Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> phpnuke 7.1
Author Message
TheosEleos
Life Cycles Becoming CPU Cycles



Joined: Sep 18, 2003
Posts: 960
Location: Missouri

PostPosted: Sat Jun 12, 2004 1:29 pm Reply with quote

I get strange referers.

I have over 50 today from keywordmaster.de. Are they actual hits or what?

I also have a ton from apart-design.com. I don't understand what this stuff is. It has been happening for a long time but I don't understand what it is. Are they search engines indexing me or somethng?

_________________
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website AIM Address ICQ Number
beetraham
Regular
Regular



Joined: Dec 13, 2003
Posts: 94
Location: Finland (EU)

PostPosted: Thu Sep 30, 2004 5:24 pm Reply with quote

Quote:
I get strange referers.

I have over 50 today from keywordmaster.de. Are they actual hits or what?

I also have a ton from apart-design.com. I don't understand what this stuff is. It has been happening for a long time but I don't understand what it is. Are they search engines indexing me or somethng?


In my opinion, your site has been exploited in an attempt to boost up the *web presence* of those *referrer spammer sites* by getting listed your sites' TOP REFERRER listings/rankings.

Furthermore:

I've recently started to get experiencing similar kind of symptoms - and more specifically *locators.com* being now clearly considered as a major *referrer spammer*, as I found out that the site consistently spreads out referrer information that is classified with offensive backlink content.

A typical encounter from *locators.com* is a scripted visitor BURST OF 2, which contains (2) visits from the *locators.com* with interrelational timing stamps differences of [1-2] seconds. The extractable backlink targets are without an exception always different between the bursted OFFENSIVE backlinkage spreading attempts, but from the same IP always (as a general rule). The IPs that are identified with these bursted referrer spams always equal between the ones present in the BURST, but differentiate from the ones seen with the other unique bursts.

Conclusions:

* referrer spamming
<-> scripted approach using BURSTED approach
<-> payload info (offensive backlinkage)
<-> different IP's used (possibly spoofed ones)

Possible motives
<-> SE "backdoor page promotion attempt" by getting listed as a referer with PHP-Nuke sites
<->-->(...GT'ed the MSA, and Google does crawl it.)
<-> Direct *customer trap generation* (by offering offensive content)

As there are sites present listing the PHP-Nuke sites, it would definately not be a significant task to sort out the victim sites containing *space for open listings* reserved for the TOP REFERRERS and thereafter extract the exploitable ones to efficiently maximize the SE Marketting effort (the bad way) by getting listed the *high/low traffic* PHP-Nuke sites.

BR,

-beetraham
 
View user's profile Send private message
TheosEleos







PostPosted: Thu Oct 07, 2004 11:03 am Reply with quote

I just got hit by this site 80 times in the last few minutes.

http://www.keywordmaster.de/index.html

I'm going to add them to my blocked referers for Sentinel.
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> phpnuke 7.1

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©