by Alec Muffett
Quote:
http://notify.bluecoat.com/notify-Grey-List?http/dropsafe_crypticide_com/ aHR0cDovL2Ryb3BzYWZlLmNyeXB0aWNpZGUuY29tL2FydGljbGUvNDYzMw=%3D
It does not appear to load anything – it gives me an IIS 404; but note the infix string: Grey* List? That’s a mail-spam term as far as I am concerned…
Hmmm…
The Base64 encoded string decodes to the following URL on my site:
…which is about Kindle batteries, so I have no idea what is going on.
—
* We appreciate the UK spelling by the way.
Hi Alec
Did you ever find out what http://notify.bluecoat.com was about?
Just ask because our servers are showing visits from them.
I did a quick google search and you blog was in the results on the 1st page.
Not personally, but try @e3i5 – he will have looked into it more deeply
Late reply however I can answer your question.
You are seeing that URL in your log because someone behind a filtered network has accessed your site. In order to allow users of a filtered network internet access, the user is presented with an initial page upon first trying to access any website. The initial page might display terms and conditions of use or something similar. Once the user accepts these terms, they are forwarded to the url by the bluecoat software.
Hope this helps.
Just to let you know, Bluecoat have now put a holding page at http://notify.bluecoat.com/ which explains what it is.
Interestingly, the referrer string I got was /notify-New_ONS_Notify_Page? which, coupled with the URL on the end, gives me a pretty good idea of who’s Nanny-box it was.
Leave a Reply