The Ultimate Weblog System

Resources

Getting started

Support

Development

Sections

User Functions





Don't have an account yet? Sign up as a New User
Lost your password?


What's New

Stories

No new stories

Comments last 2 days


Trackbacks last 2 days

No new trackback comments

NEW FILES last 14 days


Links last 2 weeks

No recent new links

Older Stories

Thursday 04-Jun


Sunday 31-May


Friday 01-May


Monday 20-Apr


Saturday 18-Apr

Welcome to Geeklog
Friday, July 03 2009 @ 05:45 PM EDT

[Spam] Are contact lenses the new fad?

Tuesday, April 12 2005 @ 01:32 PM EDT

Contributed by: Dirk

Views: 9,608

Spam

Well, we've had spam for porn, pills, and poker - but contact lenses?

Last week, someone actually registered with several Geeklog sites only to post comment spam for contact lenses. I actually thought that was somewhat amusing, but it seems there's more of this coming.

We are now seeing referer spam for a site advertising contact lenses:

Spamvertized site:contact-lenses-x7 DOT com
Domain registered with:Names4ever.com
Site hosted at:72.9.234.170,
Global Net Access LLC,
Atlanta
Referer spam came from:63.247.74.90,
Global Net Access LLC,
Atlanta

It doesn't look like the two incidents are directly related, though. Last week's spam was for:

Spamvertized site:lens DOT excellentoffers DOT info
Domain registered with:DirectNIC
Site hosted at:216.195.42.217,
APS Telecom

I don't have the IP address of that spammer any more, but it belonged to an ISP in Hong Kong.

The excellentoffers site is apparently registered to some Alex Antuacesko in Romania, while contact-lenses-x7 is registered to some Marlon Santos in Seattle, WA. Both addresses may be fake, of course, but at least the Seattle address looks legit.

Anyway, it can't hurt to add both domain names to your Personal Blacklist. And throw in a few key phrases like "contact lens" (so that it also matches "contact lenses"), too, while you're at it.

What's Related

Story Options

[Spam] Are contact lenses the new fad? | 4 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.
[Spam] Are contact lenses the new fad?
Authored by: Anonymous on Tuesday, April 12 2005 @ 04:44 PM EDT
Here is the IP Address he used for referrer spam on my site:

63.247.74.90



---
tokyoahead.com
[Spam] Are contact lenses the new fad?
Authored by: Dirk on Tuesday, April 12 2005 @ 05:19 PM EDT
That's the same IP that we see here (and which I mentioned above). But thanks for confirming that he's also doing this elsewhere.

bye, Dirk
From contact lenses to flowers ...
Authored by: Dirk on Thursday, April 14 2005 @ 01:57 PM EDT

The same person is apparently still doing referer spam, only now it's for flower-delivery-2day DOT com.

The domain is hosted on the same server as the contact-lenses-x7 site above and the person is still spamming from the same IP address (even though I send complaints to his hoster/ISP).

So I'd say you can safely block 63.247.74.90 - nothing good will be coming from there: 

RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^63.247.74.90$
RewriteRule .* - [F]

bye, Dirk

From contact lenses to flowers ...
Authored by: Dirk on Friday, April 15 2005 @ 02:32 PM EDT

... and now it's cash-advance-z3 DOT com. Same server, same IP address the referer spam is coming from - the same guy, obviously.

As I said, block that IP ...

bye, Dirk
© 2002-2009 Geeklog
Created this page in 0.21 seconds 		Powered by Geeklog 1.6.0rc1 
Hosted by pair.com