Welcome to WebmasterWorld Guest from 54.144.79.200

Forum Moderators: Ocean10000 & incrediBILL

Message Too Old, No Replies

ctechld.com

log spamming?

     

jazzguy

6:36 pm on Mar 9, 2003 (gmt 0)

10+ Year Member



I found an entry in my logs that appears to be log spamming. The referrer and user-agent were from ctechld.com and the referrer was appended with my domain name in capital letters. Notice that the referrer looks bogus--it has subdirectories after an html file.

Originating IP: 168.100.193.133
Referrer: "http://www.ctechld.com/index.html/links/MY_DOMAIN_NAME_HERE"
User-agent: "http://www.ctechld.com"

A whois lookup says that ctechld.com belongs to an outfit called Concert Technologies (concerttechnologies.net) in Long Island, NY.

ctechld.com gives a 302 redirect to 4kissld.com which is registered to Capsule Communications, Inc. (capsulecom.com) in Bensalem, PA., NETBLK-CAPSULE (NET-209-195-236-0-1) 209.195.236.0 - 209.195.236.63

168.100.193.133 has no reverse DNS configured. It is part of a Cloud 9 netblock.

I'll be banning ctechld.com, 4kissld.com, and 168.100.193.133.

Brett_Tabke

5:30 am on Mar 10, 2003 (gmt 0)

WebmasterWorld Administrator brett_tabke is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



There are so many log file spammers running now (100+ a day here), that it is futile to even point them out.

jazzguy

6:21 am on Mar 10, 2003 (gmt 0)

10+ Year Member



Wow, that many, huh? That answers the question I posed in the related thread [webmasterworld.com].

Finder

1:27 am on Mar 12, 2003 (gmt 0)

10+ Year Member



Yeah, I had this one too. The referer looked dubious, so I decided to check it out. As soon as I hit the enter key I knew it was a mistake. Now I feel like a newbie who replied to a remove-me@spammer.com email. :o

Hopefully log spamming doesn't actually work that way!

jazzguy

2:42 am on Mar 12, 2003 (gmt 0)

10+ Year Member



Whenever I investigate a spamvertised website, I use the Sam Spade safe web browser interface. That way I don't pass any identifying information such as my IP address to the spammer. In this case, I also removed my domain name that was appended to the spamvertised referrer before I checked it out. If I'm investigating a spamvertised site from an email, I make sure to munge or remove any identifying codes that might be in the URL.

I'd like to see a forum here devoted to outing and identifying log spammers, similar to n.a.n.a.s and n.a.n.a.e for email spam. Maybe a SPEWS or Spamhaus type site would nip this log spamming in the bud before it gets as bad as email spam (if it's not too late).

 

Featured Threads

Hot Threads This Week

Hot Threads This Month