Hi Again, I was going through my apache log files for the last month, and found these. Note that x.x.x.x againrepresents the offenders' ip addresses, and that myip stands for my own ip address. x.x.x.x - - [03/Jun/2002:10:22:55 -0500] "GET http://www.s3.com HTTP/1.1" 200 819 x.x.x.x - - [03/Jun/2002:13:27:15 -0500] "GET http://myip HTTP/1.0" 200 819 First, why would they be so stupid as to get my server to serve them a different domain. Don't they know their activity and ip address get logged (or maybe logging doesn't happen on windblows web servers)? According to the logs, my server served them the page. However, I just tried doing what they did, and I can't get the page by trying to get it via going to my regular home page like they did. Also, I don't get why they would use my server and explecitly request my ip address as the page they want. I mean, wouldn't they get that right away without having to request it again via the ip address? Thanks. Greg
