Solved

How to know where a file came from

Posted on 2003-11-13
7
371 Views
Last Modified: 2010-04-11
Hello, one of clients have 2 registered domains, domain.com.br and domain.org.br.

I've developed a website for the client and both domains show the same website.

Everywhere I've tested it works good, but inside my client's network he gets an outdated version on only one of the domains.

I've checked with my ISP/DATA CENTER and they say both domains point to same physical directory (and I have FTP access to this directory only). So this outdated version doesn't exist on my ISP, and I don't know where the outdated files are coming from, probably a proxy but couldn't identify it.

So my question is: Is there an application (windows) I could run inside my client's network that would monitor the browser and show me where (IP) the files are coming from?

Or does someone have any other idea on how to solve the mystery?

ps: The files are not on the browser's cache, it's been cleaned several times, and I used different browsers.




0
Comment
Question by:rogerbrito
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 35

Expert Comment

by:ShineOn
ID: 9745343
Does the client's network have a proxy cache type firewall or load-balancing device?  That would include forward proxy and reverse proxy.

I take it that the ISP/datacenter is the host for the website serviced by the two domain names, correct?

If you are running all traffic through a web proxy, you should be able to analyze the sources of the traffic using something along the lines of webtrends.

If you select one website on a browser you get current stuff, and if you select the other URL you get old stuff?  Have you tried doing a traceroute to the two different URLs and see if there's maybe a content server somewhere in-between?
0
 

Author Comment

by:rogerbrito
ID: 9747155
Hi ShineOn,

--Does the client's network have a proxy cache type firewall or load-balancing device?  That would include forward proxy and reverse proxy.
no they don't have any proxy.

--I take it that the ISP/datacenter is the host for the website serviced by the two domain names, correct?
Yes, thats right


--If you are running all traffic through a web proxy, you should be able to analyze the sources of the traffic using something along the lines of webtrends.
Do you mean using webtrends on the client's network or on the ISP?


--If you select one website on a browser you get current stuff, and if you select the other URL you get old stuff?  
Yes, that's the problem.

Have you tried doing a traceroute to the two different URLs and see if there's maybe a content server somewhere in-between?
No, but we've ping it, and both domains point to same IP.
I'm gonna try tracert

Do you know any app (like a browser) that shows where the files are coming from? It could be very useful.

Thank you






0
 
LVL 35

Accepted Solution

by:
ShineOn earned 250 total points
ID: 9748925
As far as an app to help with this issue, all I can think of would be a packet analyzer. A good free one is at www.ethereal.com

Maybe you could track it down by analyzing the HTML by looking at the source in your browser - I don't know, that's just a thought.
0
What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

 
LVL 4

Expert Comment

by:P1isken
ID: 9749595
They may be pulling a cached copy from the Local Machine... Make sure his IE settings match the following in the listed areas...

With IE open:
Tools -> Internet Options
Half way down on the right hand side, click Settings under Temporary Internet Files... Select the option to update every visit to the page towards the top of the page and set the cache to 1 Meg towards the bottom... This will not affect the clients browsing at all...

This should pull the page every time they access it.. If it doesn't, then I agree with ShineOn that there is some caching device between the client's workstation and the server... :)
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 9749648
If not a caching device, then the ISP/Host has a "test" and "production" server for you without you wanting them to, and has one URL rerouting to the "test" (current stuff), and one to the "production"  (old stuff.)  Why they wouldn't know that, I don't know, but it IS a possibility. Maybe a double-triple-quadruple check with the ISP/Host using various contact points might yeild an answer that points to their hosting model.
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 9749653
Oops, that's "yield."
0
 

Author Comment

by:rogerbrito
ID: 9749811
Hi guys, thank you for your help.

If they have a "test" and "production" servers they would have different IPs, right? When I ping both domains inside my clients network I got the same IP address.

I really don't think the files are coming from the local cache, it's been cleaned several times, and I even used different browsers (IE and netscape).

I'm gonna try the packet analyzer

Thanks for now.

ps: I'm still open for ideas!

0

Featured Post

Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Make the most of your online learning experience.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses
Course of the Month9 days, 15 hours left to enroll

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question