I have just been looking at the access logs for my web server and found this 221.192.199.35 - - [09/Jun/2010:09:34:23 +0100] "GET http://www.wantsfly.com/prx2.php?hash=0DD74D710FE7F8BE5D61A85C00502998EB2C06E3A7E4 HTTP/1.0" 404 1035 221.192.199.35 - - [09/Jun/2010:13:11:45 +0100] "GET http://www.wantsfly.com/prx2.php?hash=0DD74D710FE7F8BE5D61A85C00502998EB2C06E3A7E4 HTTP/1.0" 404 1035 221.192.199.35 - - [09/Jun/2010:17:21:49 +0100] "GET http://www.wantsfly.com/prx2.php?hash=0DD74D710FE7F8BE5D61A85C00502998EB2C06E3A7E4 HTTP/1.0" 404 1035 221.192.199.35 - - [09/Jun/2010:17:52:59 +0100] "GET http://www.wantsfly.com/prx2.php?hash=0DD74D710FE7F8BE5D61A85C00502998EB2C06E3A7E4 HTTP/1.0" 404 1035 93.97.168.92 - - [09/Jun/2010:20:18:07 +0100] "GET / HTTP/1.1" 200 5094 93.97.168.92 - - [09/Jun/2010:20:18:07 +0100] "GET /collaboration/css/serverhome_static.css HTTP/1.1" 200 176 93.97.168.92 - - [09/Jun/2010:20:18:07 +0100] "GET /collaboration/css/serverhome_static/iphone.css HTTP/1.1" 200 1010 93.97.168.92 - - [09/Jun/2010:20:18:07 +0100] "GET /collaboration/javascript/compressed_libraries.js HTTP/1.1" 200 34682 93.97.168.92 - - [09/Jun/2010:20:18:07 +0100] "GET /collaboration/css/serverhome_compressed.css HTTP/1.1" 200 4696 93.97.168.92 - - [09/Jun/2010:20:18:07 +0100] "GET /collaboration/css/serverhome_static/overrides.css HTTP/1.1" 200 1187 93.97.168.92 - - [09/Jun/2010:20:18:07 +0100] "GET /collaboration/css/required_compressed.css HTTP/1.1" 200 19562 93.97.168.92 - - [09/Jun/2010:20:18:07 +0100] "GET /collaboration/javascript/serverhome.js HTTP/1.1" 200 913 93.97.168.92 - - [09/Jun/2010:20:18:07 +0100] "GET /collaboration/css/required/img/spinner.gif HTTP/1.1" 200 3554 93.97.168.92 - - [09/Jun/2010:20:18:07 +0100] "GET /collaboration/css/serverhome_static/img/footer-bg.png HTTP/1.1" 200 3254 93.97.168.92 - - [09/Jun/2010:20:18:07 +0100] "GET /collaboration/javascript/compressed_widgets.js HTTP/1.1" 200 23394 93.97.168.92 - - [09/Jun/2010:20:18:07 +0100] "GET /collaboration/css/serverhome_static/img/banner-bg.png HTTP/1.1" 200 291106 93.97.168.92 - - [09/Jun/2010:20:18:08 +0100] "GET /favicon.ico HTTP/1.1" 200 7782 93.97.168.92 - - [09/Jun/2010:20:18:08 +0100] "GET /collaboration-availability/webmail/ HTTP/1.1" 200 247 93.97.168.92 - - [09/Jun/2010:20:18:08 +0100] "GET /collaboration-availability/groups/ HTTP/1.1" 200 247 93.97.168.92 - - [09/Jun/2010:20:18:08 +0100] "GET /collaboration-availability/updates/ HTTP/1.1" 200 247 93.97.168.92 - - [09/Jun/2010:20:18:08 +0100] "GET /collaboration-availability/users/ HTTP/1.1" 200 247 93.97.168.92 - - [09/Jun/2010:20:18:08 +0100] "GET /collaboration-availability/emailrules/ HTTP/1.1" 404 1171 93.97.168.92 - - [09/Jun/2010:20:18:08 +0100] "GET /collaboration-availability/changepassword/ HTTP/1.1" 404 1171 93.97.168.92 - - [09/Jun/2010:20:18:08 +0100] "GET /collaboration-availability/webcal/ HTTP/1.1" 200 247 93.97.168.92 - - [09/Jun/2010:20:18:08 +0100] "GET /collaboration-availability/podcastcapture/ HTTP/1.1" 503 1043 93.97.168.92 - - [09/Jun/2010:20:18:08 +0100] "GET /collaboration/css/serverhome_static/img/more-bg.png HTTP/1.1" 200 2819 93.97.168.92 - - [09/Jun/2010:20:18:08 +0100] "GET /collaboration/css/serverhome_static/img/service-bg.png HTTP/1.1" 200 57374 93.97.168.92 - - [09/Jun/2010:20:18:08 +0100] "GET /collaboration/css/serverhome_static/img/service-icons.png HTTP/1.1" 200 104370 I don't like the look of it! has someone got in?
It looks like a bunch of GET requests, so I'm seeing no reason for worry. What don't you like about this traffic?
I understand the 93.97.168.35 items now, not a problem it was just the wantsfly.com stuff I was curious about (I'm new and inexperienced) it would seem that all of the entries returned a 404 page, but there are loads of entries from wantsfly.com
Since it's a 404, there's no worries. From googling, it appears folks try to use the proxy module available in Apache to find an open proxy.
fixed it, thank god for server tools! I managed to run server tools from my laptop and fix it! seems I had disabled my administrator login bloody computers