IP Address Inspector

R.MEOW commented...

Name: Lyagushkka
IP: 94.142.128.140
Hostname: h-128-140.cssgroup.lv
Email: lyagushkka@gmail.com
Date Registered: September 23, 2009 at 10:20:26 PM

This bot got past our SMF Forum registration defenses, but never got approved by our admins to post topics. It has been banned on our website from the dns level... *.cssgroup.lv

Actions taken by spammer to bypass registration:

Sep 23, 2009 10:20:26 PM CDT /forum/index.php?action=register2
Sep 23, 2009 10:20:13 PM CDT /forum/index.php?action=verificationcode;rand=3522636dda16214689a31b920f063a07
Sep 23, 2009 10:20:11 PM CDT /forum/index.php?action=register

It appears that it creates its own verification code... It has attempted several other times and failed, but this time it was successful...
September 24 2009 06:55 AM

A.E4 commented...

This bot spammed once again under a new name and email address.

Date Registered: September 03, 2009, 08:39:28 AM EDT
Date of first post: September 05, 2009, 04:15:46 PM EDT
Lyagushkka
lyagushkka@gmail.com
94.142.128.140

Subject: Who knows where to download XRumer 5.0 Palladium?

Post:

Who knows where to download XRumer 5.0 Palladium?
Help, please. All recommend this program to effectively advertise on the Internet, this is the best program!

Other info in the member's profile is an ICQ # which is 325122
September 05 2009 11:39 PM

A.E4 commented...

Posted as a different name on another forum (I am on a few) where I noticed something I didn't know previously about this bot. This one takes posts from other people and posts them elsewhere. This is why many times this bot seems to sound just like any other posting member. I realized this because one of the posts were a direct post of MINE! This bot posted 11 times under the name of MagicOPromotion before I realized it was a bot! Then one of the posts it posted a link to http://www.botmasternet.com/

94.142.128.140
MagicOPromotion
magicpromotionmm@gmail.com

Date of post: 06-04-2009, 12:01 PM

Post which link was in:

Jody. The thought that also came to my mind as I read your post was this: If your Dad is unable to garden this summer, and I pray he is, why dont you get him or make one of those up-side down tomato plants--needs a something quite sturdy to hang on. I believe also you can purchase or make one of those little pyramid type mini gardens, where you plant things on each level. If he cant get out to the garden, bring a smaller version TO him.

God bless you both and I pray he gets better soon.
__________________
XRumer 5.0 Palladium: best promotion software

(that last part is the bot's signature but no link there. The link was in the post in the word purchase
July 04 2009 04:03 AM

A.E4 commented...

Posted as CocoChanels onJune 27th at 09:51:37 PM and posted a message titled:

Who knows where to download XRumer 5.0 Palladium?

and the message had no links but said:

Who knows where to download XRumer 5.0 Palladium?
Help, please. All recommend this program to effectively advertise on the Internet, this is the best program!
June 28 2009 01:34 AM

A.E4 commented...

This time posted as CocoChanels on Fri Jun 26, 2009 2:48 pm so STILL is causing trouble spamming forums..
June 27 2009 01:53 AM

A.Ole commented...

CocoChanels cocochanelske@gmail.com 94.142.128.140
June 25 2009 11:39 PM

A.Bolchis commented...

Comment Spammer, Ignores Robots
June 22 2009 09:10 AM

A.E4 commented...

advertised XRumer as if it was a great new thing he found .. unwanted so I deleted his post. When I realized on the net it said his IP was trouble I banned his IP.
June 19 2009 04:42 PM

R.G10 commented...

User linked in his forum profile to a Google search for XRumer, forum spamming software. According to profile, geographic location is England. Calls himself MagicOPromotion. Hardly subtle.
May 24 2009 01:51 PM