Welcome to WebmasterWorld Guest from 54.147.44.13

Forum Moderators: Ocean10000 & incrediBILL

Message Too Old, No Replies

ctechld.com

log spamming?

     
6:36 pm on Mar 9, 2003 (gmt 0)

Junior Member

10+ Year Member

joined:Feb 10, 2003
posts:73
votes: 0


I found an entry in my logs that appears to be log spamming. The referrer and user-agent were from ctechld.com and the referrer was appended with my domain name in capital letters. Notice that the referrer looks bogus--it has subdirectories after an html file.

Originating IP: 168.100.193.133
Referrer: "http://www.ctechld.com/index.html/links/MY_DOMAIN_NAME_HERE"
User-agent: "http://www.ctechld.com"

A whois lookup says that ctechld.com belongs to an outfit called Concert Technologies (concerttechnologies.net) in Long Island, NY.

ctechld.com gives a 302 redirect to 4kissld.com which is registered to Capsule Communications, Inc. (capsulecom.com) in Bensalem, PA., NETBLK-CAPSULE (NET-209-195-236-0-1) 209.195.236.0 - 209.195.236.63

168.100.193.133 has no reverse DNS configured. It is part of a Cloud 9 netblock.

I'll be banning ctechld.com, 4kissld.com, and 168.100.193.133.

5:30 am on Mar 10, 2003 (gmt 0)

Administrator from US 

WebmasterWorld Administrator brett_tabke is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 21, 1999
posts:38047
votes: 11


There are so many log file spammers running now (100+ a day here), that it is futile to even point them out.
6:21 am on Mar 10, 2003 (gmt 0)

Junior Member

10+ Year Member

joined:Feb 10, 2003
posts:73
votes: 0


Wow, that many, huh? That answers the question I posed in the related thread [webmasterworld.com].
1:27 am on Mar 12, 2003 (gmt 0)

Junior Member

10+ Year Member

joined:Aug 18, 2002
posts:131
votes: 0


Yeah, I had this one too. The referer looked dubious, so I decided to check it out. As soon as I hit the enter key I knew it was a mistake. Now I feel like a newbie who replied to a remove-me@spammer.com email. :o

Hopefully log spamming doesn't actually work that way!

2:42 am on Mar 12, 2003 (gmt 0)

Junior Member

10+ Year Member

joined:Feb 10, 2003
posts:73
votes: 0


Whenever I investigate a spamvertised website, I use the Sam Spade safe web browser interface. That way I don't pass any identifying information such as my IP address to the spammer. In this case, I also removed my domain name that was appended to the spamvertised referrer before I checked it out. If I'm investigating a spamvertised site from an email, I make sure to munge or remove any identifying codes that might be in the URL.

I'd like to see a forum here devoted to outing and identifying log spammers, similar to n.a.n.a.s and n.a.n.a.e for email spam. Maybe a SPEWS or Spamhaus type site would nip this log spamming in the bud before it gets as bad as email spam (if it's not too late).

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members