IP Address Inspector

ATTENTION
  • This IP has not seen any suspicious activity within the last 3 months. This IP is most likely clean and trustworthy now. (This record will remain public for historical purposes, however.)

74.53.249.34 Email Address Harvester

The Project Honey Pot system has detected behavior from the IP address consistent with that of a spam harvester and bad web host. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.

Lookup IP In: Domain Tools | SpamHaus | Spamcop | SenderBase | Google Groups | Google

Geographic Location United States United States

Harvester First Seen approximately 9 years, 9 months, 4 weeks ago
Harvester Last Seen within 9 years, 7 months, 2 weeks
Harvester Sightings 1,175 visit(s) to 462 honey pot(s)
Harvester Results 83091.023 messages per visit
97,631,952 message(s) resulting from harvests
- First: approximately 9 years, 9 months, 3 weeks ago
- Last: approximately 1 week ago
8,291 email address(es) harvested
- First: approximately 9 years, 9 months, 4 weeks ago
- Last: Wed, 12 Dec 2007 20:11:14 -0800
Time From Harvest
To First Spam
Fastest: 1 hour, 28 mins, 38 secs
Slowest: 1 month, 3 weeks, 3 days, 33 mins, 58 secs
Average: 5 days, 15 hours, 32 mins, 47 secs
Std Dev: 6 days, 12 hours, 56 mins, 17 secs

First Bad Host Appearance approximately 7 years, 2 months, 4 weeks ago
Last Bad Host Appearance within 7 years, 2 months, 3 weeks
Bad Host Appearances 16 appearance(s) in spam e-mail or spam post urls

Associated Mail Servers
1.0.4.22  Australia
1.0.128.129  Thailand
1.0.131.107  Thailand
1.0.133.44 | S Thailand
1.0.135.174 | S Thailand
1.0.140.64 | SD Thailand
1.0.163.101  Thailand
1.0.192.153  Thailand
1.0.201.48  Thailand
1.0.201.255  Thailand
1.0.211.30 | D Thailand
1.0.211.84 | S Thailand
1.0.230.156 | D Thailand
1.0.255.106  Thailand
1.1.128.113 | S Thailand
1.1.128.122 | S Thailand
1.1.128.190 | S Thailand
1.1.129.17  Thailand
1.1.129.53  Thailand
1.1.131.91 | SD Thailand
1.1.131.184 | S Thailand
1.1.135.57 | S Thailand
1.1.139.19  Thailand
1.1.142.34 | S Thailand
1.1.142.198 | D Thailand
1.1.142.226  Thailand
1.1.143.200  Thailand
1.1.143.210  Thailand
1.1.145.153  Thailand
1.1.146.120 | S Thailand
1.1.149.146  Thailand
1.1.150.162  Thailand
1.1.151.114  Thailand
1.1.153.211  Thailand
1.1.155.239 | S Thailand
1.1.156.84  Thailand
1.1.156.96  Thailand
1.1.160.118 | S Thailand
1.1.161.142 | S Thailand
1.1.165.61 | S Thailand
1.1.166.198 | S Thailand
1.1.169.10  Thailand
1.1.171.10  Thailand
1.1.182.97  Thailand
1.1.182.186  Thailand
1.1.188.122 | S Thailand
1.1.188.238  Thailand
1.1.191.42  Thailand
1.1.195.207  Thailand
1.1.199.44  Thailand
1.1.200.1 | S Thailand
1.1.200.7 | SD Thailand
1.1.201.134  Thailand
1.1.218.92  Thailand
1.1.221.242 | S Thailand
1.1.223.74  Thailand
1.1.224.74  Thailand
1.1.230.199  Thailand
1.1.235.97  Thailand
1.1.236.131 | S Thailand
1.1.236.135  Thailand
1.1.237.201 | S Thailand
1.1.245.71 | S Thailand
1.1.246.242  Thailand
1.1.250.189 | S Thailand
1.1.252.36 | S Thailand
1.1.255.53  Thailand
1.2.118.13 | S China
1.2.150.190  Thailand
1.2.166.56 | S Thailand
1.2.169.154 | SD Thailand
1.2.186.10 | S Thailand
1.2.186.136  Thailand
1.2.186.216  Thailand
1.2.196.181 | D Thailand
IPs In The Neighborhood
74.53.248.88 United States
74.53.248.89 United States
74.53.248.91 | W United States
74.53.248.93 | W United States
74.53.248.146 United States
74.53.248.150 United States
74.53.248.194 | W United States
74.53.248.227 United States
74.53.248.228 United States
74.53.248.229 United States
74.53.248.230 | W United States
74.53.248.242 | C United States
74.53.248.250 | C United States
74.53.249.2 United States
74.53.249.10 United States
74.53.249.13 United States
74.53.249.18 United States
74.53.249.33 United States
74.53.249.58 | SD United States
74.53.249.130 United States
74.53.249.146 United States
74.53.249.178 | H United States
74.53.249.194 United States
74.53.249.242 United States
74.53.250.2 | S United States
74.53.249.34's User Agent Strings
Mozilla/5.0 (compatible; Gigamega.bot/1.0; +http://www.gigamega.net/bot.html)
Mozilla/5.0 (compatible; LiteFinder/1.0; +http://www.litefinder.net/about.html)
A.Haider commented...
I HAD TO BLOCK THE IP RANGE IN ORDER TO CALM DOWN MY SECURITY SCRIPTS.
December 15 2009 02:55 PM

A.Haider commented...
REMOTE_ADDR: 74.53.3.132
HTTP_X_FORWARDED_FOR:
HTTP_CLIENT_IP:
SCRIPT_FILENAME: /home/xxxxxco/public_html/xxxx.com/index.php
QUERY_STRING: bx_photos_mode=top&tags_mode=bx_store&albumType=bx_photos&page={page}&per_page={per_page}
REQUEST_URI: /index.php?bx_photos_mode=top&tags_mode=bx_store&albumType=bx_photos&page={page}&per_page={per_page}
QUERY_STRING: bx_photos_mode=top&tags_mode=bx_store&albumType=bx_photos&page={page}&per_page={per_page}
SCRIPT_NAME: /index.php
PHP_SELF: /index.php
December 15 2009 02:53 PM

A.Haider commented...
RECEIVED THIS FROM THE SAME HOST AS MENTIONED IN YOUR REPORT JUST A COUPLE OF DAYS AGO. I CAN'T HELP TO SUSPECT THE HOST TO BE DIRECTLY INVOLVED AFTER READING THIS. THEY MAY HAVE SWITCHED FROM HARVESTING TO ATTACKS AND BREAKING INTO COMPUTERS.

Total impact: 36
Affected tags: xss, csrf, id, rfe, sqli, lfi

Variable: REQUEST.CFGLOBALS | Value: urltoken=CFID#=3548901&CFTOKEN#=c13c2e61784f8de-651F72E6-F2D6-72E4-516A6DFF96A23908&jsessionid#=6e307f32aed41b75522c#lastvisit={ts \'2009-12-06 13:01:46\'}#timecreated={ts \'2009-12-06 12:54:46\'}#hitcount=16#cftoken=c13c2e61784f8de-651F72E6-F2D6-72E4-516A6DFF96A23908#cfid=3548901#
Impact: 18 | Tags: xss, csrf, id, rfe, sqli, lfi
Description: Detects JavaScript location/document property access and window access obfuscation | Tags: xss, csrf | ID: 23
Description: Detects common XSS concatenation patterns 2/2 | Tags: xss, csrf, id, rfe | ID: 31
Description: Detects common comment types | Tags: xss, csrf, id | ID: 35
Description: Detects classic SQL injection probings 2/2 | Tags: sqli, id, lfi | ID: 43

Variable: COOKIE.CFGLOBALS | Value: urltoken=CFID#=3548901&CFTOKEN#=c13c2e61784f8de-651F72E6-F2D6-72E4-516A6DFF96A23908&jsessionid#=6e307f32aed41b75522c#lastvisit={ts \'2009-12-06 13:01:46\'}#timecreated={ts \'2009-12-06 12:54:46\'}#hitcount=16#cftoken=c13c2e61784f8de-651F72E6-F2D6-72E4-516A6DFF96A23908#cfid=3548901#
Impact: 18 | Tags: xss, csrf, id, rfe, sqli, lfi
Description: Detects JavaScript location/document property access and window access obfuscation | Tags: xss, csrf | ID: 23
Description: Detects common XSS concatenation patterns 2/2 | Tags: xss, csrf, id, rfe | ID: 31
Description: Detects common comment types | Tags: xss, csrf, id | ID: 35
Description: Detects classic SQL injection probings 2/2 | Tags: sqli, id, lfi | ID: 43
Centrifuge detection data Threshold: 3.49 Ratio: 3.2307692307692
December 15 2009 02:52 PM

P.Hauser commented...
The following IP addresses so far were identified as originating from LiteFinder.net effective to the current date:

60.190.240.73 - HANGZHOU-AIDISI-LTD China
67.19.114.226 w103.networkharmony.com NETBLK-THEPLANET-BLK-11 USA - Texas
67.19.250.26 1a.fa.1343.static.theplanet.com NETBLK-THEPLANET-BLK-11 USA - Texas
70.84.212.114 72.d4.5446.static.theplanet.com NETBLK-THEPLANET-BLK-13 USA - Texas
70.85.113.242 f2.71.5546.static.theplanet.com NETBLK-THEPLANET-BLK-13 USA - Texas
74.53.249.34 22.f9.354a.static.theplanet.com NETBLK-THEPLANET-BLK-14 USA - Texas
74.86.14.10 atsconnect.net SOFTLAYER-4-4 USA - Texas
74.86.209.74 templatestill.com SOFTLAYER-4-4 USA - Texas
74.86.249.98 westhoste.net SOFTLAYER-4-4 USA - Texas
75.125.18.178 ev1s-75-125-18-178.ev1servers.net EVRY-BLK-17
75.125.47.162 ev1s-75-125-47-162.ev1servers.net EVRY-BLK-17
208.101.44.3 mybluewine.net SOFTLAYER-4-2 USA - Texas
216.40.222.50 ev1s-216-40-222-50.ev1servers.net EVRY-BLK-6 USA - Texas
216.40.222.66 ev1s-216-40-222-66.ev1servers.net EVRY-BLK-6 USA - Texas
216.40.222.98 ev1s-216-40-222-98.ev1servers.net EVRY-BLK-6 USA - Texas

LiteFinder.net-IPs might be subject to change, so eventually check back here individually.
December 06 2007 12:01 PM

K.Brott commented...
This IP [74.53.249.34] hit a non-displaying CGI trap-generator multiple times on several virtual websites between 2007-10-08 19:42:46 GMT-0700 and 007-10-08 22:44:01 GMT-0700.

The CGI trap-generator issued unique email addresses in the web-content that were buried in the html source and not displayed by any rendering method.

Since generation - 27 attempts from 24 unique IP's have been made to deliver email to the generated addresses, and all but one of the attempts have been from dynamic IP's all over the world.

Mail delivery attempts to the generated addresses were from:
123.sub-70-197-230.myvzw.com [70.197.230.123]
166-82-24-122.quickclick.ctc.net [166.82.24.122]
175-1.202-68.tampabay.res.rr.com [68.202.1.175]
183.201.223.87.dynamic.jazztel.es [87.223.201.183]
201-92-71-143.dsl.telesp.net.br [201.92.71.143]
20179151247.user.veloxzone.com.br [201.79.151.247]
213-63-57-243.dsl.net.artelecom.pt [213.63.57.243]
224.66.kostroma.ptl.ru [88.86.66.224]
79-73-213-26.dynamic.dsl.as9105.com [79.73.213.26]
82-47-210-159.cable.ubr09.brad.blueyonder.co.uk [82.47.210.159]
BSN-61-120-61.dial-up.dsl.siol.net [86.61.120.61]
CPE-69-76-139-97.kc.res.rr.com [69.76.139.97]
CPE00022ab6538f-CM0090834c2c33.cpe.net.cable.rogers.com [205.251.186.63]
HSI-KBW-085-216-045-251.hsi.kabelbw.de [85.216.45.251]
Ks-Kalinka.66.quantum.ru [88.86.66.224]
[206.51.150.66]
[41.221.16.42]
agypools1.nationwide.com [155.188.254.1]
c-65-96-225-88.hsd1.ma.comcast.net [65.96.225.88]
c951ab04.virtua.com.br [201.81.171.4]
dsl88-229-64447.ttnet.net.tr [88.229.251.191]
host-41.233.159.251.tedata.net [41.233.159.251]
host-88-87-241-244.net-tv.hu [88.87.241.244]
nat7.mnc.pl [193.151.114.17]
November 21 2007 12:54 PM

Page generated on: July 27 2017 01:33:03 PM
byronaldrich156@vbwebmail.com laracarson821@vbwebmail.com rubensaldana808@vbwebmail.com sonyajewell962@vbwebmail.com
do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–17, Unspam Technologies, Inc. All rights reserved.

Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot

contact | wiki | email