Web Spam Failures
by Jose NazarioHTTP logs are a great place to sample all sorts of badness. Earlier I went looking for some suspicious lines in a web server log and found a pattern from all over the net: web spam injection failures. The tool the attacker was using failed to get the right URL and try and post the right URL, mashing the two together. Lines in the logs looked like this:
222.73.208.69 - - [20/Oct/2008:05:59:36 -0400] "GET ...removed...htmlhttp://www.bankersonline.com/ubbthreads/showthreaded.php/Cat/0/Number/86930/page/348/vc/1 HTTP/1.1" 404 344 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)"
When you go and you look at the intended destination URLs you’ll see sites for apartment rentals in places like Bulgaria and online auctions for leather jackets. This is quit the phenomenon, it seems. 51 unique IP source addresses yielding 93 distinct URLs.
Some of these sites are surely scams. Reading reports for one of the Bulgarian rentals shows that the advertised beauty, complete with pictures, is probably fake. Based on these reviews, you’re probably getting the wrong end of the deal. Under 350 Euros a week for a beautiful five star beach front property, even in Bulgaria, is just unlikely.
I lodged seven nights at GHV, all inclusive, and it was not bad, considering the price. But I have to say that the Hotel is miles away from five stars. An ugly communist concrete building, an undeniable air of decay, with swollen doors and dirty carpets. In the dinning room sometimes was imposible to find a plate or a spoon.
I wonder if this individual got suckered into staying there based on some spamvertisements.
One thing better than a good spam is a failure to deliver the spam correctly. That always makes me laugh.
Popularity: 1% [?]