IP Address Inspector

ATTENTION
  • This IP has not seen any suspicious activity within the last 3 months. This IP is most likely clean and trustworthy now. (This record will remain public for historical purposes, however.)

41.217.65.3

The Project Honey Pot system has detected behavior from the IP address consistent with that of a spam harvester, mail server and dictionary attacker. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.

Lookup IP In: Domain Tools | SpamHaus | Spamcop | SenderBase | Google Groups | Google

Geographic Location Nigeria
Harvester First Seen approximately 2 years, 4 months, 1 week ago
Harvester Last Seen within 1 year, 3 months, 4 weeks
Harvester Sightings 23 visit(s)
Harvester Results 0.304 messages per visit
7 message(s) resulting from harvests
- First: approximately 1 year, 5 months, 2 weeks ago
- Last: approximately 5 months, 5 weeks ago
4 email address(es) harvested
- First: approximately 1 year, 5 months, 3 weeks ago
- Last: Mon, 18 Oct 2010 22:39:44 -0700
First Received From approximately 2 years, 4 months, 5 weeks ago
Last Received From within 3 months, 3 weeks
Number Received 510 email(s) sent from this IP
Dictionary Attacks 160 email(s) sent from this IP
First Received From approximately 1 year, 5 months, 3 weeks ago
Last Received From within 3 months, 3 weeks
Associated Mail Servers
67.153.182.118 | SD
69.147.85.73 | S
203.79.71.220 
210.160.156.84 | SD
213.8.115.117 | S
219.232.251.56 | S
221.122.109.102 
Associated Harvesters
63.139.58.140 | H
64.170.211.130 | HSDC
69.47.138.244 | H
67.189.180.245 | HSC
64.71.167.60 | H
81.169.235.251 | HC
82.42.224.146 | HS
67.83.173.170 | H
212.107.116.240 | HSC
81.169.236.215 | HC
71.81.91.118 | H
189.128.115.2 | H
89.220.224.180 | HS
212.183.136.194 | H
216.40.222.66 | H
220.148.187.127 | H
208.66.195.8 | H
208.66.195.6 | H
67.19.114.226 | H
74.86.14.10 | H
72.16.235.231 | H
67.228.115.170 | H
207.172.125.35 | H
87.201.196.4 | HS
75.125.52.162 | H
74.86.249.98 | H
90.26.231.36 | H
216.40.222.50 | H
74.53.249.34 | HW
75.125.47.162 | HSDW
66.167.50.101 | H
74.114.16.62 | H
74.53.243.18 | HC
216.40.222.82 | HSD
74.86.209.74 | H
216.40.222.98 | H
85.167.144.135 | HS
70.84.212.114 | H
70.84.55.114 | HC
216.40.220.18 | H
209.160.32.70 | H
75.125.167.2 | H
216.12.207.226 | HC
208.53.147.136 | H
70.87.196.242 | H
209.160.64.178 | H
208.66.195.3 | H
208.66.195.2 | H
209.160.65.42 | H
67.168.185.62 | HSC
208.66.195.10 | H
70.85.172.170 | H
217.151.53.130 | HSD
62.193.27.251 | H
86.68.32.173 | H
74.54.110.194 | H
91.21.101.237 | H
216.40.220.34 | H
208.65.60.47 | H
208.66.195.4 | H
201.240.41.86 | HSD
201.79.93.166 | HS
75.125.52.146 | H
62.163.80.205 | H
208.53.147.89 | H
67.19.250.26 | H
66.246.252.117 | HSD
208.66.195.9 | H
75.125.194.178 | HW
80.4.77.175 | HS
71.32.55.97 | HS
75.125.52.98 | HS
74.124.192.3 | H
89.106.251.240 | HSC
208.101.44.3 | H
IPs In The Neighborhood
41.217.64.220
41.217.65.4 | HSD
41.217.65.5 | HSD
41.217.65.10 | HSD
41.217.65.11 | HSD
41.217.65.13 | HSDC
41.217.65.14 | HSD
41.217.65.113
41.217.65.3's User Agent Strings
Java/1.6.0_16
Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt; DTS Agent
Mozilla/4.0 (compatible; MSIE 6.0; Win32)
Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)
Mozilla/4.0 (compatible; MSIE 6.0; Windows 98) XX
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; GTB6.5; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30618; InfoPath.2; .NET4.0C)
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; FDM; .NET CLR 3.0.30618; .NET CLR 3.5.30729; AskTB5.3)
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.30618; .NET CLR 3.5.30729)
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2)
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6.5; InfoPath.2; .NET CLR 2.0.50727)
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.10) Gecko/20100914 AskTbBLT/3.9.1.14019 Firefox/3.6.10
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
Opera/9.80 (Windows NT 5.1; U; en) Presto/2.2.15 Version/10.10
Example Messages Sent From 41.217.65.3
From:
Subject: РАСС
From:
Subject: You have new mail from Olga
From:
Subject: Vegas kommt zu Ihnen nach Hause
From:
Subject: Jede Menge Spiele und Gewinne warten auf Sie
From:
Subject: Registrati per ricevere soldi per giocare.
From:
Subject: Meld je aan voor onze bonussen en wordt een grote
From:
Subject: Re: Fw: Windows 7, Office 2010, Adobe CS5 ...
From:
Subject: Fw: Windows 7, Office 2010, Adobe CS5 ...
From:
Subject: Re: Re: Re: Re: Re: Windows 7, Office 2010, Adobe
From:
Subject: Klik og spil
From:
Subject: Re: Fw: Re: Fw: Back to School Software Sale
From:
Subject: Re: Fw: Re: Fw: Back to School Software Sale
From:
Subject: Fangen Sie sofort an zu gewinnen mit unserem großz
From:
Subject: Re: Fw: hi
From:
Subject: Re: Re: Re: Re: Re: Canadian Health&Care Mall
From:
Subject: Fw: Re: Canadian Health&Care Mall
From:
Subject: Fw: Fw: Fw: Fw: Canadian Health&Care Mall
From:
Subject: Участки по
From:
Subject: Участки по
From:
Subject: Пряма аренда офисов -центр, д
From:
Subject: Недорого продаю землю в Помес
From:
Subject: Connecting Today's Global Businesses with Translat
From:
Subject: ACH Payment 2886104 Canceled
From:
Subject: ACH Payment 9140377 Canceled
From:
Subject: Площадка завода для ут
Example User Names Used By 41.217.65.3
User-name: 411
User-name: 46c97cb1.2050306
User-name: altken
User-name: bfu
User-name: b.hadanyelleprummage
User-name: buh
User-name: buhg
User-name: buhgalter
User-name: buhgalteria
User-name: bux
User-name: corvan.sala
User-name: desimone
User-name: dir
User-name: director
User-name: direktor
User-name: dplnbdhjdfcahfdj
User-name: emigrates
User-name: eppd
User-name: expert
User-name: fabrika
User-name: fin
User-name: finance
User-name: hr
User-name: iamjustsendingthisleter
User-name: ifjx
User-name: iindjsfafdkj
User-name: info
User-name: jandjfdafdjj
User-name: jandjfgafdvj
User-name: jandjfhafdvj
H.User7043 commented...
419 SpamScam with attachment from above IP, using IP 165.228.193.93 and IP 61.9.168.140 as relays:

Attn: Beneficiary, Ref: CBN/IRD/CBX/021/010

Attn: Beneficiary, Ref: CBN/IRD/CBX/021/010..eml (2KB)
October 22 2010 09:41 PM
H.User7043 commented...
419 SpamScam from above IP, using IP 216.177.143.252 as relay:

fedEX COURIER SERVICES"CONFIRMATION PARCEL READY"
FedEx West Africa Nigeria Head Office
70 International Airport Road
Mafoluku, Lagos.
Tel +234-7084-79-33-58
October 15 2010 01:21 AM
H.User7043 commented...
419 SpamScam from above IP, using IP 61.129.163.111 as relay:

ATTN: BENEFICIARY, ARE YOU AWARE OF THIS??
DR. SANUSI LAMIDO
EXECUTIVE GOVERNOR, CENTRAL BANK OF NIGERIA.
PHONE: +234-8167091890
PLZ REPLY VIA: customerservice11@w.cn
October 12 2010 08:11 PM
H.User7043 commented...
"Lottery" scam from above IP, using IP 195.202.149.114 as relay:

Congratulation**You**Won!
Contact Name:Mr. Kelvin COle
Email:ccfoundation@gmx.co.uk
Phone: (44) 7024-026-989
Fax: (44) 7006-077-271
October 10 2010 10:59 AM
H.User7043 commented...
"Rich Lady Dying" 419 SpamScam from above IP, using IP 68.91.240.169 as relay:

Greetings Dear Beloveth One
Mrs. Annika Roos Odette
Private Email: annikaroos@w.cn
October 03 2010 08:40 AM
B.Harris8 commented...
Spam Scam for IPADS, IPHONES and all other types of phones dealing with above IP, no relay. Had him talking for a while he listed the following info about company,
E-LECTRONICS LTD
Registered No. 06900881
UNIT 150, IMPERIAL COURT, EXCHANGE STREET EAST
LIVERPOOL, L2 3AB, UNITED KINGDOM
TELEPHONE : +44 (0) 702 405 2814 OR +44 (0) 702 401 4820

Contact: ALVIN MULLEN
EMAILS: e-lectronicsltd@windowslive.com
e-lectronicsltd@hotmail.co.uk
October 02 2010 12:46 PM
H.User7043 commented...
"Robert Mueller, FBI" SpamScam from above IP, using IP 58.68.145.51 as relay:

Contact Person: Rev. Anthony Fernandez
anthonyfernandez02@gala.net
October 01 2010 02:13 PM
Honey Pot System commented...
WHITELIST NOTICE: This IP has been whitelisted. Future bad activity will result in automatic removal.
September 21 2010 07:50 AM
Honey Pot System commented...
WHITELIST NOTICE: This IP has been marked to be included on Project Honey Pot whitelists. The whitelist is scheduled with a delay of 00:00:25. Documented reason for whitelist: Hit by a virus or trojan
September 21 2010 07:45 AM
H.User7043 commented...
"Rich Lady Dying" SpamScam from above IP, using IP 74.52.1.66 as relay:

DEAR BELOVED IN CHRIST
Mrs. Juliet Edwards
mrs.julietedwards@yahoo.fr
September 20 2010 08:09 PM
H.User7043 commented...
419 SpamScam from above IP, using IP 217.72.192.247 as relay and IP 217.72.195.143 as link in text:

Receive your MONEY **this is urgent and important**
FROM OFFICE OF THE WESTERN UNION MONEY TRANSFER.
THE XTREME
No 19 Holt Road Liverpool, L7 2PL, UK
+44-0800-612-2124
+44-703-187-6577
WEB site: www.westernunion.com
E-mail :  thextreems@aa.am
September 17 2010 09:54 AM
H.User7043 commented...
"Rich Lady Dying" SpamScam:

Dear Beloved,
Mrs. Wand Smith
wandsmith01@live.co.uk
September 14 2010 06:59 PM
H.User7043 commented...
419 SpamScam:

From: Mr.George Padmore
Tel/Fax: +44 7024041631
Tel: (+44) 7031942852
George Padmore (georgepadmore1@hanmail.net)
September 14 2010 03:11 PM
Honey Pot System commented...
WHITELIST NOTICE: This IP has been REMOVED from Project Honey Pot whitelists; bad activity was encountered.
September 12 2010 10:51 PM
Honey Pot System commented...
WHITELIST NOTICE: This IP has been whitelisted. Future bad activity will result in automatic removal.
September 09 2010 06:00 PM
Honey Pot System commented...
WHITELIST NOTICE: This IP has been marked to be included on Project Honey Pot whitelists. The whitelist is scheduled with a delay of 00:00:05. Documented reason for whitelist: Other
September 09 2010 05:57 PM
H.User7043 commented...
419 SpamScam from above IP, using IP 80.176.163.74 and 195.173.77.149 as relays:

URGENT INFORMATION::
Barrister Eedris Mohammed
mohammed.eedris@yahoo.com.hk
August 28 2010 07:56 PM
H.User7043 commented...
419 SpamScam using 3 Yahoo relays, 87.248.110.141, 217.146.182.178 and 87.248.110.55:

James Mulutu
mulutufamily@ymail.com
August 25 2010 08:56 AM
S.Alvarez commented...
41.217.65.3 jesicajohnson12@yahoo.com SCAMMER, FRAUDE ESTAFA ROMANTICA
July 04 2010 06:53 AM
U.Mickerts3 commented...
41.217.65.14 NIGERIA
arrived April 22,2010 with the address of (don_andrew50@yahoo.com) in a romance scam.
We have the complete header.
April 23 2010 03:44 AM
Page generated on: February 10 2012 11:15:24 PM

Please note: being listed on these pages does not necessarily mean an IP address, domain name, or any other information is owned by a spammer. For example, it may have been hijacked from its true owner and used by a spammer.

Want to keep this IP address off your website? Start taking advantage of http:BL.

If you are the owner of this IP address, you can whitelist it by connecting to this paged from the IP itself (or from an IP within /24). Alternatively, the IP will be auto excused after 90 days of no activity.

Twitter Button from twitbuttons.com


Follow projecthoneypot on Twitter

do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | CloudFlare Site Protection | Contact Us

Copyright © 2004–12, Unspam Technologies, Inc. All rights reserved.

Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot

contact | wiki | email