I found an entry in my logs that appears to be log spamming. The referrer and user-agent were from ctechld.com and the referrer was appended with my domain name in capital letters. Notice that the referrer looks bogus--it has subdirectories after an html file.
A whois lookup says that ctechld.com belongs to an outfit called Concert Technologies (concerttechnologies.net) in Long Island, NY.
ctechld.com gives a 302 redirect to 4kissld.com which is registered to Capsule Communications, Inc. (capsulecom.com) in Bensalem, PA., NETBLK-CAPSULE (NET-209-195-236-0-1) 188.8.131.52 - 184.108.40.206
220.127.116.11 has no reverse DNS configured. It is part of a Cloud 9 netblock.
I'll be banning ctechld.com, 4kissld.com, and 18.104.22.168.
Yeah, I had this one too. The referer looked dubious, so I decided to check it out. As soon as I hit the enter key I knew it was a mistake. Now I feel like a newbie who replied to a email@example.com email. :o
Hopefully log spamming doesn't actually work that way!
Whenever I investigate a spamvertised website, I use the Sam Spade safe web browser interface. That way I don't pass any identifying information such as my IP address to the spammer. In this case, I also removed my domain name that was appended to the spamvertised referrer before I checked it out. If I'm investigating a spamvertised site from an email, I make sure to munge or remove any identifying codes that might be in the URL.
I'd like to see a forum here devoted to outing and identifying log spammers, similar to n.a.n.a.s and n.a.n.a.e for email spam. Maybe a SPEWS or Spamhaus type site would nip this log spamming in the bud before it gets as bad as email spam (if it's not too late).