Wikipedia:WikiProject on open proxies/Archives/Closed/2010/October

This page is an archive. Do not edit the contents of this page. Please direct any additional comments to the current main page.

64.81.89.26 · talk · contribs · block · log · stalk · Robtex · whois · Google · ipcheck · HTTP · geo · rangeblocks · spur · shodan

Reason: Suspicious edits

Background at User_talk:TFOWR#Vandal_alert. For some time I've been playing whack-a-mole with the "Indonesian misinformation vandal", an IP-hopping vandal from IP addresses in Indonesia who inserts misinformation into articles about television programmes. The vandal now seems to have changed their strategy and is, I believe, now using proxies. This IP address may be a proxy, but I'm too technically illiterate to check. I've blocked the IP for 12 hours, but advice on how to deal with this kind of situation effectively would be very welcome. TFOWR 16:31, 1 October 2010 (UTC)

This IP is not on any blacklists, and '64.81.89.26 proxy' does not show up on Google. If this editor is using compromised machines, he must have a source for them that is not well-known. If he targets only a small number of articles it could be simpler to just semiprotect the articles for a month. EdJohnston (talk) 04:15, 2 October 2010 (UTC)

Cool, thanks. The most recent targets I semi'd for 3 days - the editor who reported the issue will let me know if/when the vandal returns, and I'll apply a month's semi next time. TFOWR 13:17, 2 October 2010 (UTC)

{{notaproxy}} Reverse lookup goes to a normal dsl provider, not a hosting company. No ports open/host down error, which indicates beyond any doubt that even if it was used as one in the past, it is not being used as one right now. (FYI, I am not officially a part of this project yet, but I would like to join once my edit count gets high enough). Cheers, Sailsbystars (talk) 03:44, 3 October 2010 (UTC)