IP Address Inspector

ATTENTION
  • This IP has not seen any suspicious activity within the last 3 months. This IP is most likely clean and trustworthy now. (This record will remain public for historical purposes, however.)

96.44.189.102

The Project Honey Pot system has detected behavior from the IP address consistent with that of a comment spammer and rule breaker. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.

Lookup IP In: Domain Tools | SpamHaus | Spamcop | SenderBase | Google Groups | Google

Geographic Location United States United States
Spider First Seen approximately 8 years, 11 months, 3 weeks ago
Spider Last Seen within 5 years, 11 months, 3 weeks
Spider Sightings 8,015 visit(s)
User-Agents seen with 30 user-agent(s)

First Post On approximately 8 years, 11 months, 2 weeks ago
Last Post On within 5 years, 11 months, 3 weeks
Form Posts 4,556 web post submission(s) sent from this IP

First Rule-Break On approximately 7 years, 7 months, 3 weeks ago
Last Rule-Break On within 7 years, 7 months, 1 week
Rule Breaks 4 web page navigation rule(s) broken by this IP

IPs In The Neighborhood
96.44.188.134 United States
96.44.188.136 United States
96.44.188.138 United States
96.44.188.140 United States
96.44.188.141 United States
96.44.188.142 United States
96.44.188.144 United States
96.44.188.146 United States
96.44.188.148 United States
96.44.188.150 United States
96.44.188.151 | C United States
96.44.188.153 | C United States
96.44.188.154 | C United States
96.44.188.155 United States
96.44.188.156 | C United States
96.44.188.157 United States
96.44.188.158 United States
96.44.188.159 United States
96.44.188.163 United States
96.44.188.166 | C United States
96.44.188.168 United States
96.44.188.171 United States
96.44.188.172 United States
96.44.188.173 | C United States
96.44.188.176 United States
96.44.188.178 | H United States
96.44.188.179 United States
96.44.188.180 | C United States
96.44.188.181 | H United States
96.44.188.188 United States
96.44.188.192 | C United States
96.44.188.195 | C United States
96.44.188.198 United States
96.44.188.200 | C United States
96.44.188.216 United States
96.44.188.218 United States
96.44.188.234 | W United States
96.44.189.2 United States
96.44.189.12 | H United States
96.44.189.50 | R United States
96.44.189.51 United States
96.44.189.52 United States
96.44.189.53 | H United States
96.44.189.66 United States
96.44.189.74 United States
96.44.189.77 | C United States
96.44.189.90 United States
96.44.189.98 | C United States
96.44.189.100 | CR United States
96.44.189.101 | CR United States
96.44.189.108 United States
96.44.189.114 | C United States
96.44.189.138 United States
96.44.189.146 United States
96.44.189.154 United States
96.44.189.167 | D United States
96.44.189.169 United States
96.44.189.170 | SD United States
96.44.189.171 | S United States
96.44.189.172 | S United States
96.44.189.173 | S United States
96.44.189.176 United States
96.44.189.177 | SC United States
96.44.189.178 | C United States
96.44.189.180 | S United States
96.44.189.184 | SD United States
96.44.189.186 | S United States
96.44.189.189 | S United States
96.44.189.195 | S United States
96.44.189.196 United States
96.44.189.197 | C United States
96.44.189.202 | S United States
96.44.189.204 | HSC United States
96.44.189.205 United States
96.44.189.206 | S United States
96.44.189.207 | HS United States
96.44.189.208 United States
96.44.189.209 | C United States
96.44.189.211 United States
96.44.189.212 United States
96.44.189.213 United States
96.44.189.214 | D United States
96.44.189.217 United States
96.44.189.219 United States
96.44.189.220 United States
96.44.189.221 | SD United States
96.44.189.222 | S United States
96.44.189.226 United States
96.44.189.227 | C United States
96.44.189.228 | S United States
96.44.189.229 | S United States
96.44.189.230 United States
96.44.189.233 | S United States
96.44.189.237 United States
96.44.189.238 United States
96.44.189.240 United States
96.44.189.241 | C United States
96.44.189.242 United States
96.44.189.244 United States
96.44.189.246 | C United States
96.44.189.247 United States
96.44.189.248 | HS United States
96.44.189.249 United States
96.44.189.250 United States
96.44.189.251 United States
96.44.190.2 United States
96.44.190.6 | H United States
96.44.190.7 United States
96.44.190.12 United States
96.44.190.17 United States
96.44.190.18 United States
96.44.190.34 United States
96.44.190.40 United States
96.44.190.42 United States
96.44.190.43 United States
96.44.190.47 United States
96.44.190.50 United States
96.44.190.56 United States
96.44.190.58 United States
96.44.190.60 United States
96.44.190.70 United States
Sample Spam URLs & Keywords Posted From 96.44.189.102
Domain: utinuluce.my3gb.com
URL: http://utinuluce.my3gb.com/
Keywords: verapamil er 240 mg cap
Domain: arabteen.erolove.in
URL: http://arabteen.erolove.in/?DEBORA
Domain: xaijo.com
URL: http://xaijo.com/browse?gallery-GENEVIEVE
Domain: bdsmgalls.net
URL: http://bdsmgalls.net/?sexy-SHAWN
Domain: pervertedcookie.au.pn
URL: http://pervertedcookie.au.pn/random?ELSA
Domain: bigblackbooty.adultgalls.com
URL: http://bigblackbooty.adultgalls.com/?post-FLORINE
Domain: googl.adultgalls.com
URL: http://googl.adultgalls.com/gallery-CARMELA
Domain: bitly.xaijo.com
URL: http://bitly.xaijo.com/gallery-GRACIELA
Domain: adultgalls.com
URL: http://adultgalls.com/?girl-REGINALD
Domain: gaygalls.net
URL: http://gaygalls.net/?gallery-EDDIE
Domain: asian.erolove.in
URL: http://asian.erolove.in/?rhonda
Domain: japan.erolove.in
URL: http://japan.erolove.in/?crystal
Domain: bigblackbooty.adultgalls.com
URL: http://bigblackbooty.adultgalls.com/?post-TAMERA
Domain: arabgirls.adultgalls.com
URL: http://arabgirls.adultgalls.com/?post-COURTNEY
Domain: gay.adultgalls.com
URL: http://gay.adultgalls.com/?post-ALEXANDER
96.44.189.102's User Agent Strings
5.1;
Akregator/1.6.6; syndication
Akregator/4.10.2; syndication
Akregator/4.10.3; syndication
Akregator/4.10.4; syndication
Akregator/4.10; syndication
Akregator/4.8.5; syndication
Akregator/4.9.4; syndication
Akregator/4.9.5; syndication
Apache-HttpClient/4.2.1 (java 1.5)
ELinks/0.12~pre5-2+squeeze1 (textmode; Debian; Linux 2.6.32-5-686 i686; 133x18-2)
FeedDemon/4.1 (http://www.feeddemon.com/; Microsoft Windows)
KrISS feed agent 8 by Tontof.net http://tontof.net/kriss/feed
Liferea/1.8.6 (Linux; es_ES.UTF-8; http://liferea.sf.net/)
Mozilla/0.6 Beta (Windows)
Mozilla/4.0 (compatible; MSIE 3.0; Windows 98; .NET CLR 2.0.40607)
Mozilla/4.0 (compatible; MSIE 4.01; Digital AlphaServer 1000A 4/233; Windows NT; Powered By 64-Bit Alpha Processor)
Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Java/1.6.0_37
Mozilla/4.0 (compatible; MSIE 5.0; Windows 3.1)
Mozilla/4.0 (compatible; MSIE 5.0; Windows 95) Opera 6.01 [en]
Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.0) Opera 7.02 Bork-edition [en]
Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 2.0.50727)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322; Alexa Toolbar; (R1 1.5))
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Opera 7.23 [ru]
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; ru) Opera 8.50
R.B26 commented...
IP Address 96.44.189.102 is listed in the CBL. It shows signs of being infected with a spam sending trojan, malicious link or some other form of botnet.

It was last detected at 2015-06-10 14:00 GMT (+/- 30 minutes), approximately 4 hours, 30 minutes ago.

This IP address is infected with, or is NATting for a machine infected with the ZeuS trojan, also known as "Zbot" and "WSNPoem".

This was detected by a TCP/IP connection from 96.44.189.102 on port 26560 going to IP address 192.42.116.41 (the sinkhole) on port 80.

The botnet command and control domain for this connection was "photoserv10.info".
June 10 2015 02:41 PM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been REMOVED from Project Honey Pot whitelists; bad activity was encountered.
August 17 2014 02:50 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been whitelisted. Future bad activity will result in automatic removal.
August 16 2014 05:30 AM

G.DeNero commented...
Hack attempt. Banned.
June 09 2014 06:55 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been marked to be included on Project Honey Pot whitelists. The whitelist is scheduled with a delay of 2712:40:25. Documented reason for whitelist: Other
April 25 2014 04:48 AM

M.Duncan commented...
1. This specific IP is a Tor Exit note with abusive traffic emanating from it over period of years. (We audit blocked traffic).

2. The entire OC3 Networks range 96.44.128.0 - 96.44.191.255 has been blocked for years here. No legitimate (human web browser user) traffic was ever seen from this range.
April 13 2014 06:09 AM

M.Sameli commented...
still attacking
April 10 2014 01:54 AM

M.Sameli commented...
xss attack
March 04 2014 12:34 PM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been REMOVED from Project Honey Pot whitelists; bad activity was encountered.
December 08 2013 05:57 PM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been whitelisted. Future bad activity will result in automatic removal.
December 07 2013 09:00 PM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been marked to be included on Project Honey Pot whitelists. The whitelist is scheduled with a delay of 542:32:05. Documented reason for whitelist: Belongs to Search Engine
November 15 2013 06:19 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been REMOVED from Project Honey Pot whitelists; bad activity was encountered.
October 28 2013 03:40 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been whitelisted. Future bad activity will result in automatic removal.
October 27 2013 11:40 PM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been marked to be included on Project Honey Pot whitelists. The whitelist is scheduled with a delay of 108:30:25. Documented reason for whitelist: Other
October 23 2013 11:02 AM

C.JJ commented...
Range-Ban
96.44.189.102 - - [13/Oct/2013:19:24:38 +0100] "GET /main.php?x=../../../../../../../proc/self/environ%00 HTTP/1.1" 403 303 "-" "-" "-"
96.44.189.102 - - [13/Oct/2013:19:24:38 +0100] "GET /index.php?option=com_simpledownload&controller=../../../../../../../../../../../../../../../proc/self/environ%00 HTTP/1.1" 403 304 "-" "-" "-"
96.44.189.102 - - [13/Oct/2013:19:24:38 +0100] "GET /?file=../../../../../../proc/self/environ%00 HTTP/1.1" 403 295 "-" "-" "-"
96.44.189.102 - - [13/Oct/2013:19:24:38 +0100] "GET /main.php?x=../../../../../../../proc/self/environ%00 HTTP/1.1" 403 303 "-" "-" "-"
96.44.189.102 - - [13/Oct/2013:19:24:38 +0100] "GET /index.php?option=com_simpledownload&controller=../../../../../../../../../../../../../../../proc/self/environ%00 HTTP/1.1" 403 304 "-" "-" "-"
...
October 13 2013 05:33 PM

R.Goncalves2 commented...
SQL injection on multiple sites.
September 23 2013 03:19 AM

M.Carrera commented...
Spammer
September 20 2013 09:04 PM

M.Gifford commented...
I was using this IP as part of the Tor Project.
August 09 2013 01:01 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been whitelisted. Future bad activity will result in automatic removal.
August 05 2013 07:40 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been marked to be included on Project Honey Pot whitelists. The whitelist is scheduled with a delay of 21:42:05. Documented reason for whitelist: Owner of a Dynamic IP Address
August 04 2013 09:53 AM

R.Dunkle commented...
php exploits
tor exit node
NetRange 96.44.189.96 - 96.44.189.103
CIDR 96.44.189.96/29
Name TOR-DFW01
Handle NET-96-44-189-96-1
July 24 2013 07:37 PM

J.Woody commented...
ATTEMPTED ADMIN EXPLOIT HACK(Attempt to access non existing area using known exploit script attack and sql injection)
Combined attacks from TOR networks:

72.52.91.18 - United States - Livermore - Hurricane Electric Inc.
96.44.189.98 - United States - Los Angeles - Axigy - Resolve Host: axigy2.torservers.net - Web Africa Proxy
96.44.189.102 - United States - Los Angeles - Axigy - Resolve Host: herngaard.torservers.net - Web Africa Proxy
208.73.211.247 - United States - Los Angeles - Oversee.net - Resolve Host: tor-exit-router38-readme.formlessnetworking.net
96.44.189.100 - United States - Los Angeles - Axigy - Resolve Host: manning1.torservers.net - Web Africa Proxy
208.73.211.247 - United States - Los Angeles - Oversee.net - Resolve Host: tor-exit-router42-readme.formlessnetworking.net
209.222.8.196 - Sweden - Guilhem.org - Resolve Host: madiba.guilhem.org
204.124.83.134 - United States - Chicago - Conformal Systems Llc. - Resolve Host: tor-exit4.conformal.com
18.187.1.68 - United States - Cambridge - Massachusetts Institute Of Technology - Resolve Host: sipb-tor.mit.edu
128.6.224.107 - United States - Newark - Rutgers University - Resolve Host: tor-node.rutgers.edu

USER AGENT:
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; InfoPath.2; OfficeLiveConnector.1.5; OfficeLivePatch.1.3)"

CONTINUED BELOW...
July 16 2013 02:34 PM

J.Woody commented...
...CONTINUED FROM ABOVE

SMALL SAMPLE (trim xxx for char limit):
72.52.91.18 - - xxx%20or%201%3E1 HTTP/1.1" 403
axigy2.torservers.net - - xxx%20or%201%3Dutl_inaddr.get_host_address%28%28select%20chr%28126%29%7C%7xxx HTTP/1.1" 403
herngaard.torservers.net - - xxx%20or%201%3Dctxsys.drithsx.sn%281%2C%28select%20chr%28126%29%7C%7Cchr%2839%29%7C%7Cglobal_name%7C%7Cxxx HTTP/1.1" 403
tor-exit-router38-readme.formlessnetworking.net - - xxx%20or%201%3Dordsys.ord_dicom.getmappingxpath%28%28select%20chr%28126%29%7C%7Cxxx HTTP/1.1" 403
manning1.torservers.net - - xxx%20union%20all%20select%20null%2Cnull%2Cnull%2Cnull%2Cnullxxx HTTP/1.1" 403
tor-exit-router42-readme.formlessnetworking.net - - xxx999999.9%20or%20gth%28%28select%20name%20from%20v%24databasexxx HTTP/1.1" 403
madiba.guilhem.org - - xxx999999.9%20%2F*%2130000union%20all%20select%200x31303235343830303536%2C0x31303235343830303536%2xxx-- HTTP/1.1" 403
tor-exit4.conformal.com - - xxx%20%2F*%2130000union%20all%20select%20null%2Cnull%2Cnull%2Cnull*%2F-- HTTP/1.1" 403
sipb-tor.mit.edu - - xxx=convert%28int%2Cchr%28114%29%7C%7Cchr%2851%29%7C%7Cchr%28100%29%7C%7Cxxx HTTP/1.1" 403
tor-node.rutgers.edu - - xxx=999999.9 or ascii(substr((select name from v$database where rownum=1),36,1))
July 16 2013 02:33 PM

K.Harding commented...
I am getting comment spam from this IP address
Therese Holman
reciclablepiensaverde.wordpress.com/
therese-holman-sdv48@gmail.com
96.44.189.102
May 02 2013 03:04 PM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been whitelisted. Future bad activity will result in automatic removal.
March 22 2013 06:10 PM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been marked to be included on Project Honey Pot whitelists. The whitelist is scheduled with a delay of 04:20:25. Documented reason for whitelist: Owner of a Dynamic IP Address
March 22 2013 01:41 PM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been whitelisted. Future bad activity will result in automatic removal.
March 13 2013 05:30 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been marked to be included on Project Honey Pot whitelists. The whitelist is scheduled with a delay of 00:52:05. Documented reason for whitelist: Mistaken Listing
March 13 2013 04:32 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been whitelisted. Future bad activity will result in automatic removal.
December 04 2012 01:50 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been marked to be included on Project Honey Pot whitelists. The whitelist is scheduled with a delay of 00:10:25. Documented reason for whitelist: Other
December 04 2012 01:38 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been REMOVED from Project Honey Pot whitelists; bad activity was encountered.
October 21 2012 02:01 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been whitelisted. Future bad activity will result in automatic removal.
October 19 2012 04:30 PM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been marked to be included on Project Honey Pot whitelists. The whitelist is scheduled with a delay of 00:02:05. Documented reason for whitelist: Owner of a Dynamic IP Address
October 19 2012 04:22 PM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been REMOVED from Project Honey Pot whitelists; bad activity was encountered.
October 19 2012 02:12 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been whitelisted. Future bad activity will result in automatic removal.
October 13 2012 09:10 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been marked to be included on Project Honey Pot whitelists. The whitelist is scheduled with a delay of 00:00:25. Documented reason for whitelist: Owner of a Dynamic IP Address
October 13 2012 09:02 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been REMOVED from Project Honey Pot whitelists; bad activity was encountered.
September 29 2012 05:06 PM

M.Anderson20 commented...
IP used hack to gain access to website and/or to create an account.
September 28 2012 02:30 PM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been whitelisted. Future bad activity will result in automatic removal.
September 25 2012 08:50 AM

Honey Pot System commented...
WHITELIST NOTICE: This IP has been marked to be included on Project Honey Pot whitelists. The whitelist is scheduled with a delay of 00:00:05. Documented reason for whitelist: Owner of a Dynamic IP Address
September 25 2012 08:46 AM

Page generated on: July 29 2021 10:32:17 PM
byronaldrich156@outlook.com randylin362@outlook.com ofeliacompton475@gmail.com vernonmichael769@gmail.com
do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–21, Unspam Technologies, Inc. All rights reserved.

Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot

contact | wiki | email