IP Address Inspector
94.142.128.140 
The Project Honey Pot system has detected behavior from the IP address consistent with that of a mail server, dictionary attacker and comment spammer. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.
Lookup IP In: Domain Tools | SpamHaus | Spamcop | SenderBase | Google Groups | Google
| Geographic Location |
Latvia
|
| Spider First Seen | approximately 2 years, 10 months, 4 weeks ago |
| Spider Last Seen | within 1 week |
| Spider Sightings | 4,048 visit(s) |
| User-Agents | seen with 30 user-agent(s) |
| First Received From | approximately 2 years, 11 months, 4 weeks ago |
| Last Received From | within 2 years, 11 months, 4 weeks |
| Number Received | 44 email(s) sent from this IP |
| First Post On | approximately 2 years, 10 months, 4 weeks ago |
| Last Post On | within 1 week |
| Form Posts | 1,514 web post submission(s) sent from this IP |
| Dictionary Attacks | 5 email(s) sent from this IP |
| First Received From | approximately 2 years, 11 months, 4 weeks ago |
| Last Received From | within 2 years, 11 months, 4 weeks |
|
12 comment(s) - Comment on this IP | Collapse All
|
|
H.User6441 commented...
Catch with UA: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Netscape/8.0.4
December 11 2010 06:07 PM |
|
B.Smith24 commented...
94.142.128.140 - March 17, 2010, 12:49:34 pm GMT - Pulled up every board on the forums in an effort to find one that wasn't R/O at the Topic or Subject line level. Boards can only be accessed as far as the topic if not registered and logged in.
March 17 2010 06:56 AM |
|
H.User2159 commented...
Name:
ValeryLep Email: med.v.alery6@gmail.com ICQ UIN: 325122 Date Registered: November 21, 2009 Last Activity: December 28, 2009 Bot registered at my VBulletin forum. Posted on message and generated mass Private Messages to some (not all) members as follows: "About your message...Profi? Hi [screen names deleted].D o you have XRumer 5.0.12 ?My friend was recommended this well-known tool for advertisement my website and money earning.Can you share it? PLEASE!Or maybe download link.... Thank you. Kiss you...:-* ...))" December 28 2009 10:54 AM |
|
R.MEOW commented...
Name: Lyagushkka
IP: 94.142.128.140 Hostname: h-128-140.cssgroup.lv Email: lyagushkka@gmail.com Date Registered: September 23, 2009 at 10:20:26 PM This bot got past our SMF Forum registration defenses, but never got approved by our admins to post topics. It has been banned on our website from the dns level... *.cssgroup.lv Actions taken by spammer to bypass registration: Sep 23, 2009 10:20:26 PM CDT /forum/index.php?action=register2 Sep 23, 2009 10:20:13 PM CDT /forum/index.php?action=verificationcode;rand=3522636dda16214689a31b920f063a07 Sep 23, 2009 10:20:11 PM CDT /forum/index.php?action=register It appears that it creates its own verification code... It has attempted several other times and failed, but this time it was successful... September 24 2009 03:55 AM |
|
A.E4 commented...
This bot spammed once again under a new name and email address.
Date Registered: September 03, 2009, 08:39:28 AM EDT Date of first post: September 05, 2009, 04:15:46 PM EDT Lyagushkka lyagushkka@gmail.com 94.142.128.140 Subject: Who knows where to download XRumer 5.0 Palladium? Post: Who knows where to download XRumer 5.0 Palladium? Help, please. All recommend this program to effectively advertise on the Internet, this is the best program! Other info in the member's profile is an ICQ # which is 325122 September 05 2009 08:39 PM |
|
A.E4 commented...
Posted as a different name on another forum (I am on a few) where I noticed something I didn't know previously about this bot. This one takes posts from other people and posts them elsewhere. This is why many times this bot seems to sound just like any other posting member. I realized this because one of the posts were a direct post of MINE! This bot posted 11 times under the name of MagicOPromotion before I realized it was a bot! Then one of the posts it posted a link to http://www.botmasternet.com/
94.142.128.140 MagicOPromotion magicpromotionmm@gmail.com Date of post: 06-04-2009, 12:01 PM Post which link was in: Jody. The thought that also came to my mind as I read your post was this: If your Dad is unable to garden this summer, and I pray he is, why dont you get him or make one of those up-side down tomato plants--needs a something quite sturdy to hang on. I believe also you can purchase or make one of those little pyramid type mini gardens, where you plant things on each level. If he cant get out to the garden, bring a smaller version TO him. God bless you both and I pray he gets better soon. __________________ XRumer 5.0 Palladium: best promotion software (that last part is the bot's signature but no link there. The link was in the post in the word purchase July 04 2009 01:03 AM |
|
A.E4 commented...
Posted as CocoChanels onJune 27th at 09:51:37 PM and posted a message titled:
Who knows where to download XRumer 5.0 Palladium? and the message had no links but said: Who knows where to download XRumer 5.0 Palladium? Help, please. All recommend this program to effectively advertise on the Internet, this is the best program! June 27 2009 10:34 PM |
|
A.E4 commented...
This time posted as CocoChanels on Fri Jun 26, 2009 2:48 pm so STILL is causing trouble spamming forums..
June 26 2009 10:53 PM |
|
A.Ole commented...
CocoChanels cocochanelske@gmail.com 94.142.128.140
June 25 2009 08:39 PM |
|
A.Bolchis commented...
Comment Spammer, Ignores Robots
June 22 2009 06:10 AM |
|
A.E4 commented...
advertised XRumer as if it was a great new thing he found .. unwanted so I deleted his post. When I realized on the net it said his IP was trouble I banned his IP.
June 19 2009 01:42 PM |
|
R.G10 commented...
User linked in his forum profile to a Google search for XRumer, forum spamming software. According to profile, geographic location is England. Calls himself MagicOPromotion. Hardly subtle.
May 24 2009 10:51 AM |
Page generated on: February 10 2012 03:59:52 PM
Please note: being listed on these pages does not necessarily mean an IP address, domain name, or any other information is owned by a spammer. For example, it may have been hijacked from its true owner and used by a spammer.
Want to keep this IP address off your website? Start taking advantage of http:BL.
If you are the owner of this IP address, you can whitelist it by connecting to this paged from the IP itself (or from an IP within /24). Alternatively, the IP will be auto excused after 90 days of no activity.
Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | CloudFlare Site Protection | Contact Us
Copyright © 2004–12, Unspam Technologies, Inc. All rights reserved.
Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot