Damn Spam!
Search 

Topics

User Functions






Lost your password?

Script tags in the user agent string

    
Monday, August 29 2005 @ 20:45 CEST
Contributed by: Dirk

Now this is a "nice" idea: 

65.182.100.126 - - [29/Aug/2005:01:46:31 +0200] "GET / HTTP/1.0" 200 18122 "-"
"(script)window.open('http://www.medchecker.com/buy2/side-search.htm')(/script)"

A script tag in the user agent string. Obviously in the hope that it would be interpreted when someone was viewing the site's statistics.

Let's see. medcheck.com is registered by this individual: 

   Dave Brown
   PO Box 5318
   (a href=http://www.13kg.com)THIS DATA IS PRIVATE!
   Oswego, NY 13126
   US

The whois for 13kg.com has the same sort of nonsense (and the same address): 

   Gigahertz, inc.
   PO Box 5318
   (a href=http://www.whak.com)THIS DATA IS PRIVATE!
   Oswego, NY 13126
   US

Same for whak.com, and all three give Artificially.Intelligent@GMail.com as Dave's email address.

What else? All three domains are registered with Namesdirect, Inc. medchecker.com itself is hosted at 65.182.102.22 (Brinkster), the other two are on 24.58.106.179 (RoadRunner). And the IP the actual request came from, 65.182.100.126, also belongs to Brinkster.

Filed under: Miscellaneous
()

What's Related

Story Options

Trackback

Trackback URL for this entry: http://spam.tinyweb.net/trackback.php/user-agent-script

No trackback comments for this entry.
Script tags in the user agent string | 5 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.
Script tags in the user agent string

Problem with this one is I bet it works on some sites. Who would think to block HTML code in referrer lists.

Authored by: JoeChongq on Wednesday, August 31 2005 @ 22:03 CEST
[ Reply to This | # ]
Script tags in the user agent string

Hi Joe and thanks to who posted this!!
I have known the rat basterd who ownes these sites for 6 years. On his site, he has a hiv chat room where he is known as "daveyboy" I have been trying for months to get rid this IE hijack. Being delibertly spamed, malwared or screwed by strangers is one thing, but to know whom did this to you.....
Any one know who I can report this to?

Authored by: Anonymous on Monday, November 20 2006 @ 13:22 CET
[ Reply to This | # ]
Script tags in the user agent string

It would be especially nice if you could escape it the example. It's currently executing when people visit your page here.

Authored by: Simon on Wednesday, June 22 2011 @ 17:53 CEST
[ Reply to This | # ]
Script tags in the user agent string

Whoops, it shouldn't do that. Something went wrong there with a recent site upgrade. Sorry about that.

I've put the tags in braces for now until I've figured out what happened. Thanks for point it out.

Authored by: Dirk on Wednesday, June 22 2011 @ 18:40 CEST
[ Reply to This | # ]
Script tags in the user agent string

Thanks! Much appreciated.

Authored by: Simon on Thursday, June 23 2011 @ 17:50 CEST
[ Reply to This | # ]

Copyright © 2012 Damn Spam! Powered by Geeklog