My blog is 3 months old. 50+ articles published, a database-free comment system, a honeypot anti-spam, CSRF protection. This morning, first comment. From RobertqueRy . On a gRPC Go article. Promoting an online gaming site in Bangladesh. Welcome to the internet. Anatomy of a spam comment Here's what appeared in my comment JSON file, faithfully reproduced (link redacted): RobertqueRy — March 21, 2026 "Players in Bangladesh are increasingly choosing [url][redacted][/url] for online gaming and rewards. The platform provides access to popular games like slots, rummy and aviator with a welcome bonus for new users. Visit the site to download the APK and start playing today." The red flags stack up fast: Username pattern : RobertqueRy — a real first name followed by a random string. Classic bot pattern, allows varied identities without a dictionary. Generic content : "Great post! Very informative." works on any article on any topic. It's not even trying.…