Something interesting I noticed about that server hosting the stamp2.gif
is that squid is accelerating the web-server.
I know this because I tried to open the image and I recieved a squid
error because my request failed one of their ACL's. Although when I
refreshed page the image loaded correctly. I also scanned the server
with nmap and it confirmed that squid (squid 2.5 stable 7) is
accelerating the web-server (see scan information below).
Was that access.log entry possibly caused by the squid running as an
accelerator?
PORT STATE SERVICE VERSION
80/tcp open http?
1 service unrecognized despite returning data. If you know the
service/version, please submit the following fingerprint at
http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port80-TCP:V=3.45%D=2/15%Time=4212758D%r(GetRequest,5A5,"HTTP/1\.0\x201
SF:35039137\x20Unknown\r\nServer:\x20squid/2\.5\.STABLE7\r\nMime-Version:\
SF:x201\.0\r\nDate:\x20Tue,\x2015\x20Feb\x202005\x2022:19:58\x20GMT\r\nCon
SF:tent-Type:\x20text/html\r\nContent-Length:\x201120\r\nExpires:\x20Tue,\
SF:x2015\x20Feb\x202005\x2022:19:58\x20GMT\r\nX-Squid-Error:\x20ERR_ACCESS
SF:_DENIED\x200\r\nX-Cache:\x20MISS\x20from\x20localhost\r\nX-Cache-Lookup
SF::\x20NONE\x20from\x20localhost:80\r\nConnection:\x20close\r\n\r\n<!DOCT
SF:YPE\x20HTML\x20PUBLIC\x20\"-//W3C//DTD\x20HTML\x204\.01\x20Transitional
SF://EN\"\x20\"http://www\.")%r(HTTPOptions,5A5,"HTTP/1\.0\x20135039137\x2
SF:0Unknown\r\nServer:\x20squid/2\.5\.STABLE7\r\nMime-Version:\x201\.0\r\n
SF:Date:\x20Tue,\x2015\x20Feb\x202005\x2022:20:04\x20GMT\r\nContent-Type:\
SF:x20text/html\r\nContent-Length:\x201120\r\nExpires:\x20Tue,\x2015\x20Fe
SF:b\x202005\x2022:20:04\x20GMT\r\nX-Squid-Error:\x20ERR_ACCESS_DENIED\x20
SF:0\r\nX-Cache:\x20MISS\x20from\x20localhost\r\nX-Cache-Lookup:\x20NONE\x
SF:20from\x20localhost:80\r\nConnection:\x20close\r\n\r\n<!DOCTYPE\x20HTML
SF:\x20PUBLIC\x20\"-//W3C//DTD\x20HTML\x204\.01\x20Transitional//EN\"\x20\
SF:"http://www\.")%r(RTSPRequest,6B3,"HTTP/1\.0\x20400\x20Bad\x20Request\r
SF:\nServer:\x20squid/2\.5\.STABLE7\r\nMime-Version:\x201\.0\r\nDate:\x20T
SF:ue,\x2015\x20Feb\x202005\x2022:20:04\x20GMT\r\nContent-Type:\x20text/ht
SF:ml\r\nContent-Length:\x201388\r\nExpires:\x20Tue,\x2015\x20Feb\x202005\
SF:x2022:20:04\x20GMT\r\nX-Squid-Error:\x20ERR_INVALID_REQ\x200\r\nX-Cache
SF::\x20MISS\x20from\x20localhost\r\nX-Cache-Lookup:\x20NONE\x20from\x20lo
SF:calhost:80\r\nProxy-Connection:\x20close\r\n\r\n<!DOCTYPE\x20HTML\x20PU
SF:BLIC\x20\"-//W3C//DTD\x20HTML\x204\.01\x20Transitional//EN\"\x20\"http:
SF://ww");
Received on Tue Feb 15 2005 - 18:46:53 MST
This archive was generated by hypermail pre-2.1.9 : Fri Feb 25 2005 - 12:00:03 MST