Our application server is receiving a few dozen requests per day with a malformed URL, containing a random .png image reference on the end of the GET.
For example, our URL (with parameters) is supposed to end with this:
&quiz_psetGuid=PSETC0A80101000000234e7960020000
And instead it ends with this when the server receives it:
&quiz_psetGuid=PSETC0A80101000000234e7960020000/cfyxqvn.png
The .png reference is not ours and we didn't put it there. Needless to say it makes it impossible to read the URL parameter.
This problem occurs from multiple user agents.
Any idea where this is coming from?
We've been seeing these requests recently and as they also come from logged in members, it is quite clearly some add-on (likely some malware) installed on various machines. In our case there's no / added before the random string so a valid url sucj as
becomes