Resources

Getting started

Support

Development

Topics

User Functions

Events

There are no upcoming events

What's New

Stories

No new stories

Comments last 2 weeks

No new comments

Trackbacks last 2 weeks

No new trackback comments

Links last 2 weeks

No recent new links

NEW FILES last 14 days

No new files

Welcome to Geeklog Saturday, May 18 2013 @ 09:47 PM EDT

> >

[Spam] Are contact lenses the new fad?

Spam
  • Tuesday, April 12 2005 @ 01:32 PM EDT
  • Contributed by:
  • Views:
    13,495

Well, we've had spam for porn, pills, and poker - but contact lenses?

Last week, someone actually registered with several Geeklog sites only to post comment spam for contact lenses. I actually thought that was somewhat amusing, but it seems there's more of this coming.

We are now seeing referer spam for a site advertising contact lenses:

Spamvertized site:contact-lenses-x7 DOT com
Domain registered with:Names4ever.com
Site hosted at:72.9.234.170,
Global Net Access LLC,
Atlanta
Referer spam came from:63.247.74.90,
Global Net Access LLC,
Atlanta

It doesn't look like the two incidents are directly related, though. Last week's spam was for:

Spamvertized site:lens DOT excellentoffers DOT info
Domain registered with:DirectNIC
Site hosted at:216.195.42.217,
APS Telecom

I don't have the IP address of that spammer any more, but it belonged to an ISP in Hong Kong.

The excellentoffers site is apparently registered to some Alex Antuacesko in Romania, while contact-lenses-x7 is registered to some Marlon Santos in Seattle, WA. Both addresses may be fake, of course, but at least the Seattle address looks legit.

Anyway, it can't hurt to add both domain names to your Personal Blacklist. And throw in a few key phrases like "contact lens" (so that it also matches "contact lenses"), too, while you're at it.

What's Related

Story Options

The following comments are owned by whomever posted them. This site is not responsible for what they say.

  • [Spam] Are contact lenses the new fad?
  • Authored by:Anonymous on Tuesday, April 12 2005 @ 04:44 PM EDT
Here is the IP Address he used for referrer spam on my site:

63.247.74.90



---
tokyoahead.com
  • [Spam] Are contact lenses the new fad?
  • Authored by:Dirk on Tuesday, April 12 2005 @ 05:19 PM EDT
That's the same IP that we see here (and which I mentioned above). But thanks for confirming that he's also doing this elsewhere.

bye, Dirk
  • From contact lenses to flowers ...
  • Authored by:Dirk on Thursday, April 14 2005 @ 01:57 PM EDT

The same person is apparently still doing referer spam, only now it's for flower-delivery-2day DOT com.

The domain is hosted on the same server as the contact-lenses-x7 site above and the person is still spamming from the same IP address (even though I send complaints to his hoster/ISP).

So I'd say you can safely block 63.247.74.90 - nothing good will be coming from there: 

RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^63.247.74.90$
RewriteRule .* - [F]

bye, Dirk

  • From contact lenses to flowers ...
  • Authored by:Dirk on Friday, April 15 2005 @ 02:32 PM EDT

... and now it's cash-advance-z3 DOT com. Same server, same IP address the referer spam is coming from - the same guy, obviously.

As I said, block that IP ...

bye, Dirk

Post a Comment

Your Name
Create Account
Allowed HTML Tags:
<p>, <b>, <strong>, <i>, <a>, <em>, <br>, <tt>, <hr>, <li>, <ol>, <ul>, <code>, <pre>, [code], [raw], [page_break], [staticpage:]InformationInformation[staticpage: id alternate title] - Displays a link to a static page using the static page title as the title. An alternate title may be specified but is not required. , [event:]InformationInformation[event: id alternate title] - Displays a link to an Event Link from the Calendar using the Event Title as the title. An alternate title may be specified but is not required. , [poll:]InformationInformation[poll: id alternate title] - Displays a link to a poll using the Poll Topic as the title. An alternate title may be specified but is not required. , [link:]InformationInformation[link: id alternate title] - Displays a link to a Link from the Links Plugin using the Link Title as the title. An alternate title may be specified but is not required. , [faq:], [forum:]InformationInformation[forum: id alternate title] - Displays a link to a forum topic using the text 'here' as the title. An alternate title may be specified but is not required. , [file:], [story:]InformationInformation[story: id alternate title] - Displays a link to a Story using the Story Title as the title. An alternate title may be specified but is not required. , [user:]InformationInformation[user: name alternate title] - Displays a link to a User using the Username as the title. An alternate title may be specified but is not required.
 

Security code
This question is for testing whether you are a human visitor and to prevent automated spam submissions.

What code is in the image?
Enter the bolded text, case sensitive!
Important Stuff
  • Please try to keep posts on topic.
  • Try to reply to other people comments instead of starting new threads.
  • Read other people's messages before posting your own to avoid simply duplicating what has already been said.
  • Use a clear subject that describes what your message is about.
  • Your email address will NOT be made public.