Jump to content
Sign in to follow this  
mrmaxx

spammer determined to hide their URL

Recommended Posts

So I just reported a spam that had a Twitter URL in it. So I "unshortened" the twitter URL, which became a LinkedIn URL, which in turn referred to a Yahoo redirect/shortener. Finally the last one after that went to a Chinese server.

I've never seen anyone THAT determined to hide their REAL URL! SMH!

Share this post


Link to post
Share on other sites

So I just reported a spam that had a Twitter URL in it. So I "unshortened" the twitter URL, which became a LinkedIn URL, which in turn referred to a Yahoo redirect/shortener. Finally the last one after that went to a Chinese server.

I've never seen anyone THAT determined to hide their REAL URL! SMH!

I've been getting a lot of these.

They always start with a twitter URL then go to a Linkedin URL and then either ht tp://bitly.com/, ht tp://stks.co.

Linkedin doesn't care, I've reported the spammed URLs to them and they refuse to delete them. Twitter doesn't really seem to do much either. I've tried a reported twitter URL weeks later and it's still active and pointing to the spammers web site.

Here's one that just came in a few minutes ago:

ht tp://t.co/j6s3xrXYIq

redirects to:

ht tp://lnkd.in/bFBaMeM

redirects to:

ht tp://stks.co/hq8y?twitter.com

redirects to:

ht tp://www.ouyla.com/menstar

Seems like twitter and linkedin are active spam support services.

Edit by SteveT: broke links so that someone doesn't unintentionally navigate to spamvertized URLs. PM sent to member to explain this action.

Share this post


Link to post
Share on other sites

I've been getting a lot of these.

They always start with a twitter URL then go to a Linkedin URL and then either ht tp://bitly.com/, ht tp://stks.co.

Linkedin doesn't care, I've reported the spammed URLs to them and they refuse to delete them. Twitter doesn't really seem to do much either. I've tried a reported twitter URL weeks later and it's still active and pointing to the spammers web site.

Here's one that just came in a few minutes ago:

ht tp://t.co/j6s3xrXYIq

redirects to:

ht tp://lnkd.in/bFBaMeM

redirects to:

ht tp://stks.co/hq8y?twitter.com

redirects to:

ht tp://www.ouyla.com/menstar

Seems like twitter and linkedin are active spam support services.

Edit by SteveT: broke links so that someone doesn't unintentionally navigate to spamvertized URLs. PM sent to member to explain this action.

New twist -- they are going from Twitter to Microsoft Translator to Bitly and then on to the "real" URL. I've had two of these today, both of which went to http://clrscrte[dot]com/

Manually reported the end URL as well as the Twitter URL, for all the good it's likely to do.

Share this post


Link to post
Share on other sites

One of my clients showed me a URL that redirected 72 times before hitting a very nasty "Typhoid Mary" server in the Bahamas. It went there in a "pop under" so the user never saw the delay until it was too late :(

Share this post


Link to post
Share on other sites

Your best hope might be to report it to bit.ly then. I've found them to be pretty responsive in the past, although in most cases all they'll do is to route the URL to a warning interstitial page, rather than remove the link entirely.

If you go to http://bit.ly/ and scroll down, you'll find a 'Contact' link in the bottom left corner of the page. There's a 'Report Abuse' option on the contact form that appears.

Incidentally, bit.ly is one of the only URL shortening services I've discovered that seems to care at all about spam. Others are mostly indifferent or uncontactable. There are a number of shortening services that look as if they were built by someone who was playing around with PHP, hacked together a URL shortener on a wet Saturday morning, put it on a server and promptly forgot about it. It still works and the spammers love it, but good luck trying to get anyone to take any interest in it.

Edited by doxer

Share this post


Link to post
Share on other sites

Flippin' heck!

Indeed.

I gotta think that the time needed to set up something like this, and the inherent unreliability of such a chain, would overwhelm any possible profit gained thereby. However, that's why spammers are spammers and not IT executives.

It seems to me (it's been awhile) that in HTTP there was a max number of redirects that the browser would be subjected to before it could give up. However, this limit may not apply to redirects that don't happen in the HTTP header (i.e. those in the HTTP-refresh line or in JavaScripts, etc.).

-- rick

Share this post


Link to post
Share on other sites

Reminds me of a neighbour.

He parked his Mercedes on the road with the most advanced (at the time) alarm system. Remote notification, seat zapper, etc.

One day he went to his car and found the alarm box on the side of the road and the car gone.

Bottom line: If they really want you, they will get you!

There's a 777 at the bottom of the Indian Ocean if you doubt that fact :(

Edited by Geek

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×