Hello everyone. I’m guessing that this will be the VERY last post and comments will be disabled on June 1st for all pages and posts, except the “Need Help?” page. Speaking of comments, the blog somehow got 20 spam comments from verified WP accounts with usernames that look like “WWW.XXX.[random assortment of letters].XYZ”.
Here are the pictures of the comments and relative email addresses and corresponding IP addresses (at 75% view).
Here’s the list of IPs (in order), the corresponding country [I’m a bit suspicious about this], what they are reported for, and the number of reports (if reported already):
- 126.96.36.199 (China) — known for Web App Attack/Brute-Force/SSH, reported 5 times
- 188.8.131.52 (China) — not reported yet
- 184.108.40.206 (United States) — not reported yet
- 220.127.116.11 (China) — known for Web App Attack/Brute-Force/Web Spam/Email Spam/Hacking/FTP Brute-Force, reported 43 times
- 18.104.22.168 (Tajikistan) — known for Brute-Force/SSH/Hacking/FTP Brute-Force, reported 8 times
- 22.214.171.124 (China) — not reported yet
- 126.96.36.199 (Turkey) — not reported yet
- 188.8.131.52 (Chile) — known for Web App Attack, reported once
- 184.108.40.206 (Trinidad and Tobago) — not reported yet
- 220.127.116.11 (Egypt) — known for Brute-Force/Web App Attack/Email Spam, reported 21 times
- 18.104.22.168 (Germany) — known for Email Spam, reported once
- 22.214.171.124 (Italy) — known for Brute-Force/SSH/Hacking/FTP Brute-Force, reported 4 times
- 126.96.36.199 (Turkey) — not reported yet
- 188.8.131.52 (Ecuador) — known for Hacking/FTP Brute-Force, reported once
- 184.108.40.206 (Indonesia) — not reported yet
- 220.127.116.11 (Ghana) — known for Brute-Force/Web App Attack/Email Spam/Exploited Host/Port Scan/FTP Brute-Force/SSH/Hacking, reported 60 times
- 18.104.22.168 (China) — not reported yet
- 22.214.171.124 (Italy) — not reported yet
- 126.96.36.199 (China) — known for Brute-Force/SSH/Email Spam, reported 3 times
- 188.8.131.52 (Ukraine) — known for Brute-Force/SSH/Email Spam, reported 3 times
Credits to abuseipdb.com for report information.
Results: 60% of IPs have been reported before.
Here’s the list of email addresses (in order) and if they can be found somewhere online (yes=found online, no=not found online):
- firstname.lastname@example.org — yes
- email@example.com — no
- firstname.lastname@example.org — yes
- email@example.com — yes
- firstname.lastname@example.org — no
- email@example.com — yes
- firstname.lastname@example.org — yes
- email@example.com — no
- firstname.lastname@example.org — yes
- email@example.com —no
- firstname.lastname@example.org — yes
- email@example.com — no
- firstname.lastname@example.org — no
- email@example.com — yes
- firstname.lastname@example.org — no
- email@example.com — yes
- firstname.lastname@example.org — no
- email@example.com — yes
- firstname.lastname@example.org — yes
- email@example.com — no
Results: 55% of email addresses can be found online
NOTE: Usernames are not important when compared to the email and IP addresses.
Try to spam, well you can’t. I manage all comments and commenting will be disabled everywhere (except the “Need Help?” page) on June 1st. No more comments, no more spam. No matter how desperate you are for getting my attention, I might give it to you, but with NO protection. How? Showing your email address and IP address. Duh…? And, I’m not removing them, ever. No matter how much you complain/beg. You spam, you get consequences. What kind of consequences? Email spam and display of your email addresses forever. How’s that now? So, I win.
NOTE: This isn’t worth putting on the Spam Comment Example page because all are the EXACT same comment, except in different places and by different accounts.
PS: I usually do this for spam emails. I would find the sending and reply-to email addresses (and any mentioned email addresses or email addresses hidden in the header/original message), so I could report them to the corresponding abuse departments of the domains (example: firstname.lastname@example.org would be reported to email@example.com), and the IP address, so I could report the email to the abuse department of the host (example: If the host was yahoo.com, the email would be reported to firstname.lastname@example.org). If there is a recognized contact/email address in the “To:” field, I will not report them.