The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

this one is driving me nuts - beavermails.com

Discussion in 'E-mail Discussions' started by KirkColvin747, Dec 22, 2006.

  1. KirkColvin747

    KirkColvin747 Member

    Joined:
    Mar 17, 2005
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    HUGE server load, diff. IPs, all preceeded by google js (which is on our webpages), and then the GET entry of an ad from referrer beavermails.com.

    Anyone seen this crap before? Is our server acting as proxy for them?

    -Kirk

    main site is www.snarfware.com

    61.173.199.214 - - [22/Dec/2006:07:19:44 -0500] "GET http://www.google-analytics.com/urchin.js HTTP/1.0" 404 10844 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)"
    61.173.199.214 - - [22/Dec/2006:07:21:24 -0500] "GET http://popunder.adsrevenue.net/link...s=I2&isframe=false&bk=1&serverfile=popnetwork HTTP/1.0" 301 742 "-" "Mozilla/4.0 (compatible; MSIE 4.0; Windows 95)
     
    #1 KirkColvin747, Dec 22, 2006
    Last edited: Dec 22, 2006
  2. lostinspace

    lostinspace Well-Known Member

    Joined:
    Jul 19, 2003
    Messages:
    122
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Colorado Springs, CO
    Personally, I'd ban the subnet. Unless you'll miss hits from China?

    Also, are the loads caused from numerous connections? If so, there's some nice FW's that will temp ban IPs based on connections (Chirpy's CSF/LFD combo for example).
     
    #2 lostinspace, Dec 22, 2006
    Last edited: Dec 22, 2006

Share This Page