Posted by Pete Gray on 11/20/01 11:40

In article <MPG.1e62d184a55f006598972e@news.eclipse.net.uk>,
hywel.jenkins@gmail.com says...
> In article <vgvgv1thneq4tr0idckg5q6qnuuh8g4llo@4ax.com>,
> dingbat@codesmiths.com says...
> > On Sun, 19 Feb 2006 06:01:15 -0600, Gdareos <louis_@n0Spam_.hemmi.us>
> > wrote:
> >
> > >I keep seeing this in my home page
> >
> > Congratulations. Now don't you think it would have been a good idea to
> > tell us what your homepage's address was?
> >
> >
> > ><script language='javascript'
> > >src='http://127.0.0.1:1043/js.cgi?pa&r=24464'></script>
> >
> > This isn't needed by anything on a standard page. It doesn't look
> > malicious (unless the web server has already been compromised) because
> > the address 127.0.0.1 is just the localhost address (i..e "self").
> >
> > I'd guess it was added by your hoting company automatically, to attach
> > either a hit counter or an ad banner. Neither of these is acceptable on
> > real hosting, but then you might be using some cheapskate banner-funded
>
> It wouldn't work anyway! Brilliant bit of work by the hosting company.
>

It's not the hosting company. I suspect the OP is using ZoneAlarm, which
is inserting this, and probably also:
<script language='javascript'>postamble();</script>
at the end.

See:
<http://www.frontrangeinternet.com/support/knowledgebase/viewArticle.php
?articleID=845>

Interestingly ZoneLabs seem to have deleted all the threads on their
forums about this 'feature'.
--
Pete Gray

Say No to ID Cards <http://www.no2id.net>
<http://www.redbadge.co.uk/no2idcards/>

[Back to original message]