IP Address Inspector
| ATTENTION |
|
89.28.114.111
The Project Honey Pot system has detected behavior from the IP address consistent with that of a comment spammer and rule breaker. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.
Lookup IP In: Domain Tools | SpamHaus | Spamcop | SenderBase | Google Groups | Google
| Geographic Location |
Moldova
|
| Spider First Seen | approximately 3 years, 8 months, 1 week ago |
| Spider Last Seen | within 9 months, 2 weeks |
| Spider Sightings | 6,330 visit(s) |
| User-Agents | seen with 30 user-agent(s) |
| First Post On | approximately 3 years, 7 months, 5 weeks ago |
| Last Post On | within 11 months, 4 weeks |
| Form Posts | 4,100 web post submission(s) sent from this IP |
| First Rule-Break On | approximately 1 year, 5 months, 4 weeks ago |
| Last Rule-Break On | within 1 year, 5 months, 4 weeks |
| Rule Breaks | 1 web page navigation rule(s) broken by this IP |
|
9 comment(s) - Comment on this IP | Collapse All
|
|
H.User4239 commented...
I have a custom blog that received this comment spam from the IP:
In my opinion it already was discussed. Sorry, for off top, i wanna tell one joke) What do you call a monster with no neck? The Lost Neck Monster. [url=http://cilias.sales-rx.info/site_map.html][img]http://cilias.sales-rx.info/images/top.gif[/img][/url] [url=http://vigra.sales-rx.info/cheap-vigra.html][size=1][color=white]vigra genericblue pill 25mg[/color][/size][/url] [url=http://ciallis.sales-rx.info/ciallis-tablets.html][size=1][color=white]ciallis female version of[/color][/size][/url] [url=http://vpxl.sales-rx.info/vpxl-online.html][size=1][color=white]vpxl sublingual[/color][/size][/url] March 06 2010 03:40 PM |
|
J.Brisebois commented...
Tried to spam again but I have this IP blocked in .htaccess.
referrer [ http://cialasbuy.hostrator.com ] with user agent Mozilla/4.0 (compatible; MSIE 5.0; Windows 95) Opera 6.01 [en] December 20 2009 02:11 PM |
|
H.User1396 commented...
joke comment on blog
Author : lanellgez (IP: 89.28.114.111 , 89-28-114-111.starnet.md) E-mail : stefanie@vpxlusa.info URL : http://EMAIL Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=89.28.114.111 Comment: Do you want a joke? :) What did one wall say to the other wall? Meet you at the corner. ___________________________ [url=http://gbcilisgb.justfree.com/site_map.html]cialias generic Chicago[/url] December 16 2009 08:28 PM |
|
J.Brisebois commented...
Domain Name vigira.buy-vigrarx.info resolves to
Ip Address 212.95.51.85 October 05 2009 02:31 PM |
|
J.Brisebois commented...
This thing is persistant. I have it blocked in .htaccess and when it generated a 403 error, my banjerks.php script emailed me this:
I caught a cretin today at 10/05/09 1:59:42 PM CDT. I banned IP 89.28.114.111 from the requested URI crusaderscontend.com/forum/index.php?action=quickmod2;topic=16.0 They came from referrer [ http://vigira.buy-vigrarx.info/site_map.html ] with user agent Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; MRA 4.3 (build 01218); .NET CLR 1.1.4322) I also integrated and started using password_protect.php by zubrag.com which has been 100% effective in stopping spam across all my sites (guestbooks, comment forms, contact forums, forums, etc). Captcha doesn't always work. password_protect.php does. October 05 2009 02:22 PM |
|
J.Brisebois commented...
Here's more
89.28.114.111 - - [24/Sep/2009:15:19:56 -0500] "GET /forum/index.php/topic,16.0.html HTTP/1.0" 200 4567 "http://vigra.viegra.info/vigra/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Babya Discoverer 8.0:" 89.28.114.111 - - [24/Sep/2009:15:19:56 -0500] "GET /forum/index.php/topic,16.0.html HTTP/1.0" 200 4567 "http://crusaderscontend.com/forum/index.php/topic,16.0.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Babya Discoverer 8.0:" 89.28.114.111 - - [24/Sep/2009:15:19:57 -0500] "GET /forum/index.php HTTP/1.0" 200 4567 "http://crusaderscontend.com/forum/index.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Babya Discoverer 8.0:" September 24 2009 01:42 PM |
|
J.Brisebois commented...
tried to access my forums 109 times on sept 1
I found this stuff in my access logs: 89.28.114.111 - - [01/Sep/2009:11:22:37 -0500] "GET /forum/index.php/topic,16.0.html HTTP/1.0" 200 25940 "http://vigramg.idoo.com/viagera" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)" 89.28.114.111 - - [01/Sep/2009:11:22:38 -0500] "POST /forum/index.php?PHPSESSID=6dd560d60955d763f6fc79a76214af66&action=quickmod2;topic=16.0 HTTP/1.0" 302 - "http://crusaderscontend.com/forum/index.php/topic,16.0.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)" September 09 2009 10:41 AM |
|
D.Berg commented...
6/9 - More WP comment spam, but with nonfunctional e-mail and URL
June 09 2009 11:50 AM |
|
I.Ellis commented...
seen today (10 Nov 08) trying to make an addentry to guestbook
November 10 2008 10:28 PM |
Page generated on: February 10 2012 06:42:24 AM
Please note: being listed on these pages does not necessarily mean an IP address, domain name, or any other information is owned by a spammer. For example, it may have been hijacked from its true owner and used by a spammer.
Want to keep this IP address off your website? Start taking advantage of http:BL.
If you are the owner of this IP address, you can whitelist it by connecting to this paged from the IP itself (or from an IP within /24). Alternatively, the IP will be auto excused after 90 days of no activity.
Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | CloudFlare Site Protection | Contact Us
Copyright © 2004–12, Unspam Technologies, Inc. All rights reserved.
Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot