InformAction Forums

On the video section of nfl.com on the page that actually contains a streaming video there is an object subrequest from http://127.0.0.1:9421/crossdomain.xml the problem is I cannot figure out what it is doing. I don't suspect that it is malicious. The best guess that I have is that it has something to do with their "Unlock high quality" feature.
My other question relating to this that if a website has connection to 127.0.01 wouldn't that just loopback to the website itself because 127.0.0.1 is the loopback address?

Guest wrote:On the video section of nfl.com on the page that actually contains a streaming video there is an object subrequest from http://127.0.0.1:9421/crossdomain.xml the problem is I cannot figure out what it is doing.

Very likely it's trying to connect to a local application (a player?) listening on port 9421 of your PC.

Guest wrote: if a website has connection to 127.0.01 wouldn't that just loopback to the website itself because 127.0.0.1 is the loopback address?

No, if a website "has a connection" (i.e. links to) 127.0.0.1, it's trying to connect to YOUR loopback address since it's doing that through YOUR browser (which is running on YOUR PC).
That's how CSRF router hacking works: the remote application uses your browser (the fact it's inside your LAN, behind your firewall) to bypass your firewall and talk to your internal router interface.

Giorgio Maone wrote:

Guest wrote:On the video section of nfl.com on the page that actually contains a streaming video there is an object subrequest from http://127.0.0.1:9421/crossdomain.xml the problem is I cannot figure out what it is doing.

Very likely it's trying to connect to a local application (a player?) listening on port 9421 of your PC.
I believe this to be the case, upon further investigation I found that they, nfl.com, uses proprietary plug-in to access HD versions of the streaming videos