Now Reading
My little MillionDollarHomepage backyard – matthieu.io

My little MillionDollarHomepage backyard – matthieu.io

2023-09-13 12:11:15

Again across the time I satisfied my household to modify from a 56 kb/s dial-up modem to
ADSL, the web site milliondollarhomepage.com was
launched, and shortly grew to become an Web phenomenon, promoting pixels for promoting
area on a 1000×1000 canvas. 18 years later, the homepage remains to be standing, proudly
displaying the Web billboard of 2005, frozen in time.

A while in the past I purchased one of many expired domains the web page factors to,
pixels4all.com. On this submit I am exploring this Web backyard.

Pixels for all!

The emblem of pixels4all.com shouldn’t be simple to search out. This is the complete picture in all its
glory:

Million Dollar Homepage


Zooming in a bit:

Million Dollar Homepage Zoom 1


And extra:

Million Dollar Homepage Zoom 2


Right here it’s, our stunning yellow and purple emblem:

Pixels4all logo

It occupies an actual property of 200 sq. pixels on the web page, or 0.02%, and therefore value
$200 to purchase in 2005. I did not purchase these pixels myself, however I inherited the advert area when
registering the expired area identify years later. It isn’t precisely distinguished on the web page,
however it’s what it’s.

Ten greenback copycat

A bit in regards to the earlier homeowners.

The OG pixels4all.com seems to be one of many many MillionDollarHomepage copycats,
browsing on the excitement and providing the identical idea or related. The Web Archive
gives a few hints
about what was there. It was first captured on 2005/12/15, and final on
2006/04/02.

Pixels4all banner

Sadly, the banner is just about all there may be to see. Most footage are lacking,
the Purchase Pixels hyperlink redirects to a login web page, and FAQs shouldn’t be a hyperlink. My finest guess
is that pixels could possibly be purchased for a restricted time of 30 days.

It is also written that 4800 pixels have been offered. This quantity is constant throughout the
few months the web site was alive, and provides an estimate of the overall income: $9.6.

From there, beginning on the newest in June 2006, the area is on the market and shows a
Sedo.com parking page,
itemizing it for $500. Later changed by
a GoDaddy parking page,
a brand new
Sedo parking page,
an empty page,
503,
404, and eventually in
2017 a redirection to ?reqp=1&reqr=, an URL which hasn’t been archived.

I purchased the area in 2019, and did not do a lot with it till 2022, after I arrange a
dummy web page behind a server. I used to be curious to see if there was any visitors, however extra on
that later.

My beautiful neighbours

So we obtained a couple of months of unsuccessful time-based pixel promoting in 2006. However sufficient with
failed companies, let’s take a look at how my neighbours are doing.

Due to this
MillionDollarHomepage restoration,
we are able to browse the web sites instantly by way of the Web Archive. My rapid
neighbours are fairly cool:

  • Club-Millionaire.com.
    Pronounced CLUB MILLIONAIRE, and self-described as “for many who believes in infinite
    alternatives of the Universe of the Web on the Planet of the Earth”. It is a type
    of Ponzi scheme but additionally with pixels for the members? Appears legit, however sadly
    it would not exist anymore.

  • FairChild.co.uk.
    With an attention-grabbing redirection mechanism (default.asp -> cookie.asp ->
    default.ask?cookies=no), they’re “Producers of Industrial Computer systems And
    Webservers Since 1989
    “. These days, it instances out with a Cloudflare web page.

  • ETCompany.com.
    Promoting refurbished notebooks, printers and extra {hardware} from the nice previous days.
    Providing WHOLESALE PRICES to the PUBLIC since 1993!!!“, however sadly in 2023
    the area is on the market, listed at $3695.

  • LaptopBlowout.com.
    Similar to the earlier one, however with strong offers: “Please, do not spend your
    efforts and time in search of higher costs on laptops. Our costs are the Finest on the
    WEB
    “. At present the web page seems to be empty however triggers ad-blockers and CORS warnings.

  • AWebApart.com.
    A touchdown web page for a future web site builder. They had been all the fashion again then! Neat,
    it still exists. It is my solely surviving direct
    neighbour, and I definitely get pleasure from its firm.

Wandering a couple of a whole bunch of pixels away, some extra distant however notable neighbours are a
journey down nostalgia lane. Take a look at
DesignForward.net
(it has an intro! an internet site with an animated intro!),
AdvancedInfoStorage.com
(with a stand-by web page redirecting to https earlier than it was cool),
Game.sc (Flash video games!),
and
TheDogWeb.co.uk
(nothing lower than designer equipment and jewelry for canines).

Bot visitors

The online modified since 2005, and it is now populated by bots.

I setup a fundamental index.html behind an online server answering to pixels4all.com, and
collected a yr of http logs. There have been 86847 http requests made between 2022-08-08
and 2023-08-08, which is small visitors for contemporary requirements, however nonetheless enjoyable to dive
into – I obtained curious to search out out who’s hitting this lengthy useless pixel-selling web site.
Unsurprisingly, a fair proportion of bots and scrapers.

Visits per day

Daily traffic

The twenty third of March stands out. 90% of visitors got here from the identical IP tackle, positioned in
Singapore and belonging to the cloud supplier Digital Ocean. Apparently sufficient, whereas
that tackle has tried numerous well-known URL paths for vulnerabilities earlier than and after
that day, the 3274 requests made the twenty third of March had been all for /.

To collect extra random stats, I included a picture of a
web legend within the index.html served by
pixels4all.com. The URL for that picture might be discovered within the HTML supply code.
/rick.jpg was hit… 97 instances! Parsing HTML and downloading photographs is slightly pricey – so
bots scanning for vulnerabilities do not hassle with that (however why whould they).

The place do they arrive from?

World map of requests per country

See Also

Mapping incoming IP addresses to their related nation provides a tough concept of
the place they geographically come from. #1 on the chart is the USA with 42k queries, #2 is
China with 12k queries, and #3 Germany with 9k queries. There are 71 completely different nations
with at the least 1 hit.

After all, this does not say a lot: internet crawling software program runs in datacenters and doubtless
behind VPNs, not essentially near the precise customers.

To determine how somebody reached an online web page, it may be attention-grabbing to take a look at the
Referer http header, which provides details about the earlier web page that was visited.
Nevertheless, internet browsers will typically not set this header for cross-domain visits (for
privateness considerations), and crawlers do not have a purpose to set it both.

Nevertheless, ~12% of the requests do have a Referer set. Most of them appear to be
handcrafted as they’re lacking http[s]: www.google.com or yahoo.com (haha).
Others are parseable URLs on the area pixels4all.com, however they clearly do not exist,
for instance http://www.pixels4all.com/utility/convert/knowledge/co. I do not know the way it
ended up there. Lastly, there are vulnerability exploits within the type of code injections
in SQL or PHP.

All in all, not a lot data about the place guests come from. I definitely hope by following
the hyperlink from the Million Greenback Homepage!

The place do they go?

URL paths

URL paths, the overwhelming majority of requests are for /. And the remaining, properly,
clearly comes from lists of weak URLs to probe for, akin to recordsdata which might
include credentials or misconfigured WordPress administration pages.

Naturally, all of them return 404 for my placeholder web site. I ponder how enjoyable it might be to
construct a honeypot there by returning pretend pages?

Mozlila Firefox

The final little bit of ineffective data might be discovered within the Consumer-Agent http header. A consumer
agent is a string figuring out the software program making the http request, for instance
Web Explorer or curl.

Nevertheless, again within the day, internet servers had been serving completely different content material to completely different
browsers, as a consequence of some options (for instance <body>) not being out there in all places,
they usually had been decoding the consumer agent string for that goal. Browsers did not need
to be left behind after implementing such options, so all of them began to determine as a
variation of Mozilla. For compatibility causes, just about each browser these days
identifies itself as Mozilla/5.0 one thing one thing.

So do internet crawlers and bots, that are spoofing well-known consumer brokers (for instance
Google Chrome’s) to fly beneath the radar.

That being stated, nearly 12k requests got here with this consumer agent:

Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Model/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36

Discover the typos? Mozlila, Bulid, Moblie. Bots utilizing this should not precisely refined,
as Mozlila is a
well known typo in rootkits,
which appears to have been copy-pasted in lots of instruments, akin to
those developed by Anonymous Fox.
Apparently sufficient, some instruments have mounted the typo in Moblie however not in Mozlila.

Million greenback backyard

It has been enjoyable to dive into the historical past of an internet site just about no one ever knew, and
take a look at the visitors logs regardless of its dormant state for near 18 years.

I do not know at this level what I will do with the area identify – within the meantime it is a
good Web backyard to maintain.


Footnotes

Source Link

What's Your Reaction?
Excited
0
Happy
0
In Love
0
Not Sure
0
Silly
0
View Comments (0)

Leave a Reply

Your email address will not be published.

2022 Blinking Robots.
WordPress by Doejo

Scroll To Top