Now this is a "nice" idea:
65.182.100.126 - - [29/Aug/2005:01:46:31 +0200] "GET / HTTP/1.0" 200 18122 "-"
"<script>window.open('http://www.medchecker.com/buy2/side-search.htm')</script>"A script tag in the user agent string. Obviously in the hope that it would be interpreted when someone was viewing the site's statistics.
Let's see. medcheck.com is registered by this individual:
Dave Brown
PO Box 5318
<a href=http://www.13kg.com>THIS DATA IS PRIVATE!
Oswego, NY 13126
USThe whois for 13kg.com has the same sort of nonsense (and the same address):
Gigahertz, inc.
PO Box 5318
<a href=http://www.whak.com>THIS DATA IS PRIVATE!
Oswego, NY 13126
USSame for whak.com, and all three give Artificially.Intelligent@GMail.com as Dave's email address.
What else? All three domains are registered with Namesdirect, Inc. medchecker.com itself is hosted at 65.182.102.22 (Brinkster), the other two are on 24.58.106.179 (RoadRunner). And the IP the actual request came from, 65.182.100.126, also belongs to Brinkster.
Comments (0)
Damn Spam!
http://spam.tinyweb.net/article.php/user-agent-script