IP Address Inspector

ATTENTION

This IP has not seen any suspicious activity within the last 3 months. This IP is most likely clean and trustworthy now. (This record will remain public for historical purposes, however.)

217.195.202.12

The Project Honey Pot system has detected behavior from the IP address consistent with that of a comment spammer. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.

Geographic Location	Turkey
Spider First Seen	approximately 10 years, 11 months, 1 week ago
Spider Last Seen	within 10 years, 7 months, 1 week
Spider Sightings	2,561 visit(s)
User-Agents	seen with 30 user-agent(s)

First Post On	approximately 10 years, 10 months, 5 weeks ago
Last Post On	within 10 years, 7 months, 2 weeks
Form Posts	1,518 web post submission(s) sent from this IP

IPs In The Neighborhood
217.195.201.49
217.195.201.110 \| S
217.195.201.130 \| S
217.195.201.220 \| SD
217.195.201.251 \| S
217.195.202.2
217.195.202.3 \| C
217.195.202.4 \| SC
217.195.202.5
217.195.202.6 \| HC
217.195.202.7
217.195.202.8
217.195.202.9
217.195.202.10 \| C
217.195.202.11 \| CR
217.195.202.13 \| C
217.195.202.14 \| C
217.195.202.15 \| C
217.195.202.16 \| C
217.195.202.17 \| C
217.195.202.18 \| C
217.195.202.19
217.195.202.20 \| C
217.195.202.21 \| C
217.195.202.22 \| HC
217.195.202.23
217.195.202.24 \| C
217.195.202.25 \| C
217.195.202.26 \| C
217.195.202.27 \| C
217.195.202.28 \| C
217.195.202.29
217.195.202.30
217.195.202.31
217.195.202.32
217.195.202.33
217.195.202.34
217.195.202.37 \| C
217.195.202.38
217.195.202.39
217.195.202.40
217.195.202.42
217.195.202.44
217.195.202.45
217.195.202.46
217.195.202.47
217.195.202.50 \| C
217.195.202.51
217.195.202.52 \| C
217.195.202.53 \| C
217.195.202.54
217.195.202.55 \| C
217.195.202.56
217.195.202.57
217.195.202.58
217.195.202.59
217.195.202.60 \| C
217.195.202.61
217.195.202.62 \| C
217.195.202.63
217.195.202.64 \| C
217.195.202.66
217.195.202.67 \| C
217.195.202.71
217.195.202.146
217.195.202.147 \| S
217.195.202.151
217.195.202.194 \| SD
217.195.202.195 \| SD

Sample Spam URLs & Keywords Posted From 217.195.202.12

Domain: www.casinorecension.net
URL: http://www.casinorecension.net/
Keywords: internet casino

Domain: www.casinorecension.net
URL: http://www.casinorecension.net/
Keywords: sverige bästa online casino

Domain: casinopanatetsverige.com
URL: http://casinopanatetsverige.com/

Domain: spelautomaterpanatetsverige.com
URL: http://spelautomaterpanatetsverige.com/

Domain: internetcasinosverige.net
URL: http://internetcasinosverige.net/

Domain: www.casinorecension.net
URL: http://www.casinorecension.net/
Keywords: svenska online casino spel

Domain: www.casinorecension.net
URL: http://www.casinorecension.net/
Keywords: spela gratis spel

Domain: onlinecasino.webblogg.se
URL: http://onlinecasino.webblogg.se/
Keywords: casino

Domain: onlinecasino.webblogg.se
URL: http://onlinecasino.webblogg.se/
Keywords: online casino

217.195.202.12's User Agent Strings

Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.0) Opera 7.02 Bork-edition [en]

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FunWebProducts; .NET CLR 1.1.4322; PeoplePal 6.2)

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MRA 5.8 (build 4157); .NET CLR 2.0.50727; AskTbPTV/5.11.3.15590)

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322)

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0)

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322)

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)

Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)

Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.4; MRA 6.0 (build 6005); User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1); .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.1; .NET4.0C; .NET4.0E; MRIE8PACK 2.0.1)

Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; MRA 6.0 (build 5993); MRA 8.0 (build 5784); InfoPath.2)

Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)

Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)

Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Trident/4.0; .NET CLR 1.1.4322)

Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 3.5.30729)

Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)

Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

Mozilla/5.0 (iPad; CPU OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3

Mozilla/5.0 (iPad; CPU OS 6_0_1 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A523 Safari/8536.25

Mozilla/5.0 (iPhone; CPU iPhone OS 6_1_3 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10B329 Safari/8536.25

Mozilla/5.0 (iPod; CPU iPhone OS 6_1_3 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10B329 Safari/8536.25

Mozilla/5.0 (Linux; U; Android 2.2; fr-fr; Desire_A8181 Build/FRF91) App3leWebKit/53.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_5_8) AppleWebKit/534.50.2 (KHTML, like Gecko) Version/5.0.6 Safari/533.22.3

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/534.57.2 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.71 Safari/537.36

Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:22.0) Gecko/20100101 Firefox/22.0

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/536.26.17 (KHTML, like Gecko) Version/6.0.2 Safari/536.26.17

2 comment(s) - Comment on this IP | Collapse All

H.User7152 commented...

XRumer spammer, multiple attempts at accessing the Wordpress admin login:

217.195.202.9 - - [24/Jul/2013:09:05:41 +0000] "GET /wp-admin HTTP/1.0" 301 243 "http://benung.nfshost.com/wp-admin" "Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.11"
217.195.202.9 - - [24/Jul/2013:09:05:42 +0000] "GET /wp-admin HTTP/1.0" 301 243 "-" "xrumerguestbook1.exe"
217.195.202.12 - - [26/Jul/2013:02:48:32 +0000] "GET /wp-admin HTTP/1.0" 301 243 "http://benung.nfshost.com/wp-admin" "Mozilla/5.0 (Windows NT 5.2; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0"
217.195.202.12 - - [26/Jul/2013:02:49:02 +0000] "GET /wp-admin HTTP/1.0" 301 243 "-" "xrumerguestbook1.exe"
July 27 2013 02:38 PM

J.Morris3 commented...

WordPress remote-posting spammer. Posts to xmlrpc.php several times daily.

UA#1: Gets an initial blog post or page using a random (usually legacy) browser version, then attempts to inject content using

UA#2: "PHP/5.2.10".
June 14 2013 08:46 AM

Page generated on: May 03 2024 03:46:58 AM

Please note: being listed on these pages does not necessarily mean an IP address, domain name, or any other information is owned by a spammer. For example, it may have been hijacked from its true owner and used by a spammer.

Want to keep this IP address off your website? Start taking advantage of http:BL.

If you are the owner of this IP address, you can whitelist it by connecting to this page from the IP itself (or from an IP within /24). Alternatively, the IP will be auto excused after 90 days of no activity.

217.195.202.12 | C

Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot