This is a place where you can report incorrect whois data:
Remember that Moniker just requires the owner of the domain to change a comma, and they’ll accept the new version. But other registrars are a lot stricter.
I’ve got a significant number of search engine traffic stemming from “dirty” phrases. Really dirty…
It’s impossible to avoid those phrases when the topic of the blog is blog spam/web spam, so I don’t sweat it.
I’m just a little shocked at how many people are looking for perverted sex via search engines. And imagine how far down I’ve got to be in the results on those, I’ve obviously not optimized my blog for them. Those searchers seem to be pretty persistent!
Brrrrr…
Update
The whitebear address now ranks third on Yahoo on
beastiality movies
And second place on MSN for beastiality dog sex.
Go figure…
I found someone accessing my old site using the search engine phrase:
blog spamming software
I tried it myself, and happened on a Threadwatch discussion about the Spam summit and blog spammers.
In that discussion, I found a SEM guy who openly admits to blog spamming:
Jason Duke
Heh, I guess he hasn’t figured out that we get every spamvertized URL we find banned by Google, eh?
I was about to announce two new domains spamvertized by the Bulgarians, but Cindy is on the case as usual.
If you need to have an early warning system, she’s usually reliable.
But usually the pinappleproxy .htaccess block (link from all of Cindy’s posts) will be enough, as long as you also block high anonymity proxies by IP number.
Another note:
The new domains (registrarprice.com and bnetsol.com) look very official. I mean, who hasn’t heard of Network Solutions nickname Netsol? And registrarwhatever always sounds official. Sneaky…
Blogherald reports that webhost Birdhouse is forcing all their customers using MT to only allow registered commenting.
I guess they never heard of pinappleproxy?
I just got a comment spam on annelisabeth.com. From the Bulgarians (they seem to be having intermittent blacklist troubles).
This one sailed past the filters that would normally have stopped the posting attempts.
The reason is the high anonymity of the proxy
IP number:
62.193.231.243
proxy3.checkflow.net
Update: It now resolves to:
wpc1213.amenworld.com
You should also block:
62.193.231.242
wpc1213.amenworld.com
I’ll check if there are more proxies on this net.
It doesn’t leav a pinappleproxy identifier. I found this instead:
It’s a for sale software suite that enables you to surf invisibly. I don’t know if the Bulgarians use that on one of their machines, or if they’ve found a way to misuse a proxy server.
Either way, ban the IP number, until we find a way to cut the Bulgarians off.
Update
This proxy swallows the referrer. The Bulgarians have used it some, and the net result is always that their spam doesn’t enter the logs (only the access does). This also means if you block commenting that doesn’t have a referrer from your site, this proxy is blocked. Thought this would be relevant…
Until further notice,
148.244.150.58
148.244.150.57
207.248.240.119 (new)
from Alestra in Mexico should be banned.
148.244.150.58 is an open proxy, that’s become the spammers’ favorite proxy. And I’m not just talking about ONE spammer here, but many. 148.244.150.57 isn’t as often used, but is also a proxy.
Until Alestra figures out what’s going on and secures those servers, they should be banned.
I’d consider banning this one:
User agent:
NP/0.1 (NP; http://www.nameprotect.com; npbot@nameprotect.com)
IP Adress:
12.175.0.43
24.177.134.6
The bot goes for robots.txt and then the root of the site, and on annelisabeth.com it also went for some of my organizing pages as well as a blog post.
And here’s the marketing blurb on their homepage:
NameProtect® is a Digital Asset Protection company providing eMarket Intelligence to leading corporations. We proactively provide protection of brand assets, recovery of diverted revenues and detection of online identity theft and fraud.
Hmm, I suppose I’ll let it roam on mine, if they actually DO something to all the spammers? But for most sites, a ban is not a bad idea.
The whitebear address that’s redirecting to me after a spamrun - is banned by Google.
That doesn’t stop Googlebot from trying, and trying, the different URL’s on that domain that were spamvertized. They all meet a 404 on my site.
Both Yahoo’s and Google’s bots keep trying.
Blech…
Lately we’ve seen a lot of free hosts being misused. I’m betting some of those have a high percentage of spammy hosts on them. And since most free hosts are funded by advertising, it can’t be good business to host spammy sites, when many of them even script their pages so the free host’s advertising will never be visible.
So, I propose that free hosts need to check for spammy sites.
Search Google for the main domains, and check out spam on blogs. Here’s one search phrase that would yield a crop of blogspam for one of those free hosts:
“dk3.+com” blog vicodin
You can do similar searches for:
poker
casino
porn
cialis
And other typical phrases.
Then, check out the site, see how it’s coded and who registered it. Take out all sites registered at the same time - or other times - from the same IP number. Double check the names that those are spammy site names.
There are SO many things a free webhost could do to keep the spam down. But it will take a human body to think it through, and to at least have a look over the site names before terminating.
So, any chance the free hosts will start to do this?
Because, at this rate, the internet is so filled with spam and spammy sites, it’s embarassing. I mean, what’s the ratio by now? Anyone?