IP Address Inspector

ATTENTION
  • This IP has not seen any suspicious activity within the last 3 months. This IP is most likely clean and trustworthy now. (This record will remain public for historical purposes, however.)

208.66.195.4 Email Address Harvester

The Project Honey Pot system has detected behavior from the IP address consistent with that of a spam harvester and comment spammer. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.

Lookup IP In: Domain Tools | SpamHaus | Spamcop | SenderBase | Google Groups | Google

Geographic Location Unknown Unknown
IP Characteristics Blocklisted By: SpamHaus

Harvester First Seen approximately 9 years, 8 months, 2 weeks ago
Harvester Last Seen within 2 years, 6 months, 2 weeks
Harvester Sightings 1,322 visit(s) to 589 honey pot(s)
Harvester Results 13222.433 messages per visit
17,480,056 message(s) resulting from harvests
- First: approximately 9 years, 8 months, 1 week ago
- Last: approximately 1 week ago
1,311 email address(es) harvested
- First: approximately 9 years, 8 months, 2 weeks ago
- Last: Mon, 04 Sep 2006 12:16:46 -0700
Time From Harvest
To First Spam
Fastest: 4 hours, 9 mins, 12 secs
Slowest: 1 week, 2 days, 20 hours, 9 mins, 49 secs
Average: 3 days, 23 mins, 28 secs
Std Dev: 1 day, 19 hours, 14 mins, 40 secs

First Post On approximately 2 years, 6 months, 2 weeks ago
Last Post On within 2 years, 6 months, 2 weeks
Form Posts 32 web post submission(s) sent from this IP

Associated Mail Servers
89.5.38.236 | S Saudi Arabia
88.170.3.64 | SD France
222.252.26.3 | S Vietnam
88.228.226.114 | S Turkey
88.243.250.25 | SD Turkey
93.64.209.1 | S Italy
88.252.155.204  Turkey
77.198.142.239 | SD France
80.250.238.105 | SD Russia
78.171.130.144 | S Turkey
116.37.97.74 | S South Korea
95.65.165.93 | SD Turkey
202.88.215.188 | S India
80.118.228.251 | SD France
93.86.137.7 | S Serbia
201.251.61.2 | SD Argentina
77.114.138.192 | S Poland
78.166.58.82 | SD Turkey
88.231.50.176 | S Turkey
88.224.23.193 | S Turkey
211.231.24.177 | SD South Korea
85.108.211.249 | SD Turkey
78.175.227.168 | S Turkey
189.93.30.70 | SD Brazil
212.242.228.3 | S Denmark
93.129.239.145  Germany
94.97.63.195 | S Saudi Arabia
123.225.16.202 | SD Japan
88.232.196.131 | S Turkey
200.90.240.145 | SD Chile
189.134.123.221 | S Mexico
189.79.203.169 | S Brazil
125.161.65.151 | SD Indonesia
77.123.136.138 | S Ukraine
58.16.228.126 | S China
201.26.71.175 | S Brazil
189.169.238.208 | SD Mexico
91.203.208.185 | SD Russia
190.24.26.241 | SD Colombia
83.41.231.24 | S Spain
200.140.68.246 | SD Brazil
72.181.17.76 | SD United States
89.53.40.72 | SD Germany
87.96.154.173 | S Sweden
118.68.160.88 | S Vietnam
88.224.177.22 | S Turkey
88.231.246.88 | SD Turkey
190.87.183.216 | S El Salvador
80.252.17.70 | SD Russia
84.31.116.247 | SD Netherlands
78.186.191.224 | SD Turkey
92.84.20.44 | SD Romania
24.27.181.1 | S United States
88.238.205.188 | S Turkey
81.215.207.59 | SD Turkey
87.122.139.208 | SD Germany
79.185.0.36 | S Poland
88.224.197.177 | S Turkey
88.247.190.163 | SD Turkey
77.253.48.168 | S Poland
81.213.141.188 | SD Turkey
173.50.145.77 | SD United States
189.73.80.4 | S Brazil
95.110.71.212 | SD Russia
76.185.100.134 | SD United States
201.58.208.140 | SD Brazil
91.82.130.111 | SD Hungary
91.76.49.139 | S Russia
94.98.50.71 | S Unknown
78.184.4.237 | SD Turkey
71.170.114.111 | SD United States
88.253.17.205 | S Turkey
88.244.216.128 | S Turkey
200.181.147.9 | SD Brazil
78.2.2.55 | S Croatia
IPs In The Neighborhood
208.66.194.38 Unknown
208.66.194.52 Unknown
208.66.194.110 Unknown
208.66.194.125 Unknown
208.66.194.126 Unknown
208.66.194.154 | H Unknown
208.66.194.160 Unknown
208.66.194.162 Unknown
208.66.194.163 Unknown
208.66.194.164 Unknown
208.66.194.165 Unknown
208.66.194.166 Unknown
208.66.194.167 Unknown
208.66.194.168 Unknown
208.66.194.169 Unknown
208.66.194.170 Unknown
208.66.194.171 Unknown
208.66.194.172 Unknown
208.66.194.173 Unknown
208.66.194.174 Unknown
208.66.194.178 Unknown
208.66.194.179 Unknown
208.66.194.184 Unknown
208.66.194.199 | S Unknown
208.66.194.204 Unknown
208.66.194.214 Unknown
208.66.194.232 Unknown
208.66.194.240 Unknown
208.66.195.0 Unknown
208.66.195.1 Unknown
208.66.195.2 | H Unknown
208.66.195.3 | H Unknown
208.66.195.5 | H Unknown
208.66.195.6 | H Unknown
208.66.195.7 | H Unknown
208.66.195.8 | H Unknown
208.66.195.9 | H Unknown
208.66.195.10 | H Unknown
208.66.195.11 | H Unknown
208.66.195.12 Unknown
208.66.195.13 Unknown
208.66.195.14 | H Unknown
208.66.195.15 | H Unknown
208.66.195.19 | H Unknown
208.66.195.20 | H Unknown
208.66.195.21 | H Unknown
208.66.195.22 | H Unknown
208.66.195.23 Unknown
208.66.195.30 Unknown
208.66.195.31 Unknown
208.66.195.35 Unknown
208.66.195.41 | H Unknown
208.66.195.46 Unknown
208.66.195.53 Unknown
208.66.195.59 Unknown
208.66.195.60 Unknown
208.66.195.64 Unknown
208.66.195.67 Unknown
208.66.195.71 Unknown
208.66.195.78 Unknown
208.66.195.79 | H Unknown
208.66.195.83 | H Unknown
208.66.195.85 Unknown
208.66.195.90 | H Unknown
208.66.195.101 Unknown
208.66.195.110 Unknown
208.66.195.116 Unknown
208.66.195.121 Unknown
208.66.195.123 Unknown
208.66.195.125 Unknown
208.66.195.126 Unknown
208.66.195.140 Unknown
208.66.195.145 | C Unknown
208.66.195.175 | S Unknown
208.66.195.203 Unknown
Sample Spam URLs & Keywords Posted From 208.66.195.4
Domain: www.buyawindows7key.com
URL: http://www.buyawindows7key.com
Keywords: ray bans fake
Domain: pinterest.com
URL: http://pinterest.com/fashionsw/isabel-marant-sneakers-collection-box/
Keywords: isabel marant sneakers
Domain: onlineisabelmarantsneakers.tripod.com
URL: http://onlineisabelmarantsneakers.tripod.com
Keywords: isabel marant
Domain: onlineisabelmarant.tripod.com
URL: http://onlineisabelmarant.tripod.com
Keywords: sneakers isabel marant
Domain: isabelmarantsneaker.webpin.com
URL: http://isabelmarantsneaker.webpin.com
Keywords: isabel marant sneakers
Domain: isabelmarants.tripod.com
URL: http://isabelmarants.tripod.com
Keywords: isabel marant
Domain: isabelmarantsneakersstore.tripod.com
URL: http://isabelmarantsneakersstore.tripod.com
Keywords: sneakers isabel marant
Domain: imgfave.com
URL: http://imgfave.com/isabelmarantstore
Keywords: isabel marant
Domain: imgfave.com
URL: http://imgfave.com/isabelmarantsneakersoutlet
Keywords: isabel marant sneakers
Domain: isabelmarantoutlet.polyvore.com
URL: http://isabelmarantoutlet.polyvore.com
Keywords: isabel marant
Domain: www.luuux.com
URL: http://www.luuux.com/fashion/isabel-marant-sneakers-online-store-70-isabel-marant-shoes-outlet-store
Keywords: isabel marant shoes
Domain: www.luuux.com
URL: http://www.luuux.com/fashion/buy-isabel-marant-sneakers-70-isabel-marant-shoes-outlet-store
Keywords: isabel marant
Domain: www.facebook.com
URL: https://www.facebook.com/pages/Cheap-oakley-sunglassescheap-Oakleys-outlet/590234567656523
Keywords: cheap oakley sunglasses
Domain: fakeoakleysunglasses.zuhah.com
URL: http://fakeoakleysunglasses.zuhah.com
Keywords: fake oakleys
Domain: isabelmarantsneaker.webpin.com
URL: http://isabelmarantsneaker.webpin.com
Keywords: fake oakleys
208.66.195.4's User Agent Strings
none/blank
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; TencentTraveler ; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727 ; .NET CLR 4.0.30319)
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:19.0) Gecko/20100101 Firefox/19.0
psycheclone
P.Hauser commented...
This log shows why you should block TWO criteria and not only one:

First approach as UA "psycheclone", which received 302:

208.66.195.2 [20/Jun/2006:17:37:55 +0200] "GET /robots.txt " 200 468 "-" "[same UA]"
208.66.195.2 [20/Jun/2006:17:37:58 +0200] "GET / " 302 214 "-" "[same UA]"
208.66.195.4 [22/Jun/2006] "[same UA]"
208.66.195.6 [26/Jun/2006] "[same UA]"
208.66.195.6 [27/Jun/2006] "[same UA]"
208.66.195.3 [28/Jun/2006] "[same UA]"
208.66.195.4 [01/Jul/2006] "[same UA]"
208.66.195.6 [01/Jul/2006] "[same UA]"
208.66.195.3 [12/Jul/2006] "[same UA]"

Changing UA from "psycheclone" to
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322)"
receiving 200:

208.66.195.9 [14/Jul/2006:00:42:50 +0200] "GET /robots.txt " 200 468 "-" "[same UA]"
208.66.195.9 [14/Jul/2006:00:43:20 +0200] "GET / " 200 66380 "-" "[same UA]"

208.66.195.5 [27/Jul/2006] "[same UA]"
[...]
208.66.195.5 [27/Jul/2006] "[same UA]"
208.66.195.10 [08/Aug/2006] "[same UA]"
[...]
208.66.195.10 [08/Aug/2006] "[same UA]"

First harvest with this UA:

208.66.195.10 [08/Aug/2006:12:53:09 +0200] "GET /robots.txt " 200 468 "-" "[same UA]"
[42 continued requests in 40 minutes / every minute one request]
208.66.195.10 [08/Aug/2006:13:24:20 +0200] "GET /[URL]&lang=cs " 200 68400 "-" "[same UA]"

208.66.195.19 [30/Aug/2006] [same UA]"
[...]
208.66.195.19 [30/Aug/2006] "[same UA]"

Second harvest with this UA:

208.66.195.22 [30/Aug/2006:10:45:54 +0200] "GET /robots.txt " 200 468 "-" "[same UA]"
[38 continued requests in 25 minutes / every minute one request, little faster]
208.66.195.22 [30/Aug/2006:11:07:09 +0200] "GET /[URL]&lang=es " 200 68965 "-" "[same UA]"

We stopped him:

208.66.195.9 [03/Sep/2006] "[same UA]"
[...]
208.66.195.9 [03/Sep/2006] "[same UA]"
208.66.195.7 [04/Sep/2006] "[same UA]"
[...]
208.66.195.7 [04/Sep/2006] "GET / " 302 214 "-" "[same UA]"
July 31 2007 07:26 PM

Page generated on: February 07 2016 10:55:19 PM
John OrwinJason OrwinJasonJason
megangoodman535@yahoo.com derekgustafson625@yahoo.com rubensaldana808@gmail.com derekgustafson625@vbwebmail.com
do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | CloudFlare Site Protection | Contact Us

Copyright © 2004–16, Unspam Technologies, Inc. All rights reserved.

Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot

contact | wiki | email