Creepy stuff

2006-08-13

in Geek stuff, Internet matters, Rants

Who runs http://www.vroomfondel.co.uk? Also, why do they keep scanning through my blog? They do so through this page and seem particularly interested in anything involving NatWest: the bank where I foolishly opened an international student account.

Is anyone else getting several hits a day from these people? I don’t know who they are, but their URL is registered at the following address:

c/o Net Rank
Suite 1c, Western Way,
Exeter,
Devon
EX1 2DE
GB

Suffice it to say, I do not appreciate their attentions, at least so long as I don’t know who they are or what they are doing. If you run your own server, it is easy enough to ban people referred directly from their strange login site. Just add this to your .htaccess file:

RewriteCond %{HTTP_REFERER} vroomfondel\.co.uk [NC]
RewriteRule .* – [F]

Depending how automated the system is, that might foil it. If it is run by a group of people working through that portal, they will be able to find another way to access your site, regardless of the above addition to your .htaccess file.

Report a typo or inaccuracy

{ 9 comments… read them below or add one }

Milan August 13, 2006 at 1:45 am

I asked the same question earlier here.

A post related to my concerns is here.

Milan August 13, 2006 at 2:24 am

You can also access their server via secure shell (ssh) at 212.104.147.114, port 22.

Furthermore, that IP has further address information.

James Tyrrell
c/o Eclipse Internet
Portland House, Longbrook Street
Exeter, Devon EX4 6AB
+44 1392 333309
jim@eclipse.net.uk

That said, I think Eclipse Internet is just the company that whoever runs vroomfondel.co.uk is buying hosting from.

R.K. August 13, 2006 at 2:09 am

They are running Apache/1.3.27 Server if that helps at all.

R.K. August 13, 2006 at 2:11 am

Their robots.txt file also tells all search engines to stay away.

R.K. August 13, 2006 at 2:54 am

When it comes to basic psychology, these people seem a bit lacking. I mean, who puts up a banner on a site they are trying to hide that says ‘this is not here?’

If you really wanted to make sure nobody would take a second look, just put a spam blog there.

DBT August 13, 2006 at 2:32 pm

To me, it seems more likely that some ad firm they hired is doing this, if it even has anything to do with NatWest.

Milan August 15, 2006 at 4:24 pm

I sent a question to NatWest, to see if they know anything about Vroomfondel.co.uk. I got the following less than informative message back:

Dear Mr Ilnyckyj

Thank you for your message received via our web site.

The comments you have made have been passed to the appropriate department
for further investigation.

If you have any specific concerns regarding your accounts, I would recommend
that you send details of them either via the feedback form on the
NatWest.com site or directly to your branch.

Yours sincerely

J Holmes
OnLine Banking Technical Team

Milan November 13, 2006 at 10:46 pm

The Vroomfondel people seem to have no trouble getting past the htaccess settings above. They continue to crawl through my site without explanation.

anon July 4, 2007 at 11:53 am

netrank.co.uk

Leave a Comment

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

{ 1 trackback }

Previous post:

Next post: