I am trying to figure out how our IP is being used and reported on some other website's form submissions. But seeing this is being logged on someone elses server... we can not view their logs nor fix their submit forms to display more info to help trace the actual submitter.
Our server is secured against open relays, so if this is indeed originating from someone on our server... they must be using a script that spoofs our IP... but who ? and which one ?
Here's the only info we get back:
xx.xx.xx.xxx - - [20/Jan/2006:05:33:15 -0800] "POST /linker/add.php
HTTP/1.1" 200 17937 "http://www.SomeLinkSite.com/linker/add.php?sid="
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
Any help is appreciated,