[clamav-users] Is ClamAV Community Threat Tracking System down?
Dennis Peterson
dennispe at inetnw.com
Sat Mar 19 15:51:31 UTC 2016
The DNS configuration for www.stats.clamav.net are suspect. I just looked at the
squid logs and see this:
1458401557.097 598 TCP_CLIENT_REFRESH_MISS/503 890 GET
http://www.stats.clamav.net/ - DIRECT/188.40.140.240 text/html
1458401566.520 599 TCP_REFRESH_HIT/200 1431 GET http://www.stats.clamav.net/
- DIRECT/188.40.140.240 text/html
1458401567.162 597 TCP_REFRESH_HIT/200 7030 GET
http://www.stats.clamav.net/js/openid-jquery.js - DIRECT/188.40.140.240
application/javascript
1458401567.239 719 TCP_REFRESH_HIT/200 1104 GET
http://www.stats.clamav.net/css/openid.css - DIRECT/188.40.140.240 text/css
1458401567.351 786 TCP_REFRESH_HIT/200 56215 GET
http://www.stats.clamav.net/js/jquery-1.2.6.min.js - DIRECT/188.40.140.240
application/javascript
Follow the DNS trail.
The URIs shown in the squid log are part of the results I see which is a login
page that requires some kind of social media login. An ID scraper, perhaps.
dp
On 3/19/16 8:22 AM, Yuri Voinov wrote:
>
More information about the clamav-users
mailing list