Rogue Link showing in “Visitors Clicked”

  • Author
    Posts
  • #424429

    wordlily
    Member

    I have click-throughs yesterday especially but still a very small number today to the exact same site you listed, bkkquiltgroup. I tried finding my blog in google, and clicking through, but I’m not seeing any ads. I have already look at the ‘possibly related’ content, and I’m pretty sure it’s not that.

    #424430

    raincoaster
    Member

    you didn’t clear your browser cache and cookies before you checked google. Log out and do that, then check.

    #424435

    tellyworth
    Staff

    This is fixed now.

    Please contact support staff directly if it happens again:

    http://en.support.wordpress.com/contact/

    #424436

    hanswolters
    Member

    It’s not fixed.

    xanax-p.tld 4
    http://xanax-p.tld 1

    I changed the tld so it will not link.

    My biggest guess is that there is a big problem with the click widget (maybe some kind of sql injection).

    #424437

    hanswolters
    Member

    Ok, some more info. The holder of the domains that are spammed here are handled by:

    Registrant:
    Gregory Manriquez
    6303 Raleigh St.
    Lubbuck, TX 79414
    US

    Domain name: NDPARKING.COM

    Administrative Contact:
    Manriquez, Gregory
    6303 Raleigh St.
    Lubbuck, TX 79414
    US
    +1.4159927628
    Technical Contact:
    Manriquez, Gregory
    6303 Raleigh St.
    Lubbuck, TX 79414
    US
    +1.4159927628

    Registration Service Provider:
    APLUS.NET,
    877.275.8763
    This company may be contacted for domain login/passwords,
    DNS/Nameserver changes, and general domain support questions.

    Registrar of Record: Aplus.net
    Record last updated on 13-Nov-2009.
    Record expires on 26-Apr-2014.
    Record created on 26-Apr-2005.

    Domain servers in listed order:
    NS2.NAMEDRIVE.COM 64.66.238.254
    NS3.NAMEDRIVE.COM 206.130.11.196
    NS1.NAMEDRIVE.COM 216.8.176.114

    Domain status: ok

    Maybe it’s a good idea if you contact these people and tell them to stop this.

    #424438

    @hanswolters the xanax-p.tld and xanax-p.tk domains have been reported and should be gone soon. We appreciate your help reporting these. Let us know at http://en.support.wordpress.com/contact/ if you find any more!

    #424439

    hanswolters
    Member

    @designsimply

    Currently I do not see any of the spam links left. Will keep an eye on it.

    Thanks,

    Hans

    #424440

    justjennifer
    Moderator

    @husdal- you don’t have to come in from a search engine anymore to see ads. While I was logged out (cache and cookies dumped), I checked out a post in the “Freshly Pressed” blogs from the WordPress.com landing page and lo and behold there were ads.

    /lightbulb

    #424446

    thephilwells
    Member

    My clicks plugin showed a clickthru to a tinyurl that laid over a narrativepatterns dot com url.

    Showed up as tinyurl dot com slash dnyuhpsjfv, and linked at first to a “narrativepatterns” url as described in @hanswolters‘s blog:

    http://hanswolters.wordpress.com/2009/12/09/more-wordpress-security-troubles/

    and now links to a “z4u2” url that will probably try to sell me insurance:

    http://whois.domaintools.com/z4u2.com

    #424447

    tellyworth
    Staff

    Please don’t post examples on the forum. contact staff directly.

    #424448

    justjennifer
    Moderator

    Glad to say that both my primary blogs have had these kinds of links removed from their Dashboard. Thanks for the speedy action.

    #424449

    ninglun
    Member

    Rogue links still happening.

    #424450

    timethief
    Member

    You did the right thing by NOT posting the link
    Contact Staff directly http://en.support.wordpress.com/contact/

    #424451

    hanswolters
    Member

    Posting the link with an altered top level extention is not causing any harm. It’s good for people to be aware of the kind of troubles they might get in to.

The topic ‘Rogue Link showing in “Visitors Clicked”’ is closed to new replies.