Posts Tagged ‘Site Administration’

Transient HTTP/HTTPS Issue

Thursday, February 8th, 2018

If you hit this page yesterday and ran into an Ubuntu Apache setup page, you ran into a transient cache issue because you came in on:

rather than

I got the issue resolved with BlueHost, so now any hits coming in on should automatically forward to, as they were doing before this weird glitch showed up.

But this is also a good reason to make sure your bookmarks and links point to going forward.

Blogroll Addition: Judicial Watch

Thursday, September 21st, 2017

I’ve gone ahead and added Judicial Watch to the Blogroll under Think Tanks/Etc. Judicial Watch carried out a crucial role in uncovering several aspects of Hillary Clitnon’s Emailgate scandal, and continue to discover and document misdeeds by public officials through targeted Freedom of Information Act requests. Indeed, their work was so valuable, I signed up as a donating member.

They’re worth your time and attention.

Another Bluehost Phishing Email

Saturday, September 2nd, 2017

Remember the previous Bluehost phishing attack I mentioned?

Today I got another one.

Here’s the raw source (with a few inserted line breaks to keep it from running into the righthand column).


Message ID
Created at: Sat, Sep 2, 2017 at 12:50 AM (Delivered after 3 seconds)
From: Bluehost
Subject: Request to reset your domain associated with this e-mail address
SPF: PASS with IP Learn more

(XXXXX added to email address here and below to defeat spambot scrappers.)


Received: by with SMTP id c145csp343693ywa;
Fri, 1 Sep 2017 22:54:47 -0700 (PDT)
X-Received: by with SMTP id t68mr4941018pgc.177.1504331447706;
Fri, 01 Sep 2017 22:50:47 -0700 (PDT)
X-Google-Smtp-Source: ADKCNb5s73v956ds860PK1kR3YVGj/j+bLV2uYQNDDlbJ/kZIPjlLkqlSdvnwz3d/dZQs6C8Ug2m
X-Received: by with SMTP id t68mr4941001pgc.177.1504331446972;
Fri, 01 Sep 2017 22:50:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1504331446; cv=none;; s=arc-20160816;
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;; s=arc-20160816;
ARC-Authentication-Results: i=1;;
spf=pass ( domain of designates as permitted sender)
Received: from ([])
by with ESMTPS id a2si1461087pll.210.2017.
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Fri, 01 Sep 2017 22:50:46 -0700 (PDT)
Received-SPF: pass ( domain of designates as permitted sender) client-ip=;
spf=pass ( domain of designates as permitted sender)
Received: from cmgw2 ( []) by (Postfix) with ESMTP id 84A09215C39 for ; Fri,
1 Sep 2017 23:50:46 -0600 (MDT)
Received: from ([]) by cmgw2 with id 4Vqj1w00l3no00q01Vqmx1; Fri, 01 Sep 2017 23:50:46 -0600
X-Authority-Analysis: v=2.2 cv=IspuSP3g c=1 sm=1 tr=0 a=ZGpYF3R9av1KVggUQYjyig==:117 a=ZGpYF3R9av1KVggUQYjyig==:17 a=IkcTkHD0fZMA:10 a=2JCJgTwv5E4A:10 a=eLEXLPMnAAAA:8 a=cNaOj0WVAAAA:8 a=3gznCMWBZ5u3K-Cr9X4A:9 a=8jPl8b1L-dkswZAf:21 a=7g7r5GJnjx26k2DO:21 a=L4Rp5h-_gRjJhvEI:21 a=QEXdDO2ut3YA:10 a=TnA9z4vs7e96t_Vj_DNd:22
Received: from doorsofv by with local (Exim 4.87) (envelope-from ) id 1do1KN-003TIa-D2 for; Fri, 01 Sep 2017 23:50:43 -0600
Subject: Request to reset your domain associated with this e-mail address
X-PHP-Originating-Script: 1982:mail.php
MIME-Version: 1.0
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
From: Bluehost
Date: Fri, 01 Sep 2017 23:50:43 -0600
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname -
X-AntiAbuse: Original Domain -
X-AntiAbuse: Originator/Caller UID/GID - [1982 1982] / [47 12]
X-AntiAbuse: Sender Address Domain -
X-BWhitelist: no
X-Exim-ID: 1do1KN-003TIa-D2
X-Source-Auth: doorsofv
X-Email-Count: 38
X-Source-Cap: ZG9vcnNvZnY7ZG9vcnNvZnY7Ym94MTE3NS5ibHVlaG9zdC5jb20=
X-Local-Domain: yes










=09=09=09=09We received a request to reset your domain associated with this=
e-mail address.

=09=09=09=09This request was generated by a user clicking the 'Domain Reset=
' link. If you want it to be reset, then you can safely ignore this message=


=09=09=09=09If you did not request to have your domain reset, or do not wan=
t it to be reset, please protect your domain. You can refuse this request a=
nd securely reset your password by clicking the link below:=20




=09=09=09=09Alternatively, you can copy and paste the link into your browse=
r's address window, or retype it there.

=09=09=09=09Thank you,
=09=09=09=09Bluehost Support

=09=09=09=09For support go to

Interestingly, even though all of that is in a code tag, part of it (including the link) is still rendered. (I don’t need to tell you not to click that, do I?) I wonder if the 3D class stuff bypasses standard rendering layers.

Here’s the important segment (opening and closing greater than and less than signs omitted):

a href=3D'
F3cmVuY2VwZXJzb25AZ21haWwuY29tDQ=3D=3D' target=3D'_blank'>

Here’s the whois registrant and admin contact for domain:

Organization: EDOUARDVDV
Phone: +31.0615954306
Fax Ext:

More interestingly, here’s the tech contact:

Tech Contact
Organization: BLUEHOST.COM
Mailing Address: 550 E TIMPANOGOS PKWY, OREM UTAH 84097 US
Phone: +1.8017659400
Fax: +1.8017651992
Fax Ext:

So here we have a Bluehost phishing scam being run from a Bluehost domain.

I think it’s time to have an interesting discussion with BlueHost support…

Hit the Wrong Button

Sunday, October 9th, 2016

Nothing to see here. Enjoy your weekend.

Welcome Empower Texans To The Blogroll

Thursday, September 8th, 2016

Here’s another link I’ve been meaning to add to the blogroll for a while: Empower Texans. Michael Quinn Sullivan’s group (a companion organization to Texans for Fiscal Responsibility) does a good job of covering Texas political news and drawing attention to government abuses.

Well worth checking out.

Mickey Kaus Resigns From Daily Caller, Sets Up Own Site

Saturday, March 28th, 2015

If you hadn’t heard, Mickey Kaus resigned from the Daily Caller over them spiking a piece that slammed Fox News for supporting illegal alien amnesty.

Kaus is now blogging at his own site

Update your bookmarks accordingly.

(Hat tip: Instapundit.)

Blogroll Addition: Social Justice Warriors: Do Not Engage

Tuesday, January 13th, 2015

Today’s blogroll addition is Will Shetterly’s Social Justice Warriors: Do Not Engage blog (or SJWar for short).

Will is fellow science fiction writer, and not only is he a leftist, he’s an actual socialist. But he’s done a fine job documenting and opposing the ant-free-speech agenda of the SJW set, especially in the realm of science fiction.

I kept meaning to add SJWar to the blogroll for a while, but every time I was about to, Will would go “That’s it, I quit, blog’s over!” only to start it up again a few days later to document the latest SJW offense logic or the principles of a free society. Here’s a bon mot on the Charlie Hebdo killings today: “Saying the speech of someone who was murdered went too far is like saying the clothes of a rape victim were too provocative.”

I’ve created a new Victimhood Identity Politics category to list SJWar under, and have moved The Other McCain (which has featured R. S. McCain’s masterful dissections of core feminist texts and dogmas for quite a while) there as well.

Having An Intermittant Database Connection Problem

Monday, December 29th, 2014

I seem to be having an intermittent database connection problem for old posts. Not seeing it right now, but if you see it crop up again, let me know.

Blogroll Addition: Pension Tsunami

Wednesday, October 15th, 2014

Since they linked to me yesterday, I’ve finally done what I’ve meant to do for a long time, namely get up off my ass and add Pension Tsunami to the Blogroll. They offer a great daily news roundup on the looming unionized public sector pension crisis that threatens to bankrupt cities and states across the country (especially California).

I’ve also added the new “California/Pensions/Unions/Etc.” link category and moved Kausfiles there as well.

Expect more additions to that blog category Real Soon Now.

Administrative Note: Amazon Widgets Temporarily Disabled

Wednesday, April 30th, 2014

I’ve temporarily disabled the Amazon widgets in the right sidebar since one was automatically redirecting the entire page to Amazon upon load. What the hell, Amazon?

My apologies if anyone ran into this problem.