Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    New to the CF scene
    Join Date
    Apr 2012
    Location
    UK
    Posts
    8
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Strange visitor urls / .htaccess

    I have been getting a lot of strange visitors showing up in my stats. This happens on several sites that sell digital products on clickbank. None of my other sites have this problem.

    I have tried using .htaccess files but nothing stops these visits. I don't even know whether they are genuine visitors or some sort of bot. A typical example of the url is below.

    Code:
    http://83.133.124.95/?xurl=http://83.133.124.95/cZb29bUX796QA7S8ac6afc5aedbd7e39a31f3244c73a7e2d27k&xref=http://myurl.net
    When i copy and paste the link from my stats into a browser it goes nowhere and triggers an alert from malwarebytes.

    Can anyone shed any light on this? I have been told it could be various things i.e. spam bots, referrer bots, click hijacking, etc, etc.

    Any help will be very much appreciated.

  • #2
    New to the CF scene
    Join Date
    Apr 2012
    Location
    Scottsdale, AZ
    Posts
    8
    Thanks
    0
    Thanked 1 Time in 1 Post
    You can do a whois lookup on the IP to find out that it is a German IP for Greatnet New Media. If the IP maliciously attacking your site you can email the abuse team for this IP at abuse@greatnet.de and they should be able to help you.

  • Users who have thanked Mike_GoDaddy for this post:

    Bimbledown (04-25-2012)

  • #3
    New to the CF scene
    Join Date
    Apr 2012
    Location
    UK
    Posts
    8
    Thanks
    1
    Thanked 0 Times in 0 Posts
    There is about half a dozen different ip addresses originating from Germany, US and Russia. I have played around with .htaccess and i have stopped the visits using the following.

    RewriteEngine On
    RewriteCond %{HTTP_REFERER} (\?xurl=) [NC,OR]
    RewriteCond %{HTTP_REFERER} (&xref=) [NC]
    RewriteRule .* - [F,L]

    Alternatively, this also works if you want to go down the route of blocking the specific ip addresses.

    RewriteEngine on
    RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?http://83.133.124.95/.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?http://76.73.39.228/.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?http://83.133.124.190/.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?http://95.215.2.27/.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?http://88.198.7.221/.*$ [NC]
    RewriteRule .* - [F,L]

  • #4
    New to the CF scene
    Join Date
    Apr 2012
    Location
    Scottsdale, AZ
    Posts
    8
    Thanks
    0
    Thanked 1 Time in 1 Post
    Quote Originally Posted by Bimbledown View Post
    There is about half a dozen different ip addresses originating from Germany, US and Russia.
    I misunderstood and thought it was just the one IP repeatedly trying to access. Glad you got it figured out though!

  • #5
    New to the CF scene
    Join Date
    Apr 2012
    Location
    UK
    Posts
    8
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Just out of interest, i did email the hosting company from the IP in the original post. Out of the 2 email addresses, one bounced straight away and for the second, no reply was the answer.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •