What is Verify Compliance Page
verify-Compliance_Page | notified-Compliance_Page
I noticed a few 404 page not found errors in activity logs for several sites today using these strings; verify-Compliance_Page?aHR0cDovL3d3dy5ncmFwaGljbGluZS5jby56YS8= and notified-Compliance_Page with the same rubbish string on the end. When I find odd GET requests I invariably try to find out more information about what the ‘visitor’ is trying to do. Are they trying to hack, access forbidden areas, upload malware or post spam…
As far as verify-Compliance_Page and notified-Compliance_Page are concerned, the amount of substantiated information is notable only in it’s scarcity. So for any webmaster who is also looking for this information about these odd GET requests, this is what I was able to establish.
ProxySG Software related?
The most likely reason this string is being added to GET requests is an attempt to discover if the website is using a security product called ProxySG from Blue Coat (possibly by a bot or spider), and if so to exploit a possible vulnerabilty. No information was available about the vulnerability.
referer Spam or not?
Another suggestion was this could be a case of referer spam. I guess this is possible; it could also be a case of referer spoofing. The referer in this case was a page on this blog, linking to my e-store catalogue. Interestingly, the verify-Compliance_Page string was found attached to the primary homepage www.graphicline.co.za/ as well as to the e-store homepage and catalogue page.
As I didn’t add this string to the link, what is anyone linking to the pages doing adding this to the link – nothing honourable and good that is certain!
And just to add substance to the notion this was a visitor with ill intent, the IP address had an entry in Project Honeypot as in use by a mail server or spammer…
Webmasters, Have You Seen this GET request
If you’ve seen “verify-Compliance_Page” or “notified-Compliance_Page” in your server logs, share your discoveries here…