I've just started to receive loads of spam this last week and all from the same place.
It looks like a bot and someone's promoting these sites:
ht tp://foryoulike.com/pregnancy/map-2.html
ht tp://superflatline.com/apartment-design/map-3.html
and a few more.
They look to be in malaysia.
Am I correct ? Who do I report them to ?
Also why is it that a tracroute reveals nothing ?
[edit - URLs broken]
Full Version: Targetting a web hoster.
QUOTE(Mr512Bytes @ Oct 7 2009, 11:13 AM) 
ht tp://foryoulike. com/pregnancy/map-2.html
ht tp://superflatline. com/apartment-design/map-3.html[/
[snip]
Also why is it that a tracroute reveals nothing ?
We have a page at the Wiki that describes how to go about tracking down spam websites, you might give it a read.ht tp://superflatline. com/apartment-design/map-3.html[/
[snip]
Also why is it that a tracroute reveals nothing ?
There are several reasons why traceroute won't return results; for instance, in my office, my employer has blocked the ICMP port, so traceroute is useless. Also, not every host in a traceroute chain is obliged to respond to the probes (and many don't). Generally "host" or "nslookup" or "dig" are better tools to use in trying to pinpoint the IP addresses of websites.
Both of the sites you mention are showing up for me at the same address, 201.71.102.105. wiich is allocated to a Brazilian provider (starone.com.br). I only get one IP address back from DNS, and it has a long TTL, so the website appears not to be a botnet operation. Star One would probably be an appropriate target for your reports, then.
I have mangled the spam URLs in the quote above, we generally prefer that these URLs not be "clickable" so that spammers can't collect clicks or SEO points from this forum.
-- rick
Thanks for the advice.
Thats strange I get the IP addresses as "202.71.102.105 "
I'm not sure why yours are different.
I also used http://spamid.servebeer.com:8081/servlet/realtimeiplocator and it says Malaysia.
Can anyone else confirm is it Brazil or Malaysia ?
Thats strange I get the IP addresses as "202.71.102.105 "
I'm not sure why yours are different.
I also used http://spamid.servebeer.com:8081/servlet/realtimeiplocator and it says Malaysia.
Can anyone else confirm is it Brazil or Malaysia ?
QUOTE(Mr512Bytes @ Oct 7 2009, 11:55 AM)
Thanks for the advice.
Thats strange I get the IP addresses as "202.71.102.105 "
Of course, this just happens to be where the websites show up, it does not necessarily follow that the scammers are located there.
-- rick
QUOTE(Mr512Bytes @ Oct 7 2009, 11:55 PM)
...Can anyone else confirm is it Brazil or Malaysia ?
It is 202.71.102.105 and that is Malaysian - Telekom Multimedia of Telekom Malaysia Berhad. Both domains have the same bogus registrant detail
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.