UrFix's Blog

A geek without a cause

Designed with WordPress

Tag: spam

  • Webmasters Block These IP Addresses

    by

    These Spam Referrers have been very diligent to show us their websites so I will show you their IP’s

    But first let me show you a few ways of blocking IP’s

    Block with null routes
    once you reboot the routes will be gone so this is only a temp fix
    route add IP-ADDRESS gw 127.0.0.1 lo

    You can also use reject target
    route add -host IP-ADDRESS reject

    But you might want to do something more permanent like using IPTABLES
    iptables -A INPUT -s IP-ADDRESS -j DROP

    To keep my server light I did not include IPTABLES in the kernel so I wrote a script to make my life easier

    count=0
    for i in `cat spamlist.txt`
    do
    count=`expr $count + 1`
    echo “Line $count is being displayed”
    route add $i gw 127.0.0.1
    echo $i
    echo counting
    done
    echo “End of file”
    echo done

    Just add the IP Addresses below to a file called spamlist.txt
    give the script execute permission

    chmod +x scriptfilename.sh

    and BAM!

    So without further or due I give you a great list of spammers
    you asked for it spammers

    173.234.152.188
    173.234.52.34
    69.163.147.151
    109.111.184.1
    213.163.97.20
    184.82.38.7
    221.132.73.146
    173.234.13.162
    98.165.84.55
    173.203.243.138
    173.234.182.162
    173.208.95.16
    221.249.73.61
    38.99.89.252
    82.117.226.27
    173.208.124.63
    173.208.70.99
    72.44.50.58
    126.15.1.32
    72.188.60.3
    173.234.12.178
    118.69.192.62
    173.234.47.192
    173.234.46.171
    113.139.182.178
    204.124.183.196
    64.120.31.210
    173.234.153.152
    173.234.183.240
    79.2.190.199
    173.208.67.232
    202.198.164.114
    95.244.108.249
    174.34.171.6
    67.160.221.57
    24.121.181.7
    173.234.93.110
    173.234.92.138
    187.48.56.221
    173.203.78.165
    193.198.185.3
    62.215.5.66
    173.208.14.114
    173.234.92.166
    222.124.19.34
    173.208.51.26
    195.221.21.235
    200.216.186.42
    109.169.63.25
    173.208.71.168
    212.20.230.84
    64.182.124.219
    92.247.12.242
    210.101.131.231
    65.202.152.252
    78.169.34.83
    12.96.205.18
    180.241.250.39
    192.251.226.205
    200.165.90.210
    189.16.123.100
    174.142.104.57
    173.234.151.15
    173.234.48.57
    173.234.54.48
    222.127.148.210
    189.84.61.130
    173.224.209.100
    195.46.235.18
    208.115.221.178
    211.43.152.55
    211.43.152.54
    211.43.152.57
    211.43.152.49
    201.77.182.103
    67.202.108.170
    110.137.76.170
    189.75.119.10
    60.251.54.208
    61.19.127.212
    189.85.22.242
    74.82.176.137
    89.28.64.114
    173.234.12.166
    173.234.30.87
    190.12.2.174
    173.208.100.192
    38.96.193.74
    66.232.112.91
    217.10.246.2
    196.29.161.84
    201.76.211.246
    189.85.22.242
    61.19.127.212
    60.251.54.208
    189.75.119.10
    110.137.76.170
    67.202.108.170
    201.77.182.103
    189.6.168.62
    173.208.124.9
    118.97.67.134
    187.48.52.241
    69.71.222.186
    173.208.50.43
    189.126.63.85
    219.93.178.162
    189.17.16.130
    163.180.20.183
    173.203.112.170
    95.66.4.1
    173.234.167.188
    190.145.77.34
    72.32.182.210
    163.180.20.183
    67.159.178.199
    81.9.97.45
    220.225.219.165
    173.234.54.190
    189.6.168.62
    186.42.121.2
    118.96.146.90
    173.208.124.9
    118.97.64.88
    222.165.130.214
    174.34.169.210
    122.181.17.54
    222.165.130.214
    118.97.64.88
    81.18.116.66
    111.68.103.62
    89.148.238.87
    78.189.147.58
    200.94.71.73
    173.203.108.236
    61.219.80.80
    200.94.71.73
    71.230.128.156
    211.23.82.90
    189.114.58.245
    173.234.19.236
    24.111.190.251
    203.99.193.132
    202.43.180.146
    187.111.9.134
    189.83.234.9
    61.162.174.209
    190.202.124.18
    190.8.111.59
    210.246.92.3
    89.27.55.28
    94.237.74.250
    88.112.50.149
    77.109.196.243
    149.6.118.94
    50.16.63.173
    200.117.239.246
    188.36.197.28
    84.0.224.99
    222.124.178.98
    189.63.138.110
    222.124.8.13
    173.234.166.207
    190.109.169.176
    220.227.247.178
    119.110.97.28
    85.12.68.98
    189.85.60.18
    118.98.232.50
    119.110.97.28
    187.1.11.218
    18.181.2.157
    189.77.29.29
    27.131.172.9
    209.203.19.2
    187.111.1.194
    78.140.206.22
    203.172.212.2
    79.98.31.241
    202.28.66.115
    62.10.53.132

    there might be a couple of duplicates but its ok

  • Referrer Spam Script And How To Protect Yourself From It

    by

    What is Referrer Spam?

    According to Wikipedia: Referrer spam (also known as log spam or referrer bombing) is a kind of spamdexing (spamming aimed at search engines). The technique involves making repeated web site requests using a fake referrer url that points to the site the spammer wishes to advertise. Sites that publicize their access logs, including referrer statistics, will then end up linking to the spammer’s site, which will in turn be indexed by the search engines as they crawl the access logs.

    This benefits the spammer because of the free link, and also gives the spammer’s site improved search engine ranking due to link-counting algorithms that search engines use.

    What Does a Referrer Spam script look like?

    Here is a example of a referrer spam script.

    count=0
    for i in `cat list`
    do
    count=`expr $count + 1`
    curl $i -e “https://blog.urfix.com” -A “Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.6) Gecko/20100107 Fedora/3.5.6-1.fc12 Firefox/3.5.6”
    echo $i
    echo counting
    done
    echo “End of file”
    echo done

    What this script does is it reads urls from a file called list (for i in `cat list`)

    It then sends a request to the first url spooifng the referral making it seem that it is coming from https://blog.urfix.com (-e “https://blog.urfix.com”)

    It also spoofs the Agent and OS to make it seem like a real user and not some curl bot (-A “Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.6) Gecko/20100107 Fedora/3.5.6-1.fc12 Firefox/3.5.6”)

    the script continues by looping and doing the same with second url the third and so forth until it reaches the bottom of the list.

    Solutions

    Referrer Karma WordPress Plugin
    Referrer Karma is a rather simple script that prevents malicious bots from accessing your pages, flooding your logs and possibly draining your server’s bandwidth. All it does is check that an incoming bot has a valid referrer field URL (i.e. that the page it claims to come from, does exist and does have a link to your site). If RK thinks the incoming visitor is a malicious bot, it displays a 403 error page (which will not be counted as a visit by log analyzer tools) and uses HTML redirecting to the original URL to avoid blocking legitimate visitors (See site for details).

    stop-spam-referer-php-script

    • Really easy install – two minuts
    • Stop bad referers ( domains list )
    • Stop domains by keywords
    • Bandwidth safe
    • and much more

    With this simple php script you can stop all your referer spam easily :)

    .htaccess

    Use an .htaccess file to block requests from whatever you have managed to identify as either a crawler designed to find URLs to spam or a spamming URL. This is a relatively simple blacklist, and though it cannot work as a long term solution to this problem, it should keep you happy for now.

    Conclusion

    There are plenty of techniques available for blocking referrer spam, and everyone has their favorite. Personally, I use a combination the three techniques mentioned in this article.

    Good luck with getting rid of your spam referrals.

Chat

Hi 👋, how can we help?