IP Address Inspector

ATTENTION
  • This IP has not seen any suspicious activity within the last 3 months. This IP is most likely clean and trustworthy now. (This record will remain public for historical purposes, however.)

208.66.195.4 Email Address Harvester

The Project Honey Pot system has detected behavior from the IP address consistent with that of a spam harvester and comment spammer. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.

Lookup IP In: Domain Tools | SpamHaus | Spamcop | SenderBase | Google Groups | Google

Geographic Location United States United States
IP Characteristics Blocklisted By: SpamHaus

Harvester First Seen approximately 10 years, 11 months, 4 weeks ago
Harvester Last Seen within 3 years, 9 months, 4 weeks
Harvester Sightings 1,322 visit(s) to 589 honey pot(s)
Harvester Results 13677.741 messages per visit
18,081,974 message(s) resulting from harvests
- First: approximately 10 years, 11 months, 3 weeks ago
- Last: approximately 1 week ago
1,311 email address(es) harvested
- First: approximately 10 years, 11 months, 4 weeks ago
- Last: Mon, 04 Sep 2006 12:16:46 -0700
Time From Harvest
To First Spam
Fastest: 4 hours, 9 mins, 12 secs
Slowest: 1 week, 2 days, 20 hours, 9 mins, 49 secs
Average: 3 days, 23 mins, 28 secs
Std Dev: 1 day, 19 hours, 14 mins, 40 secs

First Post On approximately 3 years, 9 months, 4 weeks ago
Last Post On within 3 years, 9 months, 4 weeks
Form Posts 32 web post submission(s) sent from this IP

Associated Mail Servers
186.159.23.219 | SD Colombia
190.234.105.240  Peru
85.55.155.4 | SD Spain
201.54.233.2 | SD Brazil
115.249.237.169 | SD India
210.103.138.2 | SD South Korea
2.146.97.183 | SD Iran
117.1.219.164 | D Vietnam
200.114.119.146 | SD Guatemala
116.254.102.161 | SD Indonesia
122.168.160.115 | S India
121.40.206.243 | S China
189.80.180.188 | SD Brazil
202.179.77.53 | SD India
200.101.102.83 | D Brazil
200.87.157.146 | SD Bolivia
85.9.86.105 | SD Iran
41.58.133.60 | S Nigeria
82.212.88.209 | SD Sweden
41.215.125.174 | SD Kenya
190.103.109.1 | S Colombia
109.83.16.227 | SD Saudi Arabia
148.240.180.90 | SD Mexico
179.228.161.58 | SD Brazil
178.17.30.71 | SD Serbia
187.1.175.122 | SD Brazil
190.102.62.154 | SD Panama
65.96.52.41 | H United States
41.209.73.63 | SD Sudan
213.91.159.201 | SD Bulgaria
117.90.206.129 | SD China
200.38.20.86 | SD Mexico
186.147.18.177 | SD Colombia
106.6.101.205 | S China
85.109.70.157 | SD Turkey
101.99.50.22 | SD Vietnam
77.29.193.187 | D Macedonia
181.143.129.154 | SD Colombia
190.25.144.103 | SD Colombia
103.10.208.6 | SD India
195.175.61.54 | SD Turkey
95.79.93.60  Russia
190.234.147.89 | SD Peru
2.90.133.3  Saudi Arabia
139.190.122.64 | S Pakistan
103.26.54.173 | SD India
190.141.45.58 | SD Panama
41.223.163.8  Sudan
175.110.250.102  Pakistan
94.176.26.162  Iran
117.6.133.48 | SD Vietnam
186.224.94.122 | SD Brazil
152.171.215.71 | S Argentina
190.40.74.65 | SD Peru
201.230.15.164 | SD Peru
41.224.245.201 | SD Tunisia
59.97.18.30 | SD India
64.32.94.166 | D Dominican Republic
148.102.18.9 | SD Peru
188.227.234.28  Palestine
182.75.243.42 | SD India
177.2.129.50 | SD Brazil
107.175.94.193 | S United States
190.129.14.134 | SD Bolivia
190.186.66.140 | D Bolivia
181.57.130.205 | SD Colombia
94.176.163.174 | W Romania
187.176.67.89 | SD Mexico
181.51.248.165 | SD Colombia
200.232.176.197 | SD Brazil
123.176.7.203 | SD Maldives
213.16.56.79 | SD Bulgaria
118.70.176.178 | SD Vietnam
62.150.168.194 | SD Kuwait
103.243.237.5 | SD India
IPs In The Neighborhood
208.66.194.154 | H United States
208.66.195.2 | H United States
208.66.195.3 | H United States
208.66.195.5 | H United States
208.66.195.6 | H United States
208.66.195.7 | H United States
208.66.195.8 | H United States
208.66.195.9 | H United States
208.66.195.10 | H United States
208.66.195.11 | H United States
208.66.195.15 | H United States
208.66.195.19 | H United States
208.66.195.20 | H United States
208.66.195.21 | H United States
208.66.195.22 | H United States
Sample Spam URLs & Keywords Posted From 208.66.195.4
Domain: www.buyawindows7key.com
URL: http://www.buyawindows7key.com
Keywords: ray bans fake
Domain: pinterest.com
URL: http://pinterest.com/fashionsw/isabel-marant-sneakers-collection-box/
Keywords: isabel marant sneakers
Domain: onlineisabelmarantsneakers.tripod.com
URL: http://onlineisabelmarantsneakers.tripod.com
Keywords: isabel marant
Domain: onlineisabelmarant.tripod.com
URL: http://onlineisabelmarant.tripod.com
Keywords: sneakers isabel marant
Domain: isabelmarantsneaker.webpin.com
URL: http://isabelmarantsneaker.webpin.com
Keywords: isabel marant sneakers
Domain: isabelmarants.tripod.com
URL: http://isabelmarants.tripod.com
Keywords: isabel marant
Domain: isabelmarantsneakersstore.tripod.com
URL: http://isabelmarantsneakersstore.tripod.com
Keywords: sneakers isabel marant
Domain: imgfave.com
URL: http://imgfave.com/isabelmarantstore
Keywords: isabel marant
Domain: imgfave.com
URL: http://imgfave.com/isabelmarantsneakersoutlet
Keywords: isabel marant sneakers
Domain: isabelmarantoutlet.polyvore.com
URL: http://isabelmarantoutlet.polyvore.com
Keywords: isabel marant
Domain: www.luuux.com
URL: http://www.luuux.com/fashion/isabel-marant-sneakers-online-store-70-isabel-marant-shoes-outlet-store
Keywords: isabel marant shoes
Domain: www.luuux.com
URL: http://www.luuux.com/fashion/buy-isabel-marant-sneakers-70-isabel-marant-shoes-outlet-store
Keywords: isabel marant
Domain: www.facebook.com
URL: https://www.facebook.com/pages/Cheap-oakley-sunglassescheap-Oakleys-outlet/590234567656523
Keywords: cheap oakley sunglasses
Domain: fakeoakleysunglasses.zuhah.com
URL: http://fakeoakleysunglasses.zuhah.com
Keywords: fake oakleys
Domain: isabelmarantsneaker.webpin.com
URL: http://isabelmarantsneaker.webpin.com
Keywords: fake oakleys
208.66.195.4's User Agent Strings
none/blank
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; TencentTraveler ; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727 ; .NET CLR 4.0.30319)
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:19.0) Gecko/20100101 Firefox/19.0
psycheclone
P.Hauser commented...
This log shows why you should block TWO criteria and not only one:

First approach as UA "psycheclone", which received 302:

208.66.195.2 [20/Jun/2006:17:37:55 +0200] "GET /robots.txt " 200 468 "-" "[same UA]"
208.66.195.2 [20/Jun/2006:17:37:58 +0200] "GET / " 302 214 "-" "[same UA]"
208.66.195.4 [22/Jun/2006] "[same UA]"
208.66.195.6 [26/Jun/2006] "[same UA]"
208.66.195.6 [27/Jun/2006] "[same UA]"
208.66.195.3 [28/Jun/2006] "[same UA]"
208.66.195.4 [01/Jul/2006] "[same UA]"
208.66.195.6 [01/Jul/2006] "[same UA]"
208.66.195.3 [12/Jul/2006] "[same UA]"

Changing UA from "psycheclone" to
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322)"
receiving 200:

208.66.195.9 [14/Jul/2006:00:42:50 +0200] "GET /robots.txt " 200 468 "-" "[same UA]"
208.66.195.9 [14/Jul/2006:00:43:20 +0200] "GET / " 200 66380 "-" "[same UA]"

208.66.195.5 [27/Jul/2006] "[same UA]"
[...]
208.66.195.5 [27/Jul/2006] "[same UA]"
208.66.195.10 [08/Aug/2006] "[same UA]"
[...]
208.66.195.10 [08/Aug/2006] "[same UA]"

First harvest with this UA:

208.66.195.10 [08/Aug/2006:12:53:09 +0200] "GET /robots.txt " 200 468 "-" "[same UA]"
[42 continued requests in 40 minutes / every minute one request]
208.66.195.10 [08/Aug/2006:13:24:20 +0200] "GET /[URL]&lang=cs " 200 68400 "-" "[same UA]"

208.66.195.19 [30/Aug/2006] [same UA]"
[...]
208.66.195.19 [30/Aug/2006] "[same UA]"

Second harvest with this UA:

208.66.195.22 [30/Aug/2006:10:45:54 +0200] "GET /robots.txt " 200 468 "-" "[same UA]"
[38 continued requests in 25 minutes / every minute one request, little faster]
208.66.195.22 [30/Aug/2006:11:07:09 +0200] "GET /[URL]&lang=es " 200 68965 "-" "[same UA]"

We stopped him:

208.66.195.9 [03/Sep/2006] "[same UA]"
[...]
208.66.195.9 [03/Sep/2006] "[same UA]"
208.66.195.7 [04/Sep/2006] "[same UA]"
[...]
208.66.195.7 [04/Sep/2006] "GET / " 302 214 "-" "[same UA]"
July 31 2007 07:26 PM

Page generated on: May 25 2017 04:46:56 AM
marcgrossman262@vbwebmail.com marcgrossman262@gmail.com derekgustafson625@gmail.com valeriegonzalez749@vbwebmail.com
do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | CloudFlare Site Protection | Contact Us

Copyright © 2004–17, Unspam Technologies, Inc. All rights reserved.

Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot

contact | wiki | email