attention. >> >> Mike >> >> On Tuesday, August 20, 2002, at 04:48 PM, Stuart Tremain wrote: >> >>> Put a >>> >>> [hideif [ipaddress]=theiripaddress] all the good stuff [/HideIf] >>> >>> in the page! >>> >>> -- >>> Stuart Tremain >>> idfk web developments - Australia >>> >>> On Wednesday, 21 August 2002, Michael Davis >>> wrote: >>>> A page on my server is being hit at a rate of about 20 hits/hr from >>>> the same two IP addresses registered to a company in GB called >>>> Scrollock Computers. They seem to be owned by Globix >>>> (globix.com). I see that Globix does proxy services. I'm >>>> wondering if this is what is hitting my page. I haven't seen a >>>> reply from them to a message I sent inquiring, but it may be that >>>> it's too late there. The page being hit is a products details page >>>> for a few Beatles CD's we carry. I've done some statistics: >>>> 1. Always the same browser UA. Mozilla/4.0 (compatible; MSIE 5.0; >>>> Windows NT; DigExt) >>>> 2. Only 1 out of 100 hits includes a cookie that I set on the page >>>> (return visitor) >>>> 3. All hits from two IP addresses: 213.219.017.220, 213.219.058.019 >>>> 4. Javascript Code seems to be stripped out of what the final >>>> viewer sees. >>>> (I assume this because I put a javascript in the page that would >>>> preload an image. >>>> I added some variables to the image request so that I could >>>> possibly see what url >>>> the person behind the proxy was visiting and what UA they were >>>> using. So far, no >>>> hits to that image.) >>>> 5. Always the same [cart] string. So they are proxying a page that >>>> is useless as an actual e-commerce application. >>>> 6. After three days of this, that cart file is still empty. This >>>> leads me to believe that they may also be stripping out the click >>>> to order button on the page. >>>> >>>> Globix looks pretty big from their web site. Has anyone else had >>>> an experience with them like this? >>>> >>>> >>>> >>>> Mike ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Michael Davis

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

This is an odd error (2001) Mime Headers / Meta-Tags (2003) Multiple SSL Keys (1998) TeaRoom Order fields email account remain empty even though thewy are filled. (1997) WebCatalog-NT?'s (1996) Database Strategy - more... (1998) Separate SSL Server (1997) Help! WebCat2 bug (1997) RE: type 2 errors with ssl server (1997) WebCatalog 2.1 for NT (1998) Installation webCatalog (French speakers please help) (1998) range vs greater than/less than (2003) Forms Search Questions (1997) Unexpected error (1997) Generating Report Totals (1997) Frames and WebCat (1997) WCS Newbie question (1997) Re:WebCat hosting sites? (1998) Netscape 3.01 can't see db in form (1997) no shopping cart (2000)