Anyone else seen this?
Category None
Reading a couple of blogs, I have seen a popup appear as a layer on them. I have seen it happen on Richard Schwartz's and Rocky Oliver's so far. I have the latest virus scanning software on my machine and have ran adware scans etc. They all turn up nothing. Here's what I see:
Then when I leave the page I see:
Has anyone else seen this? Perhaps Rocky and Richard have some code on their pages that is coming across from somewhere else that has been hijacked? I notice they both have the creative common license logo, is that code generated?
Not sure if this helps Rocky or Richard, but here are the cookie contents for both sites, I think cookies might be involved as I don't see it everytime.
Power of the Schwartz
ASLTRG1=28#24#.net#21070#18866#.hfc.comcastbusiness.net#70.88.208.81#en-us##21601094#18813#14659#506#5;
FRQSTR=18786156x198205:1:4297|18786156|18786156|18786156|18786156;
WIDYMD=#32432:EIS#30560:EIS#;
KIDYMD=#196723:EISD#198205:EISA#;
VISKAM=#196723-66986#198205-65581#;
VISWEB=#32432-441705-66986#30560-410100-65581#;
SESTEST=1;
BSUID=1
Lotus Geek
FRQSTR=18786157|18786157|18786157|18786157|18786157;
WIDYMD=#32432:EIS#30560:EIP#;
KIDYMD=#196723:EISB#195617:EIPA#195236:EILA#;
VISKAM=#196723-67020#;
VISWEB=#32432-441705-67020#;
ASLTRG1=28#24#.net#21070#18866#.hfc.comcastbusiness.net#70.88.208.81#en-us##21601500#18813#14659#506#5;
BSUID=1;
SESTEST=1
Reading a couple of blogs, I have seen a popup appear as a layer on them. I have seen it happen on Richard Schwartz's and Rocky Oliver's so far. I have the latest virus scanning software on my machine and have ran adware scans etc. They all turn up nothing. Here's what I see:
Then when I leave the page I see:
Has anyone else seen this? Perhaps Rocky and Richard have some code on their pages that is coming across from somewhere else that has been hijacked? I notice they both have the creative common license logo, is that code generated?
Not sure if this helps Rocky or Richard, but here are the cookie contents for both sites, I think cookies might be involved as I don't see it everytime.
Power of the Schwartz
ASLTRG1=28#24#.net#21070#18866#.hfc.comcastbusiness.net#70.88.208.81#en-us##21601094#18813#14659#506#5;
FRQSTR=18786156x198205:1:4297|18786156|18786156|18786156|18786156;
WIDYMD=#32432:EIS#30560:EIS#;
KIDYMD=#196723:EISD#198205:EISA#;
VISKAM=#196723-66986#198205-65581#;
VISWEB=#32432-441705-66986#30560-410100-65581#;
SESTEST=1;
BSUID=1
Lotus Geek
FRQSTR=18786157|18786157|18786157|18786157|18786157;
WIDYMD=#32432:EIS#30560:EIP#;
KIDYMD=#196723:EISB#195617:EIPA#195236:EILA#;
VISKAM=#196723-67020#;
VISWEB=#32432-441705-67020#;
ASLTRG1=28#24#.net#21070#18866#.hfc.comcastbusiness.net#70.88.208.81#en-us##21601500#18813#14659#506#5;
BSUID=1;
SESTEST=1
| Permalink | 
Comments
Posted by Brian Benz At 06:44:37 PM On 09/19/2005 | - Website - |
I don't get the popups on my own site or Rocky's, and I can't imagine where those cookies are coming from. When I go to my own site I see one cookie from Nedstat, and the BSUID cookie, but no others.
Posted by Richard Schwartz At 07:19:25 PM On 09/19/2005 | - Website - |
Posted by Duffbert At 07:21:23 PM On 09/19/2005 | - Website - |
Posted by Ben Langhinrichs At 07:58:08 PM On 09/19/2005 | - Website - |
Posted by Richard Schwartz At 09:25:55 PM On 09/19/2005 | - Website - |
Posted by Carl At 10:06:02 PM On 09/19/2005 | - Website - |
Posted by Stephan H. Wissel At 04:46:43 AM On 09/20/2005 | - Website - |
I have removed Nedstat from my blog, and have deleted my account with them. Please let me know if the popups continue, and I'll investigate further.
Rock
Posted by Rock At 03:18:01 PM On 09/20/2005 | - Website - |
http://www.lotusgeek.com/SapphireOak/LotusGeekBlog.nsf/d6plinks/ROLR-6GEQPR
Thanks for the heads-up, Carl. And to everyone else, sorry about the popups...
Rock
Posted by Rock At 03:43:59 PM On 09/20/2005 | - Website - |