IP Address Inspector

80.12.242.94

The Project Honey Pot system has detected behavior from the IP address consistent with that of a mail server and dictionary attacker. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.

Lookup IP In: Domain Tools | SpamHaus | OpenRBL | Spamcop | SenderBase | Google Groups | Google

Geographic Location France (Ile-de-France)
First Received From approximately 1 year, 5 months, 5 weeks ago
Last Received From within 1 week
Number Received 226 email(s) sent from this IP
Dictionary Attacks 47 email(s) sent from this IP
First Received From approximately 1 year, 6 months, 1 week ago
Last Received From within 4 weeks
Associated Harvesters
208.101.45.18 | H
74.86.249.98 | H
66.117.11.146 | H
208.53.147.136 | H
74.86.14.10 | H
216.40.222.66 | H
67.228.115.170 | H
80.7.54.12 | HS
74.12.51.196 | H
208.66.195.3 | H
207.112.92.40 | H
74.213.10.195 | H
87.106.190.77 | H
208.66.195.2 | H
208.66.195.10 | H
58.186.176.104 | HS
208.66.195.11 | H
81.83.108.53 | H
81.51.64.65 | H
217.147.41.147 | H
209.160.32.68 | HS
208.66.195.6 | H
68.153.231.234 | H
89.38.146.182 | H
90.1.47.67 | H
62.163.70.248 | H
41.249.3.96 | HS
62.162.198.21 | H
63.223.10.102 | H
64.15.139.33 | H
64.52.8.74 | HS
64.71.167.60 | H
64.229.238.97 | H
64.231.156.152 | H
64.231.158.27 | H
64.231.230.4 | H
64.231.230.233 | H
65.92.122.214 | H
65.93.202.114 | H
65.216.53.149 | H
66.90.101.55 | H
66.90.101.75 | H
66.148.67.103 | H
66.199.236.50 | H
67.19.114.226 | H
67.19.136.180 | H
67.19.250.26 | H
68.161.228.131 | H
68.179.9.145 | HS
68.226.72.159 | H
69.47.173.224 | H
69.50.208.24 | H
70.50.190.123 | H
70.84.228.106 | H
70.86.78.226 | H
70.87.196.242 | H
72.240.145.209 | H
74.12.41.117 | H
74.12.41.170 | H
74.12.44.182 | H
74.12.50.22 | H
74.12.54.99 | H
74.12.54.158 | H
74.12.56.108 | H
74.12.59.224 | H
74.12.63.115 | H
74.14.54.29 | H
74.86.209.74 | H
74.208.12.226 | H
75.19.75.49 | H
75.125.18.178 | H
75.125.47.162 | H
75.125.52.66 | H
75.125.52.98 | H
75.125.52.146 | H
IPs In The Neighborhood
80.12.242.1 | SD
80.12.242.17 | SD
80.12.242.18 | SD
80.12.242.19 | SD
80.12.242.26 | SD
80.12.242.27 | SD
80.12.242.30 | S
80.12.242.46 | SD
80.12.242.47 | SD
80.12.242.48 | SD
80.12.242.49 | SD
80.12.242.50 | SD
80.12.242.95 | SD
80.12.242.96 | SD
80.12.242.97 | SD
80.12.242.99 | SD
80.12.242.100 | SD
80.12.242.101 | SD
80.12.242.111 | SD
80.12.242.112 | SD
80.12.242.113 | SD
80.12.242.138 | SD
80.12.242.139 | SD
80.12.242.140 | SD
80.12.242.144 | SD
80.12.242.145 | SD
80.12.242.146 | SD
80.12.242.150 | SD
80.12.242.151 | SD
80.12.242.152 | SD
80.12.242.153 | S
80.12.242.154 | S
80.12.242.155 | S
80.12.242.163 | SD
80.12.242.219 | D
Example Messages Sent From 80.12.242.94
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
From:
Subject: Re:
Example User Names Used By 80.12.242.94
User-name: admin
User-name: brusov
User-name: contact
User-name: design
User-name: hiser
User-name: info
User-name: mail
User-name: marquettallorens
User-name: post
User-name: postmaster
User-name: sale
User-name: sales
User-name: support
User-name: webmaster
User-name: phenetid_2001
User-name: patented_2001
User-name: seatmosphericlynsey
User-name: nkalona_f_abrams
User-name: trcharisse.n.thiesse
User-name: rfbruna_a_koepf
User-name: esgillian.chetram
User-name: seaudria_f_helfert
User-name: troutcomefixedwing16
User-name: kimadetoorderparameter02
User-name: kifreddiehurt
User-name: mossbunk_2002
User-name: qadrien.whalen
User-name: nkeligiblemontan
User-name: sefinedrawngathering25
User-name: esarielle_e_hansch
P.Hauser commented...
Received some "Russian Bride" SPAM from this IP. Here's the header of this advanced payment fraud crap:

Return-Path: info@1800387save.com
Received: from xx (xx)
by xx with LMTP; Wed, 19 Sep 2007 21:06:27 +0200
Received: from smtp27.orange.fr ([80.12.242.94]) by xx
with esmtp id 1IY4sJ-0puOPY0; Wed, 19 Sep 2007 21:06:15 +0200
Received: from me-wanadoo.net (localhost [127.0.0.1])
by mwinf2702.orange.fr (SMTP Server) with ESMTP id EBB731C000AE
for xx@xx; Wed, 19 Sep 2007 21:06:14 +0200 (CEST)
Received: from [192.168.11.2] (LAubervilliers-151-11-53-125.w193-251.abo.wanadoo.fr [193.251.89.125])
by mwinf2702.orange.fr (SMTP Server) with SMTP id 2F2A51C000AF;
Wed, 19 Sep 2007 21:06:13 +0200 (CEST)
From: "=?windows-1251?"Juli P." info@1800387save.com
To: pfoser@same target domain, pfotenh@same target domain,
pfreisen@same target domain, pfuhl.rhenke@same target domain,
p-gerhard@same target domain, pgeuther@same target domain,
pg-grafschaft@same target domain, p-goebbels@same target domain,
pgoldreich@same target domain, pgries@same target domain,
pgrigori@same target domain, ph.mirko-weber@same target domain,
phantom-@same target domain, phantom1400@same target domain
Subject: =?windows-1251?Remember me?
Date: Wed, 19 Sep 2007 21:13:46 +0200
September 19 2007 05:08 PM
P.Hauser commented...
Here's the body of this advanced payment fraud crap:

Aloha, my dear friend

It is the first time in my life that I joined such a site, probably because
I believe in my lucky star. Sometimes things at home don't work out the way
you want and so it is hard to find your soul mate. I have not joined the
site to find sex only. Nowadays sex is easy to find anywhere.
I have joined the site looking for a nice man, who can stand as a man at my
side and knows when and how to be a man. A man to whom I will give myself
completely and he will give himself to me completely, a man, with whom I
will share my life. You might be the one! At least I indeed hope so. I am
not into this to play any kind of games. That is why I am waiting for you
at http://russianbridelive.cn/?idAff=101 to get acquainted better
and to continue from a good friendship to passionate love and creating a family.
Please don't make me wait too long for our happiness.

So long
Juliya P
September 19 2007 05:07 PM
P.Hauser commented...
None of the harvesters or neighbors can be confirmed from here. Hostname russianbridelive.cn is registered through whois.cnnic.net.cn

Domain Name: russianbridelive.cn
ROID: 20070906s10001s67585726-cn
Domain Status: ok
Registrant Organization: dm
Registrant Name: MorozovaNatali
Administrative Email: smodels@Phreaker.net
Sponsoring Registrar: 厦门华商盛世网络有限公司
Name Server:ns3.cnmsn.com
Name Server:ns4.cnmsn.com
Registration Date: 2007-09-06 03:04
Expiration Date: 2008-09-06 03:04

Following IPs in this range are blacklisted at backscatterer.org:

80.12.242.1, 80.12.242.100, 80.12.242.101, 80.12.242.111, 80.12.242.112, 80.12.242.113, 80.12.242.138, 80.12.242.139, 80.12.242.140, 80.12.242.150, 80.12.242.151, 80.12.242.152, 80.12.242.163, 80.12.242.17, 80.12.242.18, 80.12.242.26, 80.12.242.27, 80.12.242.46, 80.12.242.47, 80.12.242.48, 80.12.242.49, 80.12.242.50, 80.12.242.94, 80.12.242.95, 80.12.242.96, 80.12.242.97, 80.12.242.99

For backscatterer please check http://www.backscatterer.org/?target=backscatter
September 19 2007 05:07 PM
Page generated on: December 03 2008 12:21:20 AM

Please note: being listed on these pages does not necessarily mean an IP address, domain name, or any other information is owned by a spammer. For example, it may have been hijacked from its true owner and used by a spammer.

do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Contact Us

Copyright © 2004–08, Unspam Technologies, Inc. All rights reserved.

Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot

MITS