tag:blogger.com,1999:blog-30009138.post3005683055058486034..comments2023-10-21T09:27:55.733-04:00Comments on Mr.HinkyDink's UT Blog: Port 8118 Proxies in the UAEHinky Dinkhttp://www.blogger.com/profile/06062843268103990027noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-30009138.post-17706000179938758372011-10-31T21:25:20.046-04:002011-10-31T21:25:20.046-04:00Well, thanks for sharing, but the (admittedly limi...Well, thanks for sharing, but the (admittedly limited) testing I've done <i>specifically </i>on these port 8118 UAE proxies generally have our old friend "Mikrotik HttpProxy" in the Via header. Of course, that could be just a forgery, but it's pretty consistent.Hinkyhttps://www.blogger.com/profile/06653840501271828662noreply@blogger.comtag:blogger.com,1999:blog-30009138.post-49836490118932046422011-10-24T10:44:09.536-04:002011-10-24T10:44:09.536-04:00The answer to this one may be ....
222.186.25.* ( ...The answer to this one may be ....<br />222.186.25.* ( 2,3,4, 151, 54 )<br />Lzjl.com.cn <br />Beijing, China<br />(Yesup / Clicksor network) <br /><br />lzjl have been running malvertising against 8118 (privoxy) with referer spoofing redirecting to php exploit scripts.<br /><br />Traffic randomized to hit some time every 90 seconds or so.<br /><br />Where privoxy is misconfigured as an open Anonymousnoreply@blogger.com