Strange queries in httpd log
On 24.2.2012 10:17, Jussi Hirvi wrote:
> On 24.2.2012 10.27, John R Pierce wrote:
>> On 02/24/12 12:10 AM, Jussi Hirvi wrote:
>>> ...when the DNS shows that the domain financeande.com is hosted
>>> elsewhere? What kind of query can they have used?
>> a forged one with a bogus vhost.
> I get almost similar entry, if I hit this on the browser:
> It shows like this in the log:
> > (...) - - [24/Feb/2012:11:12:27 +0200] "GET /http://bogus.com
> HTTP/1.1" 404 292 "-" (...)
> Only here it starts with a slash (/http...), but in the original log
> entry there was no slash. I'm still curious to know how this log entry
> was born:
> > "GET http://financeande.com/feed/feed.php HTTP/1.1" 404 291 (...)
> - Jussi
It was a check for proxy.
you can try something like this:
$ telnet www.my_real_domain.com 80
Connected to www.my_real_domain.com.
Escape character is '^]'.
GET http://financeande.com/feed/feed.php HTTP/1.1
Kind Regards, Markus Falb
CentOS mailing list