I have looked into this further and I have a theory that user-added toolbars are the cause of the errors. I would like some confirmation that this could be the cause.

Here is a more complete description:

Here are the most common example of those "foreign URLs:"

http://d3lvr7yuk4uaui.cloudfront.net/items/dom/20111209/r/rephunter.net.js


I am already aware that cloudfront is an Amazon service. There are numerous such errors starting back on 26-Jun-11. There is a pattern in which typically a dozen or two such errors occur in a short time from, all from a single IP address. Then there is a large gap of time. This makes me wonder if it could be something that a user does on their browser to use some facility of Amazon for example. Is your team aware of anything like this?

Another example:

http://cdn1.predictad.com/scripts/publishers/babylonConduit/acConduit.js?si=6997.

The "babylonConduit" also occurred from a single IP over a short period of time, which also seems to imply something the user is doing.

More miscellaneous examples:

http://cdn1.certified-apps.com/scripts/shared/enable.js?si=10303&tid=CT2704262

chrome://searchqutoolbar/content/toolbar.xul (seems more like this would be a Chrome issue, something that is in Chrome, but causes an error report)

http://www.textsrv.com/cc.php?c=VVM6Rkw6TWlhbWkgQmVhY2g6d3d3LnJlcGh1bnRlci5uZXQ6MTA0MTp1bmRlZmluZWQ6MTA2NDY6NjkuODQuMTA5LjE0NTp1bmRlZmluZWQ%3D&cb=1325195479051

http://ads2srv.com/tb/gc.php?json&cb=_GPL.setGeoAndGo

https://147.xg4ken.com/media/getpx.php?cid=3a140bc9-7a36-4850-9c4d-d052cd9943b9

http://tbupdate.zugo.com/ztb/2.3/jsi/dis/script-dissd.js?provider=bing&provider_name=bing&provider_code=Z192&newtab_search_url=http%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3D%7BsearchTerms%7D%26pc%3DZ192%26form%3DZGAFNT%26install_date%3D20111011&partner_id=276&product_id=746&affiliate_id=&channel=1002&toolbar_id=200&toolbar_version=2.3.0&install_country=US&install_date=20111011&user_guid=B32913FFF9DE4D4BAA62F9C3E153E84D&machine_id=87cd840c40779cde8bc5b6d805a6ee3f&browser=FF&os=Win&os_version=5.1&url=http%3A%2F%2Fwww.rephunter.net%2Fsearch-results.php

http://www.superfish.com/ws/getCouponsSupportedSites.action?ver=3&callback=SF_cpnWlCb

I want to stress again that we do not use any of the above in our site, so they are coming from elsewhere.

I am starting to think that they might be toolbars that users have added to their browsers. And if so we should modify our javascript error monitoring to disregard all errors not coming from our site.

[edited by: tedster at 12:25 am (utc) on Jan 4, 2012]
[edit reason] de-link the URLs so they can be read [/edit]

How are you logging arbitrary JavaScript errors that might be specific to a users setup?

(Someone needs to fix that horiz scroll!)

window.onerror catches any javascript errors and ajax is used to send an email to our webmaster.

I have gone ahead on the assumption that my thinking is correct and will no longer send the email unless the URL is from our site.