What on earth is this?

[cancer10]

Hi,

Whenever I try to open any website (gmail, hotmail, and anyother) with my FF, I see the following two URLS in my FF status bar:

Code:

dt.tongji.cn.yahoo.com

and

ad.5iyy.info

I even upgraded to FF 3 but still getting those links in my FF status bar.

What do you think it can be?

Screenshots
http://i27.tinypic.com/fxcirm.jpg
http://i28.tinypic.com/261jb07.jpg




Thanx

[Fang]

Gathering stats

[NogDog]

I can't find anything conclusive, but the "tongji" thing seems to be showing up in some googling in association with some sort of ad-clicking trojan horse.

[wh666-666]

You might just find its an innocent web/ad server ...

Tonji, i believe is a university in china with a large network that also provides business solutions i believe ....

Its just like ebaystatic server solutions. Having 2 billions people accessing all content from ebay servers would be prohibitively expensive, so they use another company, Anuki (i think?), among others to deal with image requests, etc etc.

I dont use gmail but i know on the msn hotmail site, several images and adverts are hosted externally .....

I really wouldnt worry too much, especially if you've scanned for malware ....

[\\.\]

You might just find its an innocent web/ad server ...

Tonji, i believe is a university in china with a large network that also provides business solutions i believe ....

Its just like ebaystatic server solutions. Having 2 billions people accessing all content from ebay servers would be prohibitively expensive, so they use another company, Anuki (i think?), among others to deal with image requests, etc etc.

I dont use gmail but i know on the msn hotmail site, several images and adverts are hosted externally .....

I really wouldnt worry too much, especially if you've scanned for malware ....

LOL, Innocent ad server... Sorry, no such thing. These things are annoying and invade your privacy by tracking clicks, planting cookies and other tracking warez, so anything that they load on to your system via your browser in legal terms is an invasion of privacy and illegal.

In fact, anything that arrives at your PC, pop up or pop under or is loaded onto your PC without your consent, etc is an invasion of your privacy and can be classed as an assault if the warez cause damage.

(Asked whois.markmonitor.com:43 about yahoo.com)

MarkMonitor.com -
Registrant:
Domain Administrator
Yahoo! Inc.
701 First Avenue
Sunnyvale CA 94089
US
domainadmin@yahoo-inc.com
1.4083493300 Fax: 1.4083493301
Domain Name: yahoo.com
Registrar Name: Markmonitor.com
Registrar Whois: whois.markmonitor.com
Registrar Homepage: http://www.markmonitor.com
Administrative Contact:
Domain Administrator
Yahoo! Inc.
701 First Avenue
Sunnyvale CA 94089
US
domainadmin@yahoo-inc.com
1.4083493300 Fax: 1.4083493301
Technical Contact Zone Contact:
Domain Administrator
Yahoo! Inc.
701 First Avenue
Sunnyvale CA 94089
US
domainadmin@yahoo-inc.com
1.4083493300 Fax: 1.4083493301
Created on..............: 1995-01-18.
Expires on..............: 2012-01-18.
Record last updated on..: 2008-04-30.
Domain servers in listed order:
ns2.yahoo.com
ns1.yahoo.com
ns5.yahoo.com
ns4.yahoo.com
ns3.yahoo.com
MarkMonitor.com - The Leader in Corporate Domain Management
----------------------------------------------------------
For Global Domain Consolidation Research & Intelligence
and Enterprise DNS go to: www.markmonitor.com
----------------------------------------------------------
--

which then leads to...

MarketMonitor

(Asked whois.markmonitor.com:43 about markmonitor.com)

MarkMonitor.com -
Registrant:
MarkMonitor Inc.
MarkMonitor Inc.
391 N Ancestor Pl
Boise ID 83704
US
custserv@markmonitor.com
1.2083895784 Fax: 1.
Domain Name: markmonitor.com
Registrar Name: Markmonitor.com
Registrar Whois: whois.markmonitor.com
Registrar Homepage: http://www.markmonitor.com
Administrative Contact:
MarkMonitor Inc.
MarkMonitor Inc.
391 N Ancestor Pl
Boise ID 83704
US
custserv@markmonitor.com
1.2083895784 Fax: 1.
Technical Contact Zone Contact:
MarkMonitor Inc.
MarkMonitor Inc.
391 N Ancestor Pl
Boise ID 83704
US
custserv@markmonitor.com
1.2083895784 Fax: 1.
Created on..............: 1999-04-23.
Expires on..............: 2015-04-22.
Record last updated on..: 2007-09-04.
Domain servers in listed order:
ns3.markmonitor.com
ns2.markmonitor.com
ns7.markmonitor.com
ns1.markmonitor.com
ns4.markmonitor.com
ns6.markmonitor.com
ns5.markmonitor.com
MarkMonitor.com - The Leader in Corporate Domain Management
----------------------------------------------------------
For Global Domain Consolidation Research & Intelligence
and Enterprise DNS go to: www.markmonitor.com
----------------------------------------------------------
--

If your concerned, I would add these URL's to you firewall to block them.

[wh666-666]

LOL, Innocent ad server... Sorry, no such thing. These things are annoying and invade your privacy by tracking clicks, planting cookies and other tracking warez, so anything that they load on to your system via your browser in legal terms is an invasion of privacy and illegal.

In fact, anything that arrives at your PC, pop up or pop under or is loaded onto your PC without your consent, etc is an invasion of your privacy and can be classed as an assault if the warez cause damage.

I might class this as perhaps a bit of an extreme reaction, but I respect your opinion and certainly think it's valid as I have seen some invasive ones.

I find it quite funny that ads track me, as I get some truly bizarre ad suggestions, just because I looked at a hotel somewhere for example.



Anyway, the reason why I am digging this thread back up is because I would be interested in hearing yours and others opinions, if you should live in the EU, on the cookie law, which now states that sites must get a users permission before serving them cookies?