galvezrayo - AbuseIPDB User Profile

JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

User galvezrayo joined AbuseIPDB in June 2024 and has reported 10 IP addresses.

Standing (weight) is good.

INACTIVE USER WEBMASTER

IP	Date	Comment	Categories
🇵🇱 150.254.166.5	25 Nov 2025	IDS Alert OS-WINDOWS Microsoft Windows SMB remote code execution attempt	FTP Brute-Force Hacking Brute-Force Exploited Host
🇸🇬 103.253.145.75	29 Sep 2025	September 28, 2025 4:39pm 103.253.145.75 (Singapore) Blocked for Known malicious User-Agents S ... show more September 28, 2025 4:39pm 103.253.145.75 (Singapore) Blocked for Known malicious User-Agents September 28, 2025 4:39pm 103.253.145.75 (Singapore) Blocked for Known malicious User-Agents September 28, 2025 4:39pm 103.253.145.75 (Singapore) Blocked for Known malicious User-Agents September 28, 2025 4:39pm 103.253.145.75 (Singapore) Blocked for Known malicious User-Agents September 28, 2025 4:39pm 103.253.145.75 (Singapore) Blocked for Known malicious User-Agents September 28, 2025 4:39pm 103.253.145.75 (Singapore) Blocked for Known malicious User-Agents show less	DDoS Attack Bad Web Bot
🇸🇬 159.223.56.187	29 Sep 2025	Tried injecting multiple malicious files on server (wordpress). September 29, 2025 2:00am 159.22 ... show more Tried injecting multiple malicious files on server (wordpress). September 29, 2025 2:00am 159.223.56.187 (Singapore) Blocked for Malicious File Upload in file: filename = axv.php September 29, 2025 2:00am 159.223.56.187 (Singapore) Blocked for Kaswara Modern VC Addons <= 3.0.1 - Arbitrary File Upload September 29, 2025 2:00am 159.223.56.187 (Singapore) Blocked for Malicious File Upload in file: file = axv.php September 29, 2025 2:00am 159.223.56.187 (Singapore) Blocked for Malicious File Upload in file: userfile = axv.php September 29, 2025 2:00am 159.223.56.187 (Singapore) Blocked for Malicious File Upload in file: userfile = axv.php September 29, 2025 2:00am 159.223.56.187 (Singapore) Blocked for Adning Advertising <= 1.5.5 - Arbitrary File Upload and Arbitrary File Deletion September 29, 2025 2:00am 159.223.56.187 (Singapore) Blocked for Directory Traversal in POST body: form_id = ../../../ show less	Hacking Brute-Force Web App Attack
🇩🇪 139.59.213.228	09 Oct 2024	139.59.213.228 50987 210.213.146.169 80 9c:8e:99:5b:27:5a Blocked Snort Message: SERVER-WEBAPP ... show more 139.59.213.228 50987 210.213.146.169 80 9c:8e:99:5b:27:5a Blocked Snort Message: SERVER-WEBAPP PHPUnit PHP remote code execution attempt; Snort Rule ID: 1:45749:2 139.59.213.228 50820 210.213.146.169 80 9c:8e:99:5b:27:5a Blocked Snort Message: SERVER-WEBAPP PHPUnit PHP remote code execution attempt; Snort Rule ID: 1:45749:2 139.59.213.228 50694 210.213.146.169 80 9c:8e:99:5b:27:5a Blocked Snort Message: SERVER-WEBAPP PHPUnit PHP remote code execution attempt; Snort Rule ID: 1:45749:2 139.59.213.228 50538 210.213.146.169 80 9c:8e:99:5b:27:5a Blocked Snort Message: SERVER-WEBAPP PHPUnit PHP remote code execution attempt; Snort Rule ID: 1:45749:2 139.59.213.228 50321 210.213.146.169 80 9c:8e:99:5b:27:5a Blocked Snort Message: SERVER-WEBAPP PHPUnit PHP remote code execution attempt; Snort Rule ID: 1:45749:2 show less	Hacking Brute-Force Exploited Host Web App Attack
🇭🇰 103.161.35.64	09 Oct 2024	103.161.35.64 37422 210.213.146.169 80 9c:8e:99:5b:27:5a Blocked Snort Message: SQL generic sql ... show more 103.161.35.64 37422 210.213.146.169 80 9c:8e:99:5b:27:5a Blocked Snort Message: SQL generic sql with comments injection attempt - GET parameter; Snort Rule ID: 1:16431:6 103.161.35.64 37420 210.213.146.169 80 9c:8e:99:5b:27:5a Blocked Snort Message: SQL generic sql with comments injection attempt - GET parameter; Snort Rule ID: 1:16431:6 103.161.35.64 37418 210.213.146.169 80 9c:8e:99:5b:27:5a Blocked Snort Message: SQL generic sql with comments injection attempt - GET parameter; Snort Rule ID: 1:16431:6 show less	Port Scan Hacking SQL Injection Spoofing Brute-Force Exploited Host
🇵🇭 180.190.75.25	27 Jul 2024	Defacing of Wordpress Site Event: Post Update Website: http://beacon.host.adzu.edu.ph IP Addres ... show more Defacing of Wordpress Site Event: Post Update Website: http://beacon.host.adzu.edu.ph IP Address: 180.190.75.25 Reverse IP: 180.190.75.25 Date/Time: July 27, 2024 4:42 am User: Armando Ciriaco Jr. (armando.t.ciriaco.jr.) Message: Revision status has been changed; details: ID: 10518,Old status: new,New status: inherit,Title: VLONE PHANTOM show less	Blog Spam Hacking Brute-Force Exploited Host
🇰🇭 103.246.228.92	23 Jul 2024	July 21, 2024 5:55pm 103.246.228.92 (Cambodia) Blocked for Known malicious User-Agents July 21 ... show more July 21, 2024 5:55pm 103.246.228.92 (Cambodia) Blocked for Known malicious User-Agents July 21, 2024 5:55pm 103.246.228.92 (Cambodia) Blocked for Known malicious User-Agents July 21, 2024 5:55pm 103.246.228.92 (Cambodia) Blocked for Known malicious User-Agents July 21, 2024 5:55pm 103.246.228.92 (Cambodia) Blocked for Known malicious User-Agents July 21, 2024 5:55pm 103.246.228.92 (Cambodia) Blocked for Known malicious User-Agents July 21, 2024 5:55pm 103.246.228.92 (Cambodia) Blocked for Known malicious User-Agents July 21, 2024 5:55pm 103.246.228.92 (Cambodia) Blocked for Known malicious User-Agents July 21, 2024 5:55pm 103.246.228.92 (Cambodia) Blocked for Known malicious User-Agents July 21, 2024 5:55pm 103.246.228.92 (Cambodia) Blocked for Known malicious User-Agents July 21, 2024 5:55pm 103.246.228.92 (Cambodia) Blocked for Known malicious User-Agents show less	Web Spam Bad Web Bot Web App Attack
🇭🇰 27.124.45.118	23 Jul 2024	July 23, 2024 12:00am 27.124.45.118 (Singapore) Blocked for SQL Injection in query string: ques ... show more July 23, 2024 12:00am 27.124.45.118 (Singapore) Blocked for SQL Injection in query string: question_id = 1 AND (SELECT 7242 FROM (SELECT(SLEEP(0)))HQYx) July 23, 2024 12:00am 27.124.45.118 (Singapore) Blocked for SQL Injection in query string: ID = 0 AND (SELECT 1 FROM (SELECT(SLEEP(4)))SQLi) July 23, 2024 12:00am 27.124.45.118 (Singapore) Blocked for SQL Injection in POST body: docid = 1 AND (SELECT 6288 FROM (SELECT(SLEEP(0)))HRaz) July 23, 2024 12:00am 27.124.45.118 (Singapore) Blocked for LFI: Local File Inclusion in query string: local-download = /etc/passwd July 23, 2024 12:00am 27.124.45.118 (Singapore) Blocked for SQL Injection in POST body: channel_name = " and(extractvalue(1,concat(0x7e,(select md5(208317095)),0x7e)))# July 23, 2024 12:00am 27.124.45.118 (Singapore) Blocked for SQL Injection in POST body: post = 0 and updatexml(1, concat(0x7e,(SELECT md5(959686856)),0x7e),1)-- - show less	SQL Injection Brute-Force Web App Attack
🇺🇸 142.171.131.237	24 Jun 2024	Jun 24 16:50:41 IDS Alert 142.171.131.237:60160 210.213.146.163:80 Blocked FILE-OTHERJackson databi ... show more Jun 24 16:50:41 IDS Alert 142.171.131.237:60160 210.213.146.163:80 Blocked FILE-OTHERJackson databind deserialization remote code execution attempt Jun 24 16:50:18 IDS Alert 142.171.131.237:54292 210.213.146.169:80 Blocked SERVER-WEBAPPAvaya Aura Device Services PhoneBackup arbitrary PHP file upload attempt Jun 24 16:49:49 IDS Alert 142.171.131.237:55958 210.213.146.170:80 Blocked SERVER-OTHERApache Log4j logging remote code execution attempt Jun 24 16:49:49 IDS Alert 142.171.131.237:55958 210.213.146.170:80 Blocked SERVER-OTHERApache Log4j logging remote code execution attempt Jun 24 16:49:46 IDS Alert 142.171.131.237:35822 210.213.146.169:80 Blocked SERVER-OTHERApache Log4j logging remote code execution attempt show less	Hacking Brute-Force Bad Web Bot Web App Attack
🇮🇩 93.185.162.8	14 Jun 2024	11:02 galvezrayo Post moved to trash; ID: 9517; name: Hacked By P4$A; status: pending 11:02 gal ... show more 11:02 galvezrayo Post moved to trash; ID: 9517; name: Hacked By P4$A; status: pending 11:02 galvezrayo Post status has been changed (details): ID: 9517, Old status: pending, New status: trash, Title: Hacked By P4$A 11:01 galvezrayo User account deleted; ID: 56 10:53 cybrealle.d.c.cruz Plugin deactivated: WP File Manager (v7.2.9; wp-file-manager/file_folder_manager.php) IP: 93.185.162.8 10:50 cybrealle.d.c.cruz Plugin activated: WP File Manager (v7.2.9; wp-file-manager/file_folder_manager.php) IP: 93.185.162.8 10:43 cybrealle.d.c.cruz Plugin installed: Unknown IP: 93.185.162.8 10:43 cybrealle.d.c.cruz User authentication succeeded: cybrealle.d.c.cruz IP: 93.185.162.8 10:41 cybrealle.d.c.cruz User account edited; ID: 56; name: cybrealle.d.c.cruz; old_name: cybrealle.d.c.cruz; email: [email protected]; old_email: [email protected]; roles: administrator, writer, generalmanager; old_roles: administrator, writer, generalmanager show less	FTP Brute-Force FTP Brute-Force Blog Spam Blog Spam Hacking Hacking Web App Attack Web App Attack