Why so many outbound connections to 'ad4.liverail.com'?

greenbeans123 · Post by **greenbeans123** » Thu Jul 02, 2015 5:00 pm

I am a bit new to the security field, and in the midst of shoving a ton of information in to the brain. One thing I am trying to understand is why I am seeing some of the clients machines I support making several thousand connections to 'ad4.liverail.com' and several other ad websites? Our AV is not catching anything, but there is no way this is normal behavior.

Post by **mapx** » Thu Jul 02, 2015 5:05 pm

it depends on the sites they are visiting, video streaming sites probably, examples ?

greenbeans123 · Post by **greenbeans123** » Thu Jul 02, 2015 5:47 pm

one example would be:

http://t4.liverail.com/?metric=error&er ... &x=&y=&xy=

I'm just not sure if this is one of those hidden ad clicking programs or is legitimate traffic.

Post by **mapx** » Thu Jul 02, 2015 6:07 pm

well, I asked for a site they are visiting

however, the link you provided seems to be tracking stuff

greenbeans123 · Post by **greenbeans123** » Thu Jul 02, 2015 6:58 pm

Gotchya, thanks for the info. They way things are set up here right now, we don't have access to the full links from the logs. That will be changed soon. But what I have seen from the tools I am using will record 693 hits to t4.liverail.com or ad4.liverail.com in one instance, or other sites like ads.adaptv.advertising.com. The URL's they hit prior will be to these connections I still am unsure of.

Adblock Plus

Why so many outbound connections to 'ad4.liverail.com'?

Why so many outbound connections to 'ad4.liverail.com'?

Re: Why so many outbound connections to 'ad4.liverail.com'?

Re: Why so many outbound connections to 'ad4.liverail.com'?

Re: Why so many outbound connections to 'ad4.liverail.com'?

Re: Why so many outbound connections to 'ad4.liverail.com'?