1. Home
  2. Forums Index
  3. WebmasterWorld / Website Analytics - Tracking and Logging 3:05 pm May 14, 2026

Forum Moderators: DixonJones

Message Too Old, No Replies

Question about Apache Logs

Reading Apache Log

         

erobs

1:36 am on Jan 29, 2006 (gmt 0)

10+ Year Member



I have recently noticed a large amount of logs similar to the following. They do not seem to be viewing anything other than the one page, and do not load images like if I were to visit the page. Any thoughts on why I am seeing this?

This is not a credit, loan, or financial website.

222.108.199.142 - - [28/Jan/2006:20:24:45 -0500] "GET / HTTP/1.1" 200 16686 "http://car-insurance.example.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Maxthon)"
199.2.119.62 - - [28/Jan/2006:20:25:18 -0500] "GET / HTTP/1.1" 304 - "http://low-apr-credit-card.example.com/" "Mozilla/4.0 (compatible; MSIE 4.01; AOL 4.0; Windows 98)"
202.29.136.140 - - [28/Jan/2006:20:25:19 -0500] "GET / HTTP/1.0" 304 - "http://experian.example.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Maxthon)"
211.48.24.218 - - [28/Jan/2006:20:26:17 -0500] "GET / HTTP/1.1" 304 - "http://free-credit-reports.example.com/" "Mozilla/4.0 (compatible; MSIE 4.01; Windows NT Windows CE)"
216.154.243.212 - - [28/Jan/2006:20:26:54 -0500] "GET / HTTP/1.0" 200 16686 "http://car-insurance.example.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
210.91.189.208 - - [28/Jan/2006:20:27:42 -0500] "GET / HTTP/1.1" 304 - "http://low-apr-credit-card.example.com/" "Mozilla/4.0 (compatible; MSIE 4.01; Windows NT)"
218.232.252.31 - - [28/Jan/2006:20:27:56 -0500] "GET / HTTP/1.1" 304 - "http://free-credit-reports.example.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Maxthon)"
165.229.159.240 - - [28/Jan/2006:20:30:03 -0500] "GET / HTTP/1.1" 304 - "http://current-mortgage-rates.example.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.1.4322)"
84.204.192.179 - - [28/Jan/2006:20:30:55 -0500] "GET / HTTP/1.1" 200 16686 "http://payday-loans.example.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
219.239.110.9 - - [28/Jan/2006:20:31:29 -0500] "GET / HTTP/1.1" 304 - "http://loans.example.com/" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)"

They are pulling my default main page, but nothing else it would appear. Thanks for any help.

[edited by: Receptional at 8:18 pm (utc) on Jan. 29, 2006]
[edit reason] Examplified the domains [/edit]

encyclo

3:36 am on Jan 29, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



It's log spam - (ab)using the referrer field to generate a link to their site in the hope that the stats package for your site in publically available, thus creating a set of backlinks. The process is automated and deployed on a massive scale.

Apart from throwing off your stats and wasting your bandwidth allocation, the presence of log spam is harmless if your stats package is password-protected.

JerryOdom

3:52 am on Jan 29, 2006 (gmt 0)

10+ Year Member



Thats an interesting tactic that I'm suprised to say I hadn't seen used before.

Dijkgraaf

9:02 am on Jan 29, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Log Spam has been around for a few years now, maybe you were just lucky not to have been hit by it so far.

erobs

2:25 pm on Jan 29, 2006 (gmt 0)

10+ Year Member



Thank you encyclo. I appreciate the information. My stats are not publically available, so I guess I will just have to live with it as the links are coming from so many different ips.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. WebmasterWorld / Website Analytics - Tracking and Logging 3:05 pm May 14, 2026