IP Address Inspector

ATTENTION
  • This IP has not seen any suspicious activity within the last 3 months. This IP is most likely clean and trustworthy now. (This record will remain public for historical purposes, however.)

74.53.249.34 Email Address Harvester

The Project Honey Pot system has detected behavior from the IP address consistent with that of a spam harvester and bad web host. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.

Lookup IP In: Domain Tools | SpamHaus | Spamcop | SenderBase | Google Groups | Google

Geographic Location United States United States

Harvester First Seen approximately 16 years, 5 months, 3 weeks ago
Harvester Last Seen within 16 years, 3 months, 2 weeks
Harvester Sightings 1,175 visit(s) to 462 honey pot(s)
Harvester Results 94919.805 messages per visit
111,530,771 message(s) resulting from harvests
- First: approximately 16 years, 5 months, 3 weeks ago
- Last: approximately 1 week ago
8,291 email address(es) harvested
- First: approximately 16 years, 5 months, 3 weeks ago
- Last: Wed, 12 Dec 2007 23:11:14 -0500
Time From Harvest
To First Spam
Fastest: 1 hour, 28 mins, 38 secs
Slowest: 1 month, 3 weeks, 3 days, 33 mins, 58 secs
Average: 5 days, 15 hours, 32 mins, 47 secs
Std Dev: 6 days, 12 hours, 56 mins, 17 secs

First Bad Host Appearance approximately 13 years, 10 months, 2 weeks ago
Last Bad Host Appearance within 13 years, 10 months, 1 week
Bad Host Appearances 16 appearance(s) in spam e-mail or spam post urls

Associated Mail Servers
1.0.4.22  Australia
1.0.128.15  Thailand
1.0.128.129  Thailand
1.0.128.131  Thailand
1.0.131.107  Thailand
1.0.133.44 | S Thailand
1.0.135.174 | S Thailand
1.0.140.64 | SD Thailand
1.0.143.92 | S Thailand
1.0.163.101  Thailand
1.0.164.209  Thailand
1.0.186.234  Thailand
1.0.192.153  Thailand
1.0.201.48  Thailand
1.0.201.255  Thailand
1.0.205.232  Thailand
1.0.207.126  Thailand
1.0.211.30 | D Thailand
1.0.211.84 | S Thailand
1.0.211.232 | S Unknown
1.0.214.213  Unknown
1.0.230.156 | D Thailand
1.0.239.130  Thailand
1.0.240.225  Thailand
1.0.249.58  Thailand
1.0.251.206  Thailand
1.0.253.140  Thailand
1.0.255.106  Thailand
1.1.81.76 | D Japan
1.1.93.98 | S Japan
1.1.128.113 | S Thailand
1.1.128.122 | S Thailand
1.1.128.178  Thailand
1.1.128.190 | S Thailand
1.1.129.17  Thailand
1.1.129.53  Thailand
1.1.131.91 | SD Thailand
1.1.131.184 | S Thailand
1.1.133.227  Thailand
1.1.133.230  Thailand
1.1.135.57 | S Thailand
1.1.139.19  Thailand
1.1.142.34 | S Thailand
1.1.142.198 | D Thailand
1.1.142.226  Thailand
1.1.143.200  Thailand
1.1.143.210  Thailand
1.1.145.153  Thailand
1.1.145.236  Thailand
1.1.146.120 | S Thailand
1.1.149.146  Thailand
1.1.150.162  Thailand
1.1.151.114  Thailand
1.1.153.211  Thailand
1.1.155.239 | S Thailand
1.1.156.84  Thailand
1.1.156.96  Thailand
1.1.160.118 | S Thailand
1.1.161.142 | S Thailand
1.1.163.81  Unknown
1.1.165.61 | S Thailand
1.1.166.82  Unknown
1.1.166.198 | S Thailand
1.1.169.10  Thailand
1.1.171.10  Thailand
1.1.171.76 | S Thailand
1.1.171.153  Thailand
1.1.174.4  Thailand
1.1.182.97 | C Thailand
1.1.182.117  Thailand
1.1.182.186  Thailand
1.1.185.105  Thailand
1.1.188.122 | S Thailand
1.1.188.238  Thailand
1.1.191.42  Thailand
IPs In The Neighborhood
74.53.248.88 United States
74.53.248.89 United States
74.53.248.91 | W United States
74.53.248.93 | W United States
74.53.248.146 United States
74.53.248.150 United States
74.53.248.194 | W United States
74.53.248.227 United States
74.53.248.228 United States
74.53.248.229 United States
74.53.248.230 | W United States
74.53.248.242 | C United States
74.53.248.250 | C United States
74.53.249.2 United States
74.53.249.3 United States
74.53.249.10 United States
74.53.249.13 United States
74.53.249.18 United States
74.53.249.33 United States
74.53.249.58 | SD United States
74.53.249.130 United States
74.53.249.146 United States
74.53.249.178 | H United States
74.53.249.194 United States
74.53.249.242 United States
74.53.250.2 | S United States
74.53.249.34's User Agent Strings
Mozilla/5.0 (compatible; Gigamega.bot/1.0; +http://www.gigamega.net/bot.html)
Mozilla/5.0 (compatible; LiteFinder/1.0; +http://www.litefinder.net/about.html)
A.Haider commented...
I HAD TO BLOCK THE IP RANGE IN ORDER TO CALM DOWN MY SECURITY SCRIPTS.
December 15 2009 05:55 PM

A.Haider commented...
REMOTE_ADDR: 74.53.3.132
HTTP_X_FORWARDED_FOR:
HTTP_CLIENT_IP:
SCRIPT_FILENAME: /home/xxxxxco/public_html/xxxx.com/index.php
QUERY_STRING: bx_photos_mode=top&tags_mode=bx_store&albumType=bx_photos&page={page}&per_page={per_page}
REQUEST_URI: /index.php?bx_photos_mode=top&tags_mode=bx_store&albumType=bx_photos&page={page}&per_page={per_page}
QUERY_STRING: bx_photos_mode=top&tags_mode=bx_store&albumType=bx_photos&page={page}&per_page={per_page}
SCRIPT_NAME: /index.php
PHP_SELF: /index.php
December 15 2009 05:53 PM

A.Haider commented...
RECEIVED THIS FROM THE SAME HOST AS MENTIONED IN YOUR REPORT JUST A COUPLE OF DAYS AGO. I CAN'T HELP TO SUSPECT THE HOST TO BE DIRECTLY INVOLVED AFTER READING THIS. THEY MAY HAVE SWITCHED FROM HARVESTING TO ATTACKS AND BREAKING INTO COMPUTERS.

Total impact: 36
Affected tags: xss, csrf, id, rfe, sqli, lfi

Variable: REQUEST.CFGLOBALS | Value: urltoken=CFID#=3548901&CFTOKEN#=c13c2e61784f8de-651F72E6-F2D6-72E4-516A6DFF96A23908&jsessionid#=6e307f32aed41b75522c#lastvisit={ts \'2009-12-06 13:01:46\'}#timecreated={ts \'2009-12-06 12:54:46\'}#hitcount=16#cftoken=c13c2e61784f8de-651F72E6-F2D6-72E4-516A6DFF96A23908#cfid=3548901#
Impact: 18 | Tags: xss, csrf, id, rfe, sqli, lfi
Description: Detects JavaScript location/document property access and window access obfuscation | Tags: xss, csrf | ID: 23
Description: Detects common XSS concatenation patterns 2/2 | Tags: xss, csrf, id, rfe | ID: 31
Description: Detects common comment types | Tags: xss, csrf, id | ID: 35
Description: Detects classic SQL injection probings 2/2 | Tags: sqli, id, lfi | ID: 43

Variable: COOKIE.CFGLOBALS | Value: urltoken=CFID#=3548901&CFTOKEN#=c13c2e61784f8de-651F72E6-F2D6-72E4-516A6DFF96A23908&jsessionid#=6e307f32aed41b75522c#lastvisit={ts \'2009-12-06 13:01:46\'}#timecreated={ts \'2009-12-06 12:54:46\'}#hitcount=16#cftoken=c13c2e61784f8de-651F72E6-F2D6-72E4-516A6DFF96A23908#cfid=3548901#
Impact: 18 | Tags: xss, csrf, id, rfe, sqli, lfi
Description: Detects JavaScript location/document property access and window access obfuscation | Tags: xss, csrf | ID: 23
Description: Detects common XSS concatenation patterns 2/2 | Tags: xss, csrf, id, rfe | ID: 31
Description: Detects common comment types | Tags: xss, csrf, id | ID: 35
Description: Detects classic SQL injection probings 2/2 | Tags: sqli, id, lfi | ID: 43
Centrifuge detection data Threshold: 3.49 Ratio: 3.2307692307692
December 15 2009 05:52 PM

P.Hauser commented...
The following IP addresses so far were identified as originating from LiteFinder.net effective to the current date:

60.190.240.73 - HANGZHOU-AIDISI-LTD China
67.19.114.226 w103.networkharmony.com NETBLK-THEPLANET-BLK-11 USA - Texas
67.19.250.26 1a.fa.1343.static.theplanet.com NETBLK-THEPLANET-BLK-11 USA - Texas
70.84.212.114 72.d4.5446.static.theplanet.com NETBLK-THEPLANET-BLK-13 USA - Texas
70.85.113.242 f2.71.5546.static.theplanet.com NETBLK-THEPLANET-BLK-13 USA - Texas
74.53.249.34 22.f9.354a.static.theplanet.com NETBLK-THEPLANET-BLK-14 USA - Texas
74.86.14.10 atsconnect.net SOFTLAYER-4-4 USA - Texas
74.86.209.74 templatestill.com SOFTLAYER-4-4 USA - Texas
74.86.249.98 westhoste.net SOFTLAYER-4-4 USA - Texas
75.125.18.178 ev1s-75-125-18-178.ev1servers.net EVRY-BLK-17
75.125.47.162 ev1s-75-125-47-162.ev1servers.net EVRY-BLK-17
208.101.44.3 mybluewine.net SOFTLAYER-4-2 USA - Texas
216.40.222.50 ev1s-216-40-222-50.ev1servers.net EVRY-BLK-6 USA - Texas
216.40.222.66 ev1s-216-40-222-66.ev1servers.net EVRY-BLK-6 USA - Texas
216.40.222.98 ev1s-216-40-222-98.ev1servers.net EVRY-BLK-6 USA - Texas

LiteFinder.net-IPs might be subject to change, so eventually check back here individually.
December 06 2007 03:01 PM

K.Brott commented...
This IP [74.53.249.34] hit a non-displaying CGI trap-generator multiple times on several virtual websites between 2007-10-08 19:42:46 GMT-0700 and 007-10-08 22:44:01 GMT-0700.

The CGI trap-generator issued unique email addresses in the web-content that were buried in the html source and not displayed by any rendering method.

Since generation - 27 attempts from 24 unique IP's have been made to deliver email to the generated addresses, and all but one of the attempts have been from dynamic IP's all over the world.

Mail delivery attempts to the generated addresses were from:
123.sub-70-197-230.myvzw.com [70.197.230.123]
166-82-24-122.quickclick.ctc.net [166.82.24.122]
175-1.202-68.tampabay.res.rr.com [68.202.1.175]
183.201.223.87.dynamic.jazztel.es [87.223.201.183]
201-92-71-143.dsl.telesp.net.br [201.92.71.143]
20179151247.user.veloxzone.com.br [201.79.151.247]
213-63-57-243.dsl.net.artelecom.pt [213.63.57.243]
224.66.kostroma.ptl.ru [88.86.66.224]
79-73-213-26.dynamic.dsl.as9105.com [79.73.213.26]
82-47-210-159.cable.ubr09.brad.blueyonder.co.uk [82.47.210.159]
BSN-61-120-61.dial-up.dsl.siol.net [86.61.120.61]
CPE-69-76-139-97.kc.res.rr.com [69.76.139.97]
CPE00022ab6538f-CM0090834c2c33.cpe.net.cable.rogers.com [205.251.186.63]
HSI-KBW-085-216-045-251.hsi.kabelbw.de [85.216.45.251]
Ks-Kalinka.66.quantum.ru [88.86.66.224]
[206.51.150.66]
[41.221.16.42]
agypools1.nationwide.com [155.188.254.1]
c-65-96-225-88.hsd1.ma.comcast.net [65.96.225.88]
c951ab04.virtua.com.br [201.81.171.4]
dsl88-229-64447.ttnet.net.tr [88.229.251.191]
host-41.233.159.251.tedata.net [41.233.159.251]
host-88-87-241-244.net-tv.hu [88.87.241.244]
nat7.mnc.pl [193.151.114.17]
November 21 2007 03:54 PM

Page generated on: March 19 2024 03:24:33 AM
beatrizschulz962@gmail.com derekgustafson625@vbwebmail.com brittneybradley984@outlook.com robertkern881@outlook.com
do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–24, Unspam Technologies, Inc. All rights reserved.

Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot

contact | wiki | email