IP Address Inspector
93.166.121.107 
The Project Honey Pot system has detected behavior from the IP address consistent with that of a spam harvester, comment spammer and rule breaker. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.
Lookup IP In: Domain Tools | SpamHaus | Spamcop | SenderBase | Google Groups | Google
| Geographic Location |
Denmark
|
| Harvester First Seen | approximately 1 year, 10 months, 5 weeks ago |
| Harvester Last Seen | within 1 week |
| Harvester Sightings | 6,235 visit(s) |
| Harvester Results |
0 messages per visit 1 message(s) resulting from harvests - First: approximately 7 months, 4 weeks ago - Last: approximately 7 months, 4 weeks ago 1 email address(es) harvested - First: approximately 8 months, 2 weeks ago - Last: Tue, 11 Sep 2012 02:52:02 -0700 |
| First Post On | approximately 1 year, 10 months, 5 weeks ago |
| Last Post On | within 1 week |
| Form Posts | 2,228 web post submission(s) sent from this IP |
| First Rule-Break On | approximately 5 months, 2 weeks ago |
| Last Rule-Break On | within 5 months, 2 weeks |
| Rule Breaks | 1 web page navigation rule(s) broken by this IP |
|
|
|
4 comment(s) - Comment on this IP | Collapse All
|
|
H.User7152 commented...
Does weird stuff with referrers and can't get its URL request right:
122.224.216.162 - - [02/Nov/2012:12:25:50 +0000] "GET /http:/[my server]/archives/1721/archives/1721/archives/1721/archives/1721/archives/1721/archives/1721/archives/1721 HTTP/1.0" 403 1061 "http://[my server]/archives/1721" "Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.10.289 Version/12.00" 122.224.216.162 - - [02/Nov/2012:12:25:54 +0000] "GET / HTTP/1.0" 403 939 "http://[my server]/archives/1721" "Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.10.289 Version/12.00" 202.102.48.205 - - [02/Nov/2012:12:26:04 +0000] "GET /http://[my server]//archives/1721 HTTP/1.0" 403 979 "http://[my server]/archives/1721" "Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.10.289 Version/12.00" 93.166.121.107 - - [02/Nov/2012:12:26:11 +0000] "GET /http://[my server]//archives/1721 HTTP/1.0" 403 979 "http://[my server]/archives/1721" "Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.10.289 Version/12.00" 93.166.121.107 - - [02/Nov/2012:12:26:14 +0000] "GET / HTTP/1.0" 403 939 "http://[my server]/archives/1721" "Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.10.289 Version/12.00" 122.224.216.162 - - [02/Nov/2012:12:26:18 +0000] "GET /http://[my server]//archives/1721 HTTP/1.0" 403 979 "http://[my server]/archives/1721" "Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.10.289 Version/12.00" 106.187.37.167 - - [02/Nov/2012:12:26:19 +0000] "GET /http:/[my server]/archives/1721/archives/1721/archives/1721 HTTP/1.0" 403 1005 "http://[my server]/archives/1721" "Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.10.289 Version/12.00" 42.120.49.48 - - [02/Nov/2012:12:26:27 +0000] "GET /http:/[my server]/archives/1721/archives/1721/archives/1721/archives/1721 HTTP/1.0" 403 1019 "http://[my server]/archives/1721" "Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.10.289 Version/12.00" November 02 2012 05:38 AM |
|
H.User7152 commented...
Extremely stupid spambot, look at the GETs:
93.166.121.107 - - [04/Oct/2012:01:15:31 +0000] "GET /archives/692/ HTTP/1.0" 403 952 "http://[my server]/archives/692/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 93.166.121.107 - - [04/Oct/2012:01:15:48 +0000] "GET / HTTP/1.0" 403 939 "http://[my server]/archives/692/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 202.171.253.103 - - [04/Oct/2012:01:16:03 +0000] "GET /http:/[my server]/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/ HTTP/1.0" 403 1094 "http://[my server]/archives/692/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 202.171.253.103 - - [04/Oct/2012:01:16:07 +0000] "GET / HTTP/1.0" 403 939 "http://[my server]/archives/692/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 93.166.121.107 - - [04/Oct/2012:01:16:16 +0000] "GET /http:/[my server]/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/ HTTP/1.0" 403 1120 "http://[my server]/archives/692/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 173.48.37.68 - - [04/Oct/2012:01:16:20 +0000] "GET /http:/[my server]/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/archives/692/ HTTP/1.0" 403 1120 "http://[my server]/archives/692/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" October 03 2012 11:28 PM |
|
C.S3 commented...
Contact form spammer hit today.
May 06 2012 03:48 PM |
|
C.Hill3 commented...
spammer
September 15 2011 07:32 AM |
Page generated on: May 24 2013 08:55:51 AM
Please note: being listed on these pages does not necessarily mean an IP address, domain name, or any other information is owned by a spammer. For example, it may have been hijacked from its true owner and used by a spammer.
Want to keep this IP address off your website? Start taking advantage of http:BL.
If you are the owner of this IP address, you can whitelist it by connecting to this page from the IP itself (or from an IP within /24). Alternatively, the IP will be auto excused after 90 days of no activity.
Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | CloudFlare Site Protection | Contact Us
Copyright © 2004–13, Unspam Technologies, Inc. All rights reserved.
Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot