We are excited to announce that the IIS.NET Forums are moving to the new Microsoft Q&A experience. Learn more >

View Complete Thread
  • Re: Anyone know about www.nihaorr1.com/1.js?

    Aug 22, 2008 01:25 PM|silkyfixer|LINK

    here is a snibblet from the log of the urlscan you can see it kicks out the declare so how did it sneak through ? i have about 500 websites that connect to the database so its hard to pinpoint were or how it gets through

     

    [08-22-2008 - 11:41:59] Client at 80.99.117.220: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m.asp'
    [08-22-2008 - 11:46:44] Client at 189.46.158.208: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m-webtv.asp'
    [08-22-2008 - 12:05:47] Client at 189.129.167.129: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m.asp'
    [08-22-2008 - 12:05:48] Client at 189.129.167.129: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m.asp'
    [08-22-2008 - 12:13:54] Client at 59.29.234.153: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m.asp'
    [08-22-2008 - 12:20:58] Client at 201.170.148.3: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m.asp'
    [08-22-2008 - 12:20:59] Client at 201.170.148.3: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m.asp'
    [08-22-2008 - 12:32:01] Client at 189.24.155.56: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m-webtv.asp'
    [08-22-2008 - 12:32:01] Client at 189.24.155.56: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m.asp'
    [08-22-2008 - 12:37:57] Client at 189.149.188.56: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m.asp'
    [08-22-2008 - 12:37:57] Client at 189.149.188.56: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m.asp'
    [08-22-2008 - 12:39:22] Client at 201.34.214.205: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m.asp'
    [08-22-2008 - 12:39:45] Client at 85.99.42.197: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m.asp'
    [08-22-2008 - 12:43:10] Client at 124.121.28.118: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m-webtv.asp'
    [08-22-2008 - 12:49:21] Client at 201.211.113.200: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/y.asp'
    [08-22-2008 - 12:58:06] Client at 122.168.200.189: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m.asp'
    [08-22-2008 - 13:04:54] Client at 190.19.198.60: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/y.asp'
    [08-22-2008 - 13:05:58] Client at 122.163.163.163: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/m.asp'
    [08-22-2008 - 13:08:22] Client at 190.19.198.60: Rule 'Edge' detected string 'declare' in the query string. Request will be rejected.  Site Instance='1489121054', Raw URL='/y.asp'
    [08-22-2008 - 13:19:44] Client at 195.225.178.21: QueryString contains sequence '%%3C', which is disallowed. Request will be rejected.  Site Instance='1643931472', Raw URL='/AddReview.asp', QueryString='txtName=Cialis&txtLocation=PaokyMzP&txtCmnts=Nise+site.%%2C+%%3Ca+href%%3D%%22http%%3A%%2F%%2Fwww.partyvibe.com%%2Fvbulletin%%2Fmember.php%%3Fu%%3D23082%%22%%3ECialis+kaufen%%3C%%2Fa%%3E%%2C++%%25DD%%2C+%%3Ca+href%%3D%%22http%%3A%%2F%%2Fwww.newmediamedicine.com%%2Fforum%%2Fmembers%%2Fsamuelbooker.html%%22%%3EValium+online%%0D%%3C%%2Fa%%3E%%2C++5776%%2C+%%3Ca+href%%3D%%22http%%3A%%2F%%2Fwww.newmediamedicine.com%%2Fforum%%2Fmembers%%2Fclaytonwilliams.html%%22%%3ETramadol%%3C%%2Fa%%3E%%2C++54245%%2C+%%3Ca+href%%3D%%22http%%3A%%2F%%2Fvbulletin.thesite.org%%2Fmember.php%%3Fu%%3D31710%%22%%3Eviagra%%3C%%2Fa%%3E%%2C++renuiq%%2C+%%3Ca+href%%3D%%22http%%3A%%2F%%2Fwww.newmediamedicine.com%%2Fforum%%2Fmembers%%2Fkeithbreunig.html%%22%%3EAmbien%%3C%%2Fa%%3E%%2C++nvnti%%2C+%%3Ca+href%%3D%%22http%%3A%%2F%%2Fboard.muse.mu%%2Fmember.php%%3Fu%%3D98088%%22%%3EBuy+Tramadol+online%%0D%%3C%%2Fa%%3E%%2C++tbsvm%%2C+%%3Ca+href%%3D%%22http%%3A%%2F%%2Fwww.newmediamedicine.com%%2Fforum%%2Fmembers%%2Fsamuelbooker.html%%22%%3EDiazepam%%3C%%2Fa%%3E%%2C++ivbp%%2C+%%3Ca+href%%3D%%22http%%3A%%2F%%2Fcommunity.fotopic.net%%2Fuser%%2Fyyogml.html%%22%%3ECheap+Valium%%3C%%2Fa%%3E%%2C++1672%%2C+&escid=1010'