IP Address Inspector

ATTENTION
  • This IP has not seen any suspicious activity within the last 3 months. This IP is most likely clean and trustworthy now. (This record will remain public for historical purposes, however.)

220.161.150.70

The Project Honey Pot system has detected behavior from the IP address consistent with that of a comment spammer and rule breaker. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.

Lookup IP In: Domain Tools | SpamHaus | Spamcop | SenderBase | Google Groups | Google

Geographic Location China China
Spider First Seen approximately 9 years, 9 months, 2 weeks ago
Spider Last Seen within 9 years, 3 months, 3 weeks
Spider Sightings 44,689 visit(s)
User-Agents seen with 30 user-agent(s)

First Post On approximately 9 years, 9 months, 2 weeks ago
Last Post On within 9 years, 3 months, 3 weeks
Form Posts 16,971 web post submission(s) sent from this IP

First Rule-Break On approximately 9 years, 7 months, 4 weeks ago
Last Rule-Break On within 9 years, 4 months, 3 weeks
Rule Breaks 13 web page navigation rule(s) broken by this IP

IPs In The Neighborhood
220.161.149.110 China
220.161.149.206 China
220.161.150.0 China
220.161.150.10 China
220.161.150.13 China
220.161.150.26 China
220.161.150.30 China
220.161.150.114 | C China
220.161.150.122 China
220.161.150.130 | C China
220.161.150.134 | C China
220.161.150.194 China
220.161.150.230 | C China
Sample Spam URLs & Keywords Posted From 220.161.150.70
Domain: rsuau.free.fr
URL: http://rsuau.free.fr/phorum/read.php3?f=5&i=1&t=
Keywords: the north face jackets and uggs cheap us
Domain: www.blackmore.nl
URL: http://www.blackmore.nl/activity/phorum2005/read.php?23
Keywords: north face jackets and cheap uggs bailey
Domain: www.imcdb.org
URL: http://www.imcdb.org/login.ph
Keywords: north face sale uk and ugg discount online
Domain: forum.paradoxplaza.com
URL: http://forum.paradoxplaza.com/forum/index.ph
Keywords: ugg boots cheap ugg boots canada uggs canada
Domain: www.georgiafurs.com
URL: http://www.georgiafurs.com/forum/viewtopic.php?f=22&t=1646&p=20187#p2018
Keywords: north face outlet uk
Domain: forum.rugart.org
URL: http://forum.rugart.org/viewtopic.php?f=2&t=92724&p=208306#p20830
Keywords: north face denali jackets
Domain: forumnova.tabloidnova.com
URL: http://forumnova.tabloidnova.com/index.ph
Keywords: ugg boots canada cheap uggs ugg canada
Domain: wukeys.de
URL: http://wukeys.de/index.php?option=com_phocaguestbook&view=phocaguestbook&id=1&Itemid=6
Keywords: north face jackets and cheap uggs online
Domain: catspaz.com
URL: http://catspaz.com/forum/profile.php?mode=viewprofile&u=71502
Keywords: north face jackets and uggs bailey button
Domain: www.uggbootscheap-outlet.com
URL: http://www.uggbootscheap-outlet.com/
Keywords: north face jackets and uggs bailey button
Domain: www.uggscheapus.com
URL: http://www.uggscheapus.com/
Keywords: north face jackets and uggs bailey button
Domain: rsuau.free.fr
URL: http://rsuau.free.fr/phorum/read.php3?f=5&i=1&t=1
Keywords: north face jackets and uggs bailey button
Domain: www.imcdb.org
URL: http://www.imcdb.org/login.php
Keywords: north face jackets and uggs bailey button
Domain: forum.paradoxplaza.com
URL: http://forum.paradoxplaza.com/forum/index.php
Keywords: north face jackets and uggs bailey button
Domain: www.georgiafurs.com
URL: http://www.georgiafurs.com/forum/viewtopic.php?f=22&t=1646&p=20187#p20187
Keywords: north face jackets and uggs bailey button
220.161.150.70's User Agent Strings
14-start.exe
Mozilla/0.6 Beta (Windows)
Mozilla/0.91 Beta (Windows)
Mozilla/1.22 (compatible; MSIE 2.0d; Windows NT)
Mozilla/1.22 (compatible; MSIE 2.0; Windows 95)
Mozilla/2.0 (compatible; MSIE 3.02; Windows CE; 240x320)
Mozilla/4.0 (compatible; MSIE 4.01; Digital AlphaServer 1000A 4/233; Windows NT; Powered By 64-Bit Alpha Processor)
Mozilla/4.0 (compatible; MSIE 5.0; Windows 2000) Opera 6.0 [en]
Mozilla/4.0 (compatible; MSIE 5.0; Windows 3.1)
Mozilla/4.0 (compatible; MSIE 5.0; Windows 95) Opera 6.01 [en]
Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt)
Mozilla/4.0 (compatible; MSIE 5.5; Windows 95)
Mozilla/4.0 (compatible; MSIE 5.5; Windows 95; BCD2000)
Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0)
Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0; .NET CLR 1.0.2914)
Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0; .NET CLR 1.1.4322)
Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0; T312461)
Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.2; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Mozilla/4.0 (compatible; MSIE 6.0; AOL 9.0; Windows NT 5.1)
Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 4.0) Opera 7.0 [en]
Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.0) Opera 7.02 Bork-edition [en]
Mozilla/4.0 (compatible; MSIE 6.0; Update a; AOL 6.0; Windows 98)
Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Win 9x 4.90)
Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Win 9x 4.90; Creative)
Mozilla/4.0 (compatible; MSIE 6.0; Windows ME) Opera 7.11 [en]
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; APC; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50215; InfoPath.1)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Avant Browser [avantbrowser.com]; Hotbar 4.4.5.0)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; KTXN)
H.User5616 commented...
MODSEC 2.2.3 403's this douchebag using this rule
base_rules/modsecurity_crs_41_sql_injection_attacks.con
February 06 2012 06:51 AM

E.Stone commented...
ok IP has kept it up everyday since my last comment I would say its A Spammer using Xrumer or simular type program. The referrer website is a different one everyday and the useragent changes on each attempt.
January 12, 2012, 22:01:08 EST5EDT -05:00 Version 0.1.2
IP Address : 220.161.150.70 Shanghai, Shanghai, China
Remote Host : 220.161.150.70
User Agent : Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; ru) Opera 8.50
Referer : http://www.mulberryoutletshop.info/
January 12 2012 11:02 PM

H.User7152 commented...
When it couldn't dispatch its spam comment, it tried to log in.

220.161.150.70 - - [08/Jan/2012:06:41:22 +0000] "GET /index.php HTTP/1.0" 301 0 "http://www.belstaff-jackets.me.uk/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)"
220.161.150.70 - - [08/Jan/2012:06:41:24 +0000] "GET / HTTP/1.0" 200 17413 "http://———/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)"
220.161.150.70 - - [08/Jan/2012:06:41:28 +0000] "GET /wp-login.php HTTP/1.0" 200 5699 "http://———/wp-login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)"
220.161.150.70 - - [08/Jan/2012:06:41:30 +0000] "POST /wp-login.php HTTP/1.0" 200 6355 "http://———/wp-login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)"
January 08 2012 04:58 AM

B.Spade commented...
This IP address has attempted to post comment spam to my forum 641 times in the month of December, 2011
January 01 2012 08:07 PM

E.Stone commented...
this guy is a Referrer Log Spammer fills your sites logs with referrer links. He Also uses other IP numbers from china.
--------------------------------------------------------
December 19, 2011, 04:41:18 EST5EDT -05:00 Version 0.1.2
IP Address : 220.161.150.70 Shanghai, Shanghai, China
Remote Host : 220.161.150.70
User Agent : Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; APC; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50215; InfoPath.1)
Referer : http://www.uggbootscheapworld.com/
-------------------------------------------------------
December 19, 2011, 05:50:55 EST5EDT -05:00 Version 0.1.2
IP Address : 125.78.15.3 Fuzhou, Fujian, China
Remote Host : 3.15.78.125.broad.qz.fj.dynamic.163data.com.cn
User Agent : Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;)
Referer : http://www.uggbootscheapworld.com/
December 19 2011 06:45 AM

R.Robson commented...
This ip address has attempted to login to our web site numerous times using the login id of liaissith and what appears to be randomly generated passwords.
December 03 2011 12:00 PM

H.User7152 commented...
Login attempts and comment spam:

220.161.150.70 - - [18/Nov/2011:08:53:20 +0000] "GET /index.php HTTP/1.0" 301 0 "http://www.saleoutlets.net/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)"
220.161.150.70 - - [18/Nov/2011:08:53:22 +0000] "GET / HTTP/1.0" 200 20386 "http://————.com" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)"
220.161.150.70 - - [18/Nov/2011:08:53:34 +0000] "GET /wp-login.php HTTP/1.0" 200 5224 "http://————/wp-login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)"
220.161.150.70 - - [18/Nov/2011:08:53:36 +0000] "POST /wp-login.php HTTP/1.0" 200 6137 "http://————/wp-login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)"
November 18 2011 05:56 AM

Page generated on: July 31 2021 08:15:16 AM
norafrederick317@yahoo.com robertkern881@outlook.com megangoodman535@gmail.com beatrizschulz962@vbwebmail.com
do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–21, Unspam Technologies, Inc. All rights reserved.

Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot

contact | wiki | email