IP Address Inspector
| ATTENTION |
|
89.122.29.80 
The Project Honey Pot system has detected behavior from the IP address consistent with that of a spam harvester and rule breaker. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.
Lookup IP In: Domain Tools | SpamHaus | Spamcop | SenderBase | Google Groups | Google
| Geographic Location |
Romania
|
| Harvester First Seen | approximately 5 years, 3 months, 3 weeks ago |
| Harvester Last Seen | within 2 years, 9 months, 5 weeks |
| Harvester Sightings | 7,778 visit(s) to 270 honey pot(s) |
| Harvester Results |
150.833 messages per visit 1,173,181 message(s) resulting from harvests - First: approximately 5 years, 3 months, 2 weeks ago - Last: approximately 1 week ago 6,291 email address(es) harvested - First: approximately 5 years, 3 months, 3 weeks ago - Last: Thu, 15 Jul 2010 08:57:40 -0700 |
| Time From Harvest To First Spam |
Fastest: 3 hours, 29 mins, 36 secs Slowest: 1 week, 5 days, 1 hour, 14 mins, 17 secs Average: 3 days, 5 hours, 5 mins, 59 secs Std Dev: 2 days, 10 hours, 58 mins, 57 secs |
| First Rule-Break On | approximately 3 years, 1 week ago |
| Last Rule-Break On | within 2 years, 10 months, 1 week |
| Rule Breaks | 3 web page navigation rule(s) broken by this IP |
|
5 comment(s) - Comment on this IP | Collapse All
|
|
M.Pasquale commented...
Name: Unknown
IP Address: 89.122.29.80 Location: BUCURESTI (44.433N, 26.106E) Network: 89-RIPE June 01 2009 06:53 AM |
|
K.Sumurai commented...
Bot did 12 times a request on my wiki. Seems to like HTTP/1.1
Bot tries some files (even root and some kind of google-analytics-js that was placed at the end of my pages). First searched some png-files, then used a piece of a .js-script (404-error), then took the api to search the site and tried to access the search.php-file. Stopped when trying to access root; (301-error) Bot is using Java/1.6.0_04 now. No known April 27 2009 02:13 PM |
|
V.De Waal commented...
I saw it today for the second time in a week. It tried to bypass a login.
I shall change the script, so not only the ipadress is showed, but also the words he uses to get in. February 21 2009 02:35 AM |
|
I.Ellis commented...
This IP was blocked, as all from China are blocked from my site.
It used UA "Java/1.6.0_04" coming for homepage, but maybe gave up after it got a 403. Some time in the past my site has also seen nearby IPs, and are now specifically on my deny list for trying to access the guestbook trap: deny from 89.122.29.105 deny from 89.122.29.127 January 18 2009 09:20 AM |
|
A.Degives Mas commented...
Repeatedly and in rapid succession attempts to probe for access to a variety of files, arguably trying to fingerprint the server system. Displays a UA of Java/1.6.0_11. Operates in very close time proximity and with almost identical probes from IP 81.202.14.52 - that one differs merely on a different UA namely Java/1.6.0_07.
One interesting feature these all have in common is that in the headers they send they show Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 December 30 2008 02:28 PM |
Please note: being listed on these pages does not necessarily mean an IP address, domain name, or any other information is owned by a spammer. For example, it may have been hijacked from its true owner and used by a spammer.
Want to keep this IP address off your website? Start taking advantage of http:BL.
If you are the owner of this IP address, you can whitelist it by connecting to this page from the IP itself (or from an IP within /24). Alternatively, the IP will be auto excused after 90 days of no activity.
Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | CloudFlare Site Protection | Contact Us
Copyright © 2004–13, Unspam Technologies, Inc. All rights reserved.
Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot