IP Address Inspector

ATTENTION

This IP has not seen any suspicious activity within the last 3 months. This IP is most likely clean and trustworthy now. (This record will remain public for historical purposes, however.)

195.175.239.168

The Project Honey Pot system has detected behavior from the IP address consistent with that of a comment spammer. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.

Geographic Location	Turkey
Spider First Seen	approximately 9 years, 5 months, 3 weeks ago
Spider Last Seen	within 9 years, 4 months, 4 weeks
Spider Sightings	36 visit(s)
User-Agents	seen with 30 user-agent(s)

First Post On	approximately 9 years, 5 months, 2 weeks ago
Last Post On	within 9 years, 4 months, 4 weeks
Form Posts	13 web post submission(s) sent from this IP

IPs In The Neighborhood
195.175.239.79
195.175.239.169 \| C
195.175.239.253 \| S
195.175.239.254
195.175.239.255 \| S
195.175.240.92

Sample Spam URLs & Keywords Posted From 195.175.239.168

Domain: www.monclerjacketspro.com
URL: http://www.monclerjacketspro.com/
Keywords: moncler sale

Domain: www.monclerjacketspro.com
URL: http://www.monclerjacketspro.com/
Keywords: moncler jackets

Domain: www.monclerjacketspro.com
URL: http://www.monclerjacketspro.com/
Keywords: outlet moncler

Domain: www.monclerjacketspro.com
URL: http://www.monclerjacketspro.com/
Keywords: moncler kids outlet

Domain: www.monclerjacketspro.com
URL: http://www.monclerjacketspro.com/
Keywords: moncler womens jackets

Domain: www.monclerjacketspro.com
URL: http://www.monclerjacketspro.com/moncler-jackets-women-6681-p-63.html
Keywords: moncler womens jackets

Domain: www.kidsource.org
URL: http://www.kidsource.org/
Keywords: replica watches

Domain: www.kidsource.org
URL: http://www.kidsource.org/
Keywords: quality replica watches

Domain: www.kidsource.org
URL: http://www.kidsource.org/
Keywords: women longines watches

Domain: www.kidsource.org
URL: http://www.kidsource.org/
Keywords: men longines watches

Domain: www.kidsource.org
URL: http://www.kidsource.org/longines-primaluna-l81105997-p-26.html
Keywords: men longines watches

Domain: www.kidsource.org
URL: http://www.kidsource.org/includes/templates/dresses/css/style_imagehover.css
Keywords: men longines watches

Domain: www.kidsource.org
URL: http://www.kidsource.org/includes/templates/dresses/css/stylesheet.css
Keywords: men longines watches

195.175.239.168's User Agent Strings

Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.0) Opera 7.02 Bork-edition [en]

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; SpamBlockerUtility 4.8.0)

Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:21.0) Gecko/20100101 Firefox/21.0

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/536.30.1 (KHTML, like Gecko) Version/6.0.5 Safari/536.30.1

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.71 Safari/537.36

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/536.28.10 (KHTML, like Gecko) Version/6.0.3 Safari/536.28.10

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.71 Safari/537.36

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/536.30.1 (KHTML, like Gecko) Version/6.0.5 Safari/536.30.1

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.110 Safari/537.36

Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.71 Safari/537.36

Mozilla/5.0 (Windows NT 5.1; rv:21.0) Gecko/20100101 Firefox/21.0

Mozilla/5.0 (Windows NT 5.1; rv:5.0.1) Gecko/20100101 Firefox/5.0.1

Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36

Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36

Mozilla/5.0 (Windows NT 6.1; rv:21.0) Gecko/20100101 Firefox/21.0

Mozilla/5.0 (Windows NT 6.1; rv:22.0) Gecko/20100101 Firefox/22.0

Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.02

Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.112 Safari/535.1

Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31

Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.110 Safari/537.36

Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36

Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.71 Safari/537.36

Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.72 Safari/537.36

Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36

Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36

Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36

Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36

Opera/9.80 (Windows NT 6.2; Win64; x64) Presto/2.12.388 Version/12.15

2 comment(s) - Comment on this IP | Collapse All

J.Woody commented...

DICTIONARY ATTACKER
ATTEMPTED EXPLOIT HACK(Attempt to access non existing areas using known exploit)

195.175.239.168 - Turkey - RAS-adana 1.bolge - Telekomunikasyon Anonim Sirketi - Resolve Host: 195.175.239.168.static.turktelekom.com.tr

SMALL SAMPLE:
195.175.239.168 - - [08/Feb/2012:22:31:48 +0000] "GET /muieblackcat HTTP/1.1" 403 393 "-" "-"
195.175.239.168 - - [08/Feb/2012:22:31:48 +0000] "GET //index.php HTTP/1.1" 403 390 "-" "-"
195.175.239.168 - - [08/Feb/2012:22:31:49 +0000] "GET //admin/index.php HTTP/1.1" 403 396 "-" "-"
195.175.239.168 - - [08/Feb/2012:22:31:49 +0000] "GET //admin/pma/index.php HTTP/1.1" 403 400 "-" "-"
195.175.239.168 - - [08/Feb/2012:22:31:50 +0000] "GET //admin/phpmyadmin/index.php HTTP/1.1" 403 407 "-" "-"
195.175.239.168 - - [08/Feb/2012:22:31:50 +0000] "GET //db/index.php HTTP/1.1" 403 393 "-" "-"
195.175.239.168 - - [08/Feb/2012:22:31:51 +0000] "GET //dbadmin/index.php HTTP/1.1" 403 398 "-" "-"
195.175.239.168 - - [08/Feb/2012:22:31:51 +0000] "GET //myadmin/index.php HTTP/1.1" 403 398 "-" "-"
195.175.239.168 - - [08/Feb/2012:22:31:52 +0000] "GET //mysql/index.php HTTP/1.1" 403 396 "-" "-"
195.175.239.168 - - [08/Feb/2012:22:31:52 +0000] "GET //mysqladmin/index.php HTTP/1.1" 403 401 "-" "-"
February 09 2012 07:42 AM

D.Wheeler4 commented...

phpmyadmin vulnerability scanner
February 04 2012 12:40 PM

Page generated on: April 28 2024 02:13:58 AM

Please note: being listed on these pages does not necessarily mean an IP address, domain name, or any other information is owned by a spammer. For example, it may have been hijacked from its true owner and used by a spammer.

Want to keep this IP address off your website? Start taking advantage of http:BL.

If you are the owner of this IP address, you can whitelist it by connecting to this page from the IP itself (or from an IP within /24). Alternatively, the IP will be auto excused after 90 days of no activity.

195.175.239.168 | C

Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot