Jump to content

MediaWiki talk:Spam-blacklist/archives/October 2012

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

Proposed Additions

[edit]

alighaemi.com

[edit]

This is a personal website that contains blogs that have been repeatedly promoted, despite warnings, removals, and a hidden comment advising editors not to add links to this site. The problem is at its worst on the article Lost in Translation (film), which includes these additions: [1], [2], [3], [4], [5], [6]. Other uses of the domain include [7], [8]. I offer my request here because these edits come from varied IPs, have come after repeated warnings, and because the site does not appear that it will ever have any encyclopedic significance, as one intended for personal promotion and blogs.

NTox · talk 00:57, 31 August 2012 (UTC)[reply]
 Done --A. B. (talkcontribs) 21:19, 8 October 2012 (UTC)[reply]

www.myetymology.com

[edit]

myetymology.com: Linksearch en (insource) - meta - de - fr - simple - wikt:en - wikt:frSpamcheckMER-C X-wikigs • Reports: Links on en - COIBot - COIBot-Local • Discussions: tracked - advanced - RSN • COIBot-Link, Local, & XWiki Reports - Wikipedia: en - fr - de • Google: searchmeta • Domain: domaintoolsAboutUs.com

Sometimes used as Sources (ref tags), but it not lists authors of texts.

In the encyclopedia part of site (www.myetymology.com/encyclopedia/*) there is strange copyright text, e.g. here www.myetymology.com/encyclopedia/Symbols_of_Spain.html a text in the footer:

© 2007-2008 speedlook.com; article text available under the terms of GFDL, from fr.wikipedia.org

If it was translated from fr.wikipedia, there must be link to list of authors. But there is no link. Also, if it is wikipedia-text based, it can't be an Reliable Source.

The etymology part of site (e.g. www.myetymology.com/romanian/confec%C5%A3ionare.html ) has no such text about wikipedia; but lists no sources too.`a5b (talk) 23:28, 3 September 2012 (UTC)[reply]

samuraicast.com

[edit]

This is a fansite that is constantly being pushed as a reliable source. I believe it woudl be best to block the site so it cannot be used, as it will never be considered a WP:RS.—Ryulong (琉竜) 04:00, 10 September 2012 (UTC)[reply]

I'm declining since I see no evidence these links are actually being spammed. Blacklisting here can potentially hurt a site's search engine rankings since the major search engines sometimes look at our blacklist when compiling their own lists of linkspammers.
If these are unreliable sources, they're still undesirable -- best let a bot handle them for you.
 Defer to XLinkBot--A. B. (talkcontribs) 20:31, 8 October 2012 (UTC)[reply]

wanttoknow.info

[edit]

Not a spam site but a copyvio one. Virtually everything I've seen on the site is copyvio, and Moonriddengirl and I would like it added to the blacklist. I've removed all the links now from articles, talk pages, AfDs, etc. Dougweller (talk) 16:18, 26 September 2012 (UTC)[reply]

wanttoknow.info: Linksearch en (insource) - meta - de - fr - simple - wikt:en - wikt:frSpamcheckMER-C X-wikigs • Reports: Links on en - COIBot - COIBot-Local • Discussions: tracked - advanced - RSN • COIBot-Link, Local, & XWiki Reports - Wikipedia: en - fr - de • Google: searchmeta • Domain: domaintoolsAboutUs.com
This should be added to the Foundation's global blacklist at meta:Talk:Spam blacklist. The links appear on other Foundation projects, also.
I will temporarily blacklist it here; let me know when it's been added at Meta.
Thanks for dealing with this.
--A. B. (talkcontribs) 19:52, 27 September 2012 (UTC)[reply]
 Done temporarily here. --A. B. (talkcontribs) 19:59, 27 September 2012 (UTC)[reply]
Thanks, I've added a request to meta:Talk:Spam blacklist. Dougweller (talk) 19:28, 29 September 2012 (UTC)[reply]
And it's been added there. I've been asked to check if all of the links have been removed cross-wiki, but I only know how to check for links here. How can I check cross-wiki? Thanks. Dougweller (talk) 17:57, 5 October 2012 (UTC)[reply]
In the linksummary template, use the "MER-C Cross-wiki ". cheers--Hu12 (talk) 20:19, 5 October 2012 (UTC)[reply]

learnerlegal.com

[edit]

learnerlegal.com: Linksearch en (insource) - meta - de - fr - simple - wikt:en - wikt:frSpamcheckMER-C X-wikigs • Reports: Links on en - COIBot - COIBot-Local • Discussions: tracked - advanced - RSN • COIBot-Link, Local, & XWiki Reports - Wikipedia: en - fr - de • Google: searchmeta • Domain: domaintoolsAboutUs.com
--Dennis Bratland (talk) 03:40, 10 October 2012 (UTC)[reply]

Thanks for the report. Can you give any more information on who's spamming these links and how persistently?
Thanks, --A. B. (talkcontribs) 04:06, 11 October 2012 (UTC)[reply]

Asked COIBot for the user. --Dirk Beetstra T C 05:52, 12 October 2012 (UTC)[reply]

Leimo International spam

[edit]
Domains


Related Leimo domains


Possibly related domain (same server)


Previously blacklisted


Also spammed by one or more of these accounts but not necessarily Leimo-related


Accounts



Deleted spam pages


Previous discussion

--A. B. (talkcontribsglobal count) 12:30, 12 October 2012 (UTC)[reply]

Here's what I've done; I need some help from another admin with regex skills. I have blacklisted the 51 domains (excluding tyfinc.com) that did not contain "leemo" or "leimo". There are 16 others that do contain one of those sequences of letters. The Leimo people appear to have spawned an almost endless set of domains. In the interests of heading some of them off (and minimizing blacklist clutter), could someone else list some expression that will cover domains containing "leemo" or "leimo"? That would take care of the remaining 16 domains containing those sequences.
Note that guy.com is some sort of publication that apparently hired these people to spam links. Other, uninvolved, established editors have used guy.com for references in 3 articles. I think it should be OK to whitelist specific guy.com pages on request from established editors who wish to use them, assuming they meet WP:RS.
All the Leimo-owned domains were on dedicated servers hosting no other domains -- except tyfinc.com, the website for a Philippine financial company. This exception is odd; I don't know if there's some relationship or not but I think we should monitor that domain.
Thanks!
plus Added 51 as noted; 16 others pending. --A. B. (talkcontribsglobal count) 14:49, 12 October 2012 (UTC)[reply]
I can help, but it's not clear which 16 are those? The ones with the phone numbers should be simple enough to compress into a couple of regexes. ~Amatulić (talk) 15:44, 12 October 2012 (UTC)[reply]
Here are the 16; all contain "leemo" or "leimo" somewhere in the domain name:
  • 1-800-leemo.com
  • leemo.asia
  • leemo.us
  • leimo-free-trial.com.au
  • leimo-free-trial.com
  • leimo-hairloss.co.uk
  • leimo-hairloss.com
  • leimo.asia
  • leimo.biz
  • leimo.info
  • leimo.jp
  • leimo.mobi
  • leimo.tv
  • leimo.us
  • leimostore.co.uk
  • myleimo.co.uk
If we blacklist any URL that contains either of those 2 sequences of letters, that will also catch many possible new domains the owner might create and spam. It beats blocking all editors in the Philippines!
Thanks, --A. B. (talkcontribsglobal count) 15:55, 12 October 2012 (UTC)[reply]
Two things, remember that I can always manually probe the linkwatcher-database with an appropriate SQL (even an 'expensive' one, if you get an account on wikimedia-labs, one could even do it oneself, and still looking for someone willing to write a web-front on the db ..), secondly, XLinkBot is less painful when adding simply the rules 'leimo' and 'leemo' .. it may hit a false positive, but it is less dramatic then doing the same with the blacklist, and it helps in cleaning up. --Dirk Beetstra T C 17:39, 12 October 2012 (UTC)[reply]
+----------------------+
| domain               |
+----------------------+
| com.kleimo.          |
| com.kleimo.          |
| com.leimobile.       |
| com.leimobile.       |
| com.leimobile.       |
| com.loqueleimos.     |
| com.loqueleimos.     |
| com.loqueleimos.     |
| com.loqueleimos.     |
| com.loqueleimos.     |
| com.loqueleimos.     |
| com.loqueleimos.     |
| com.loqueleimos.     |
| com.loqueleimos.     |
| de.gleimo.           |
| de.gleimo.           |
| eu.agiospanteleimon. |
| eu.agiospanteleimon. |
| gr.arispanteleimona. |
| ua.in.panteleimon.   |
| ua.in.panteleimon.   |
+----------------------+
21 rows in set (1 min 48.24 sec)

+-------------------------------------+
| domain                              |
+-------------------------------------+
| com.baileemoore.                    |
| com.blogspot.taleemotarbiyatislami. |
| com.blogspot.taleemotarbiyatislami. |
| com.blogspot.taleemotarbiyatislami. |
| com.blogspot.taleemotarbiyatislami. |
| com.blogspot.taleemotarbiyatislami. |
| com.blogspot.taleemotarbiyatislami. |
| com.iambruceleemovie.               |
| com.leemock.                        |
| com.leemon.                         |
| com.leemon.                         |
| com.leemon.                         |
| com.officialtwinnieleemoore.        |
| com.officialtwinnieleemoore.        |
| com.patrikkleemola.                 |
| com.wetpaint.taleemotarbiat.        |
| com.wordpress.masterleemovies.      |
| com.wordpress.masterleemovies.      |
| com.wordpress.masterleemovies.      |
| com.wordpress.masterleemovies.      |
| es.com.blogspot.eltxokitoleemos.    |
+-------------------------------------+
21 rows in set (37.40 sec)

Note that the domains are 'inverted' -> 'ua.in.panteleimon' is generated from 'http://panteleimon.in.ua'. Happy hunting. --Dirk Beetstra T C 17:47, 12 October 2012 (UTC)[reply]

A. B., you said "All the Leimo-owned domains were on dedicated servers hosting no other domains" - could you post the IPs of those servers in LinkSummary templates below? COIBot will then generate reports for those resolved IPs, the linkreport then shows the domains that were spammed. --Dirk Beetstra T C 17:52, 12 October 2012 (UTC)[reply]

Here are 6 additional domains that I found:
I will blacklist these and the other 16 in the next day or so.
Here are the server IPs. Except for tyfinc.com, all the domains hosted are Leimo-related:
I appreciate your pointing out the problems with trying to blacklist all domains containing "leemo" or "liemo". It sounds like using COIBot is a better idea.
Thanks for all the help. --A. B. (talkcontribsglobal count) 20:26, 12 October 2012 (UTC)[reply]
plus Added 2nd batch of 16 domains and 3rd batch of 6 domains listed above now blacklisted.
--A. B. (talkcontribsglobal count) 23:00, 12 October 2012 (UTC)[reply]
The regex \b[-0-9a-z]*le[ei]mo[-a-z]*\.\b would catch all 16 of those domains you mentioned.
I think one can safely blacklist domains starting with 1-800, 1-888, 1800, 1300 etc as they are unlikely ever to be a reliable source or appropriate external link. The regex for those would be \b[01][-]?(?:800|888|300)[-\w\.]*\b
~Amatulić (talk) 00:16, 13 October 2012 (UTC)[reply]

Auctigo spam on Wikipedia

[edit]

Spam articles:

Discussions:

Accounts:

Domain:

A. B. (talkcontribsglobal count) 18:05, 17 October 2012 (UTC)[reply]

skinhale.com

[edit]
Spammers

MER-C 12:10, 30 September 2012 (UTC)[reply]

 Done--Hu12 (talk) 18:37, 1 October 2012 (UTC)[reply]

Delhi prostitution spam

[edit]

--A. B. (talkcontribs) 01:21, 3 October 2012 (UTC)[reply]

Spam article:
--A. B. (talkcontribs) 02:03, 3 October 2012 (UTC)[reply]
plus Added --A. B. (talkcontribs) 02:07, 3 October 2012 (UTC)[reply]

MKLG Enterprises spam

[edit]

Related domains:

ezinearticles.com/?expert=Jennifer_Edelman

Account

plus Added --A. B. (talkcontribs) 19:44, 3 October 2012 (UTC)[reply]

liyujn.com

[edit]
Spammers

Quibik (talk) 18:41, 4 October 2012 (UTC)[reply]

Also:
--A. B. (talkcontribs) 20:15, 8 October 2012 (UTC)[reply]
 Done --A. B. (talkcontribs) 20:21, 8 October 2012 (UTC)[reply]

Endway

[edit]

Spam domains:

Related domains:

Spam accounts:

Possibly related domains:

Deleted spam articles:

--A. B. (talkcontribs) 16:41, 8 October 2012 (UTC)[reply]

 Done --A. B. (talkcontribs) 20:24, 8 October 2012 (UTC)[reply]

related?

[edit]

I noticed:

  • [[en:List of question-and-answer websites]] http://en.wikipedia.org/?diff=517378122 [[en:User:223.237.52.110]] twitterQA.com (monitor) User is adding redirectsite for automonitored domain twitqa.com - [[:en:User:COIBot#Monitor list|Automonitor]]: reported to [[:en:MediaWiki talk:Spam-blacklist]] ([http://en.wikipedia.org/w/index.php?diff=516664491&oldid=516632763 diff])<!-- COIBot -->; (1/1)

Two other additions as well:

Maybe there is more. --Dirk Beetstra T C 12:21, 12 October 2012 (UTC)[reply]

plus Added. I suspect that's all since I investigated the previous lot pretty thoroughly. The problem was, I noted this domain but forgot to list above. Thanks for catching my oversight. --A. B. (talkcontribsglobal count) 14:19, 12 October 2012 (UTC)[reply]

banknews24.com

[edit]

--A. B. (talkcontribs) 15:26, 9 October 2012 (UTC)[reply]

plus Added --A. B. (talkcontribsglobal count) 12:25, 12 October 2012 (UTC)[reply]

sitka.com

[edit]
link
prior report
user accounts

Long-running addition of a community geodomain site for community networking and forum. Had been quiet for several months, but resumed again today [15]. --- Barek (talkcontribs) - 22:35, 9 October 2012 (UTC)[reply]

plus Added--Hu12 (talk) 22:54, 9 October 2012 (UTC)[reply]

skintagremoval.com

[edit]

These commercial sites have been added mainly to Acrochordon by different IPs many times (at least since September 2011, http://en.wikipedia.org/w/index.php?title=Acrochordon&diff=prev&oldid=448297675 ), which has lead to a current semi-protection (http://en.wikipedia.org/w/index.php?title=Acrochordon&diff=515779242&oldid=515773439 ). Now this semi-protection is bypassed by User:Martinezste, who already re-added the link after being warned on his talk page not to do so.--Biologos (talk) 11:42, 10 October 2012 (UTC)[reply]

You may mean:

(and I can't find skintagoff.com additions ..)


I'll handle Martinezste (indef block). --Dirk Beetstra T C 11:56, 10 October 2012 (UTC)[reply]

FYI
--A. B. (talkcontribs) 04:19, 11 October 2012 (UTC)[reply]
I see, great. Could you then just add skintagsremovals.com (see Beetstra's link above) to the blacklist? This actually leads to a redirect to the blocked skinhale.com address. (Sorry, you can tell that this is my first time dealing with the spam blacklist.)--Biologos (talk) 10:27, 11 October 2012 (UTC)[reply]

Just collecting it all together from the three old ones. As far as I can see, only skinhale.com is blacklisted. Spamming is only on en.wikipedia, suggest blacklisting of the other domains, and {{uw-spam4im}}-warnings for any new accounts that appear (and immediate blacklisting of domains that appear). The server of skintagsoff.com is somewhat spammy in general, though it seems also used for proper hosting, the server of skintagsremovals.com also hosts good info (less used server). --Dirk Beetstra T C 10:41, 11 October 2012 (UTC)[reply]

plus Added --A. B. (talkcontribsglobal count) 04:12, 12 October 2012 (UTC)[reply]

rockthathat.com

[edit]

See AN/I discussion related to this. Apparent series of spambots creating many throwaway accounts in order to spam this domain. Accounts currently blocked but should blacklist the domain to prevent possibility of the bots resuming from a different IP. - Balph Eubank 16:11, 10 October 2012 (UTC)[reply]

The link was used in a non-linking way (in fact, the bots have not picked it up ..). But I agree that pre-emptive blacklisting of this may discourage it .. a little. --Dirk Beetstra T C 18:36, 10 October 2012 (UTC)[reply]
plus Added --A. B. (talkcontribsglobal count) 14:23, 12 October 2012 (UTC)[reply]

onlinebooksearch.wordpress.com spam

[edit]

--A. B. (talkcontribsglobal count) 15:08, 11 October 2012 (UTC)[reply]

plus Added--A. B. (talkcontribsglobal count) 04:16, 12 October 2012 (UTC)[reply]

more spam from winarticles.net's owner

[edit]

Just a week ago, the owner of the winarticles.net domain said he wouldn't spam his domain again and said we should remove winarticles.net from the blacklist.[16] Today, he was spammming a new domain:

Related domain:

Possibly related domain:

Public whois sites conflict as to whether this domain is owned by the winarticles.net spammer or someone else.

Previous discussions:

--A. B. (talkcontribsglobal count) 03:16, 12 October 2012 (UTC)[reply]

plus Added beautifuldesktopwallpapers.info. --A. B. (talkcontribsglobal count) 04:23, 12 October 2012 (UTC)[reply]

Proposed Removals

[edit]

avoiceformen.com

[edit]

If someone were to actually read, analyse and review that site, they'd realise that it is not a hate group like the opponents pretend it is. As a matter of fact, I challenge anyone to find any misogyny (or for that matter, racism, homophobia or other kinds of description) on that site. Zerbu 02:04, 25 September 2012 (UTC)[reply]

Looks like there's a lot of history there:
It looks like folks then started linking to a redirect site to get around the blacklisting. They did this by link-hijacking -- replacing official links to university web-sites with these unrelated links.
--A. B. (talkcontribs) 02:38, 25 September 2012 (UTC)[reply]
Putting aside aspects of ideology, etc. I find the history of avoiceformen.org troubling. Clearly there's someone out there happy to add these links disruptively. We can't afford to surrender control of our article content to others that don't observe our editorial guidelines and policies, especially if they're going to be intentionally disruptive.
Established editors are welcome to request individual URLs to specific avoiceformen pages be "whitelisted" at MediaWiki talk:Spam-whitelist if they can show the avoiceformen page meets the requirements of WP:RS for the Wikipedia article they wish to use it in.
As for removing the whole domain, we can't take the risk of further disruption.
no Declined --A. B. (talkcontribs) 03:07, 25 September 2012 (UTC)[reply]

AsyncOp.com, AsyncOp.net

[edit]

This is a good technical website, not spamming etc. Please remove from list so we can reference it. — Preceding unsigned comment added by 87.69.224.198 (talk) 11:47, 4 October 2012 (UTC)[reply]

Who is "we"? Are you associated with that site?
Note that sites aren't de-listed at the request of someone with a conflict of interest. Requests from trusted, high-volume contributors are considered more seriously. no Declined. ~Amatulić (talk) 23:02, 9 October 2012 (UTC)[reply]

Aircraftcompare.com

[edit]

Was trying add a reference page to the Gulfstream G650 talk page - and this page from aircraftcompare.com has cabin dimensions specs and price of the aircraft - but the link was blocked - saying that the part of the domain or main domain may be blacklisted , i dont know but the website did not look spam to me from any angle it was information about many airplanes and helicopters. WOuld be great if i could add some pages from the site as reference for other wiki editors to review and decide.. The page i was trying to add http//helicopter-airplane/Gulfstream-G650/164 for the Gulfstream g650 — Preceding unsigned comment added by Jason.nathan (talkcontribs) 08:48, 5 October 2012 (UTC)[reply]

We had a problem in 2009 involving the substitution of aircraftcompare.com links for other legitimate links.
 Defer to Whitelist for allowing specific pages on that site, although I am skeptical that the request would be granted as this site is unlikely to be considered a reliable source. It's more of an aggregator site (in India) for aircraft specs, in which case it might be better to reference the actual aircraft specs directly. ~Amatulić (talk) 23:14, 9 October 2012 (UTC)[reply]

winarticles.net

[edit]

Troubleshooting and problems

[edit]

Template failures on this page

[edit]

Is anyone else noticing the templates are no longer being rendered properly after a certain point on this page? I have posted a query about this at Wikipedia:Village pump (technical)#Template limit per page?. Like the template on top of this section works only when I edit the section and preview it, otherwise it simply renders on the full page as Template:notice. ~Amatulić (talk) 20:58, 18 September 2012 (UTC)[reply]

It's thanks to A.B. listing on this page far too many domains from some spam factory, along with the rather large output of {{LinkSummary}}. Archive some of those and we should be good. Anomie 02:34, 19 September 2012 (UTC)[reply]
Template overload, I'll archive some.. Fixed --Hu12 (talk) 04:13, 20 September 2012 (UTC)[reply]
Thanks. At the Village Pump discussion referenced above, it was suggested that we adopt the convention of using "subst:" in our template usage to prevent this sort of overload in the future. I personally don't think that's practical, and would prefer a technical solution wherein short simple templates are exempt from the limit counter. ~Amatulić (talk) 21:47, 21 September 2012 (UTC)[reply]
[edit]

hi; for some reason, your filter would not let me include google (.com OR .ca) search links in a discussion, which was very deeply frustrating. please fix and/or explain this? Lx 121 (talk) 01:32, 16 August 2012 (UTC)[reply]

General google search links, such as this one, are not blocked. Google redirection links (e.g. those beginning with http://www.google.com/url?) that they use for tracking search result clicks are blocked globally, but that should not be a problem as you can just use whichever page the link redirects to. See meta:Talk:Spam blacklist#Google redirect spam for the discussion of the original block. Anomie 10:56, 16 August 2012 (UTC)[reply]

Discussion

[edit]

Any record of spam filter events?

[edit]

It would be useful to see who's triggering the spam filter and with which domains. In some cases, spam filter actions might just be triggered innocently by trusted editors -- trying to add a URL redirect out of ignorance, for example. In other cases, an event might be triggered by a spammer with multiple domains, one of which is blacklisted; in such cases, it would be helpful to use spam filter logs to investigate any other URLs he is successfully adding with his account.

Is any record made of spam filter events? If not, can this be done? If nothing else, it could be written to our existing abuse filter logs.

Thanks, --A. B. (talkcontribs) 13:12, 18 September 2012 (UTC)[reply]

No, no record is made. To make a record, someone would have to add the feature to mw:Extension:SpamBlacklist. Anomie 16:13, 18 September 2012 (UTC)[reply]
I think there is a bugzilla bugrequest for this. I'll try and find it tomorrow, I think it is mentioned on the meta blacklist talkpage. --Dirk Beetstra T C 19:08, 18 September 2012 (UTC)[reply]
Bug 1542 on bugzilla. --Dirk Beetstra T C 03:58, 19 September 2012 (UTC)[reply]