IP Address Inspector

81.169.144.135

The Project Honey Pot system has detected behavior from the IP address consistent with that of a spam harvester, comment spammer and rule breaker. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.

Geographic Location	Germany

Harvester First Seen	approximately 11 years, 2 months, 5 weeks ago
Harvester Last Seen	within 1 week
Harvester Sightings	1,750 visit(s)
Harvester Results	2.534 messages per visit 4,434 message(s) resulting from harvests - First: approximately 10 years, 10 months, 3 weeks ago - Last: approximately 2 years, 9 months, 4 weeks ago 1 email address(es) harvested - First: approximately 10 years, 10 months, 4 weeks ago - Last: Fri, 02 Nov 2012 13:49:28 -0400

First Post On	approximately 8 years, 5 months, 1 week ago
Last Post On	within 7 years, 11 months, 1 week
Form Posts	3 web post submission(s) sent from this IP

First Rule-Break On	approximately 9 years, 11 months, 2 weeks ago
Last Rule-Break On	within 9 years, 8 months, 2 weeks
Rule Breaks	2 web page navigation rule(s) broken by this IP

Associated Mail Servers
1.22.173.19 \| H
1.29.115.163 \| SD
1.34.120.197 \| SDC
1.55.241.4 \| SDC
1.58.237.59 \| SD
1.160.4.67
1.160.160.236 \| H
1.161.154.89 \| H
1.163.24.247
1.163.32.225
1.164.146.178
1.164.147.80
1.164.150.8
1.165.196.128
1.186.63.133 \| SDC
1.212.157.115 \| SD
1.215.162.195 \| SD
1.217.24.139 \| SD
1.223.248.99 \| SD
2.93.95.171 \| SD
2.179.67.9 \| SDC
2.179.171.94
2.185.215.6 \| SD
2.234.226.32 \| SD
5.0.112.155
5.8.207.50 \| SDC
5.16.3.222 \| SD
5.16.12.30 \| SDC
5.20.196.90 \| SDC
5.34.161.15
5.35.41.139 \| SD
5.57.35.6 \| SDC
5.58.58.119 \| SD
5.59.136.226 \| SD
5.59.143.43 \| SDC
5.62.136.14 \| SD
5.100.228.64 \| H
5.101.196.211 \| SDR
5.101.214.178 \| SD
5.135.239.36
5.135.239.44
5.135.239.45
5.141.22.115 \| SD
5.149.105.154 \| SD
5.153.139.226 \| SDC
5.178.217.227 \| SDC
5.202.45.143 \| SD
5.202.60.1 \| SD
5.202.101.50 \| SD
5.202.101.208 \| SD
5.202.114.123 \| SD
5.206.230.62 \| SDC
5.206.232.190 \| SDC
5.221.99.163 \| SD
5.228.223.120 \| SDC
5.228.232.101 \| SD
8.27.211.2
8.34.116.98 \| SD
8.38.146.129 \| HSD
12.108.154.2 \| SDC
12.109.102.86 \| SD
12.249.121.70 \| SD
13.65.30.112 \| SD
13.66.60.134 \| SDC
13.85.80.251 \| SD
13.91.111.179 \| H
14.20.235.42 \| SD
14.102.76.42 \| SDC
14.102.115.234 \| SD
14.119.54.191
14.141.2.126 \| H
14.153.54.217 \| SD
14.160.23.139 \| SD
14.162.146.128 \| SDC
14.162.146.164 \| SD

IPs In The Neighborhood
81.169.143.166 \| C
81.169.143.167
81.169.143.181
81.169.143.183
81.169.143.184
81.169.143.195
81.169.143.196 \| S
81.169.143.206
81.169.143.207 \| C
81.169.143.208 \| SD
81.169.143.209 \| S
81.169.143.217 \| S
81.169.143.221
81.169.143.225
81.169.143.227
81.169.143.232
81.169.143.242
81.169.143.246 \| S
81.169.143.252
81.169.143.255
81.169.144.0
81.169.144.3
81.169.144.46
81.169.144.94
81.169.144.153
81.169.144.165
81.169.144.167
81.169.144.192
81.169.144.200
81.169.144.234
81.169.144.248
81.169.144.249
81.169.145.0
81.169.145.1
81.169.145.3
81.169.145.7
81.169.145.11 \| H
81.169.145.25 \| HC
81.169.145.28 \| HC
81.169.145.32 \| W
81.169.145.33 \| W
81.169.145.34 \| W
81.169.145.35 \| W
81.169.145.36
81.169.145.39 \| W
81.169.145.41
81.169.145.42 \| W
81.169.145.45 \| W
81.169.145.46
81.169.145.47
81.169.145.61 \| W
81.169.145.64 \| W
81.169.145.65 \| W
81.169.145.66 \| W
81.169.145.67 \| W
81.169.145.68 \| W
81.169.145.69 \| W
81.169.145.70 \| W
81.169.145.71 \| W
81.169.145.72 \| W
81.169.145.73 \| W
81.169.145.74 \| W
81.169.145.75 \| W
81.169.145.76 \| W
81.169.145.77 \| W
81.169.145.78 \| W
81.169.145.79 \| W
81.169.145.80 \| W
81.169.145.81 \| W
81.169.145.82 \| W
81.169.145.83 \| W
81.169.145.84 \| W
81.169.145.85 \| W
81.169.145.86 \| W
81.169.145.87 \| W
81.169.145.88 \| W
81.169.145.89 \| W
81.169.145.90 \| W
81.169.145.91 \| W
81.169.145.92 \| W
81.169.145.93 \| W
81.169.145.94 \| W
81.169.145.95 \| W
81.169.145.96
81.169.145.97
81.169.145.98
81.169.145.99
81.169.145.100
81.169.145.101
81.169.145.102
81.169.145.103

Sample Spam URLs & Keywords Posted From 81.169.144.135

Domain: www.genericviagraonlinesj.com
URL: http://www.genericviagraonlinesj.com/
Keywords: order generic viagra online

Domain: www.buyviagraonlinedl.com
URL: http://www.buyviagraonlinedl.com/
Keywords: buy viagra

Domain: www.genericcialisonlinedt.com
URL: http://www.genericcialisonlinedt.com/
Keywords: cheap cialis online pharmacy

Domain: www.genericviagraonlinecw.com
URL: http://www.genericviagraonlinecw.com/
Keywords: generic viagra

Domain: www.cheapviagraonlinevp.com
URL: http://www.cheapviagraonlinevp.com/
Keywords: buy viagra online canada

Domain: www.paydayloansonlineusa.xyz
URL: http://www.paydayloansonlineusa.xyz/
Keywords: payday loans

Domain: www.cialisonlinest.com
URL: http://www.cialisonlinest.com/
Keywords: cialis online

Domain: www.orderviagraonlinecc.com
URL: http://www.orderviagraonlinecc.com/
Keywords: buy viagra

Domain: www.cheapcialisonlinehq.com
URL: http://www.cheapcialisonlinehq.com/
Keywords: cheap levitra online

Domain: www.fylitcl7pf7kjqdduolqouaxtxbj5ing.com
URL: http://www.FyLitCl7Pf7kjQdDUOLQOuaxTXbj5iNG.com

81.169.144.135's User Agent Strings

BacklinkCrawler (http://www.backlinktest.com/crawler.html)

BlackBerry9000/4.6.0.167 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/102 ips-agent

compusers.be

CRAZYWEBCRAWLER 0.9.2, http://www.crazywebcrawler.com

gremialSpider/Nutch-1.9

ImplisenseBot 1.1

Influencebot/0.9; (Automatic classification of websites; http://www.influencebox.com/; info@influencebox.com)User-Agent: Mozilla/5.0 (X11; Linux i686; rv:9.0) Gecko/20100101 Firefox/9.0

ip-web-crawler.com

Java/1.4.2_13

Java/1.6.0_04

Java/1.6.0_35

Java/1.7.0_13

Java/1.7.0_25

LinkStats Bot

LinkWalker/3.0 (http://www.brandprotect.com)

LoocalCrawler/Nutch-1.7 (v2014a by weluse; https://weluse.de/)

Lynx/2.8.5rel.1 libwww-FM/2.15FC SSL-MM/1.4.1c OpenSSL/0.9.7e-dev

Lynx/2.8.6rel.4 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.8g

Mediapartners-Google

mindUpBot (datenbutler.de)

Mozilla/4.0 (compatible; MSIE 5.0; Windows NT 4.0)

Mozilla/4.0 (compatible; MSIE 6.0; AOL 7.0; Windows NT 5.1; Q312461)

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2)

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 2.0.50727; InfoPath.1)

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; dial

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; dial; E-nrgyPlus; .NET CLR 1.1.4322; InfoPath.1)

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; dial; SV1; .NET CLR 1.0.3705)

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; ds-66843412; Sgrunt|V109|1|S-66843412|dial; .NET CLR 1.1.4322)

11 comment(s) - Comment on this IP | Collapse All

W.Backslash AG commented...

still active
October 21 2019 09:21 AM

Bot Busters commented...

WhoIS You Gonna Block: 81.169.144.135 (fo-p00-ob.rzone.de)
Evil Banished: (Malicious Activities) AS6724 81.169.128.0/17 Strato AG strato.de

Banished Another Evil strato.de Bot/Hacker Attacks Various WordPress CMS, XML, PHP Exploits - Malicious URL Probing, Disobeys robots.txt, Changes ID/IP!

WordPress Botnet!
/wp-admin/
/old/wp-admin/
/xmlrpc.php?rsd
wlwmanifest.xml

strato.de Blacklisted!
cbl.abuseat.org FAIL
dnsbl.sorbs.net FAIL
spam.dnsbl.sorbs.net FAIL
web.dnsbl.sorbs.net FAIL
xbl.spamhaus.org FAIL
zen.spamhaus.org FAIL

Malicious Bot - No User Agent (Always Up To No Good!)

Malicious Bot - Mozilla/5.0 (X11; U; Linux i686; pt-BR; rv:1.9.0.15) Gecko/2009102815 Ubuntu/9.04 (jaunty) Firefox/3.0.15

Malicious Bot - Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1

Bot Bustin' Evil Makes You Feel Good!
November 24 2018 02:50 PM

P.Cruse commented...

Looking for WP exploits.
January 20 2018 01:42 PM

W.Backslash AG commented...

SQL Injection
February 11 2016 07:12 AM

J.Humphrey31 commented...

Still scanning fopr exploits:
Berlin, Germany
IP: 81.169.144.135
Reason: Accessed a banned URL.
Hostname: fo-p00-ob.rzone.de
January 06 2016 07:28 AM

I.Stigsson commented...

SQL injection attakcs
December 26 2015 04:18 PM

M.Hatzis commented...

Admin Attack on a non wp site (bellow the log extract)
81.169.144.135 - - [26/Apr/2015:03:00:40 +0300] "GET /wp-admin/ HTTP/1.1" 301 536 "-" "-"
April 27 2015 06:20 AM

H.User7152 commented...

200x Russian and Ukranian referrer spam.
March 27 2015 01:00 PM

J.Zunich commented...

[Mon Jun 30 08:32:08 2014] [error] [client 81.169.144.135] File does not exist: /home/xxxx/public_html/wordpress

Found snooping for wordpress install.
June 30 2014 11:21 AM

K.Kirby commented...

Scanning for wordpress site:

"81.169.144.135" - - [04/Feb/2014:03:21:08 -0500] "GET /wp/wp-admin/ HTTP/1.1" 404 294 "-" "-"
February 04 2014 11:20 AM

R.Clauss commented...

The Server is run by STRATO AG (a division of German Telekom AG) in Berlin. This server was observed, trying to login to Joomla! Backends by using a dictionary attack.
July 31 2013 02:33 AM

Page generated on: October 01 2023 05:16:29 PM

Please note: being listed on these pages does not necessarily mean an IP address, domain name, or any other information is owned by a spammer. For example, it may have been hijacked from its true owner and used by a spammer.

Want to keep this IP address off your website? Start taking advantage of http:BL.

If you are the owner of this IP address, you can whitelist it by connecting to this page from the IP itself (or from an IP within /24). Alternatively, the IP will be auto excused after 90 days of no activity.

Advertisements displayed on this page are not necessarily endorsed by Project Honey Pot