IP Address Inspector
| ATTENTION |
|
208.66.195.10 
The Project Honey Pot system has detected behavior from the IP address consistent with that of a spam harvester. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.
Lookup IP In: Domain Tools | SpamHaus | OpenRBL | Spamcop | SenderBase | Google Groups | Google
| Geographic Location |
Unknown
|
| IP Characteristics |
Blocklisted By:
SpamHaus |
| Harvester First Seen | approximately 3 years, 5 months, 3 weeks ago |
| Harvester Last Seen | within 3 years, 2 months, 3 weeks |
| Harvester Sightings | 1,123 visit(s) to 558 honey pot(s) |
| Harvester Results |
6976.947 messages per visit 7,835,111 message(s) resulting from harvests - First: approximately 3 years, 5 months, 3 weeks ago - Last: approximately 1 week ago 1,124 harvested address(es) have seen message(s) - First: approximately 3 years, 5 months, 3 weeks ago - Last: Sun, 03 Sep 2006 04:07:05 -0400 |
| Time From Harvest To First Spam |
Fastest: 2 hours, 14 mins, 41 secs Slowest: 1 week, 2 days, 21 hours, 32 mins, 24 secs Average: 2 days, 23 hours, 28 mins, 30 secs Std Dev: 1 day, 19 hours, 49 mins, 26 secs |
|
1 comment(s) - Comment on this IP | Collapse All
|
|
P.Hauser commented...
This log shows why you should block TWO criteria and not only one:
First approach as UA "psycheclone", which received 302: 208.66.195.2 [20/Jun/2006:17:37:55 +0200] "GET /robots.txt " 200 468 "-" "[same UA]" 208.66.195.2 [20/Jun/2006:17:37:58 +0200] "GET / " 302 214 "-" "[same UA]" 208.66.195.4 [22/Jun/2006] "[same UA]" 208.66.195.6 [26/Jun/2006] "[same UA]" 208.66.195.6 [27/Jun/2006] "[same UA]" 208.66.195.3 [28/Jun/2006] "[same UA]" 208.66.195.4 [01/Jul/2006] "[same UA]" 208.66.195.6 [01/Jul/2006] "[same UA]" 208.66.195.3 [12/Jul/2006] "[same UA]" Changing UA from "psycheclone" to "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322)" receiving 200: 208.66.195.9 [14/Jul/2006:00:42:50 +0200] "GET /robots.txt " 200 468 "-" "[same UA]" 208.66.195.9 [14/Jul/2006:00:43:20 +0200] "GET / " 200 66380 "-" "[same UA]" 208.66.195.5 [27/Jul/2006] "[same UA]" [...] 208.66.195.5 [27/Jul/2006] "[same UA]" 208.66.195.10 [08/Aug/2006] "[same UA]" [...] 208.66.195.10 [08/Aug/2006] "[same UA]" First harvest with this UA: 208.66.195.10 [08/Aug/2006:12:53:09 +0200] "GET /robots.txt " 200 468 "-" "[same UA]" [42 continued requests in 40 minutes / every minute one request] 208.66.195.10 [08/Aug/2006:13:24:20 +0200] "GET /[URL]â©=cs " 200 68400 "-" "[same UA]" 208.66.195.19 [30/Aug/2006] [same UA]" [...] 208.66.195.19 [30/Aug/2006] "[same UA]" Second harvest with this UA: 208.66.195.22 [30/Aug/2006:10:45:54 +0200] "GET /robots.txt " 200 468 "-" "[same UA]" [38 continued requests in 25 minutes / every minute one request, little faster] 208.66.195.22 [30/Aug/2006:11:07:09 +0200] "GET /[URL]â©=es " 200 68965 "-" "[same UA]" We stopped him: 208.66.195.9 [03/Sep/2006] "[same UA]" [...] 208.66.195.9 [03/Sep/2006] "[same UA]" 208.66.195.7 [04/Sep/2006] "[same UA]" [...] 208.66.195.7 [04/Sep/2006] "GET / " 302 214 "-" "[same UA]" July 31 2007 10:40 PM |
Please note: being listed on these pages does not necessarily mean an IP address, domain name, or any other information is owned by a spammer. For example, it may have been hijacked from its true owner and used by a spammer.
Want to keep this IP address off your website? Start taking advantage of http:BL.
If you are the owner of this IP address, you can whitelist it by connecting to this paged from the IP itself (or from an IP within /24). Alternatively, the IP will be auto excused after 90 days of no activity.
Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Contact Us
Copyright © 2004–09, Unspam Technologies, Inc. All rights reserved.
Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot