PlanetMike’s Technology Journal Tips and tricks to get technology to work for you, by Michael Boyd Clark

One of my blogs just caught a spammer from 69.31.80.66 trying to submit trackbacks to the blog, with extra fields in the “Name” field.

Gen Drebery’,’deber@gmail.com’,”,’63.2.12.45′,’2008-01-25 13:43:30′,’2008-01-25 13:43:30′,”,’0′,’Internet Explorer’,’comment’,’0′,’0′),(’0′, ”, ”, ”, ”, ‘2008-01-26 13:43:30′, ‘2008-01-26 13:43:30′, ”, ’spam’, ”, ‘comment’, ‘0′,’0′ ) /*

The web server logs showed he was trying to hit a specific post, then tried to hit the first post. Could this be an attempt to fingerprint my blog?

69.31.80.66 - - [25/Jan/2008:08:43:28 -0500] “POST /2006/10/30/post-slug-here/wp-trackback.php HTTP/1.0″ 404 19104 “-” “Python-urllib/1.17″
69.31.80.66 - - [25/Jan/2008:08:43:28 -0500] “POST /2006/10/30/wp-trackback.php HTTP/1.0″ 404 19123 “-” “Python-urllib/1.17″
69.31.80.66 - - [25/Jan/2008:08:43:28 -0500] “POST /2006/10/wp-trackback.php HTTP/1.0″ 404 19104 “-” “Python-urllib/1.17″
69.31.80.66 - - [25/Jan/2008:08:43:29 -0500] “POST /2006/wp-trackback.php HTTP/1.0″ 404 19104 “-” “Python-urllib/1.17″
69.31.80.66 - - [25/Jan/2008:08:43:29 -0500] “POST /wp-trackback.php HTTP/1.0″ 200 135 “-” “Python-urllib/1.17″
69.31.80.66 - - [25/Jan/2008:08:43:29 -0500] “GET /wp-trackback.php?p=1 HTTP/1.0″ 302 - “-” “Python-urllib/1.17″
69.31.80.66 - - [25/Jan/2008:08:43:30 -0500] “GET /wp-login.php?action=logout HTTP/1.0″ 302 - “-” “Python-urllib/1.17″
69.31.80.66 - - [25/Jan/2008:08:43:30 -0500] “POST /wp-trackback.php?p=1 HTTP/1.0″ 200 78 “-” “Python-urllib/1.17″
69.31.80.66 - - [25/Jan/2008:08:43:31 -0500] “POST /wp-trackback.php?p=1 HTTP/1.0″ 500 600 “-” “Python-urllib/1.17″
69.31.80.66 - - [25/Jan/2008:08:43:31 -0500] “POST /wp-trackback.php?p=1 HTTP/1.0″ 500 600 “-” “Python-urllib/1.17″

If you're new here, you may want to subscribe to my RSS feed. This allows you to read my newer articles without having to visit the site again. Thanks for visiting! Mike

Posted under Spam