felipe.castilla - AbuseIPDB User Profile

JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

User felipe.castilla joined AbuseIPDB in May 2026 and has reported 2 IP addresses.

Standing (weight) is good.

INACTIVE USER

IP	Date	Comment	Categories
🇺🇸 143.109.37.144	22 May 2026	Source IP 143.109.37.144 performed automated reconnaissance and suspected Magento/Adobe Commerce att ... show more Source IP 143.109.37.144 performed automated reconnaissance and suspected Magento/Adobe Commerce attack attempts against a production Magento 2 storefront. Activity included 3000+ requests/hour with fuzzed parameters targeting /page_cache/block/render/* (30+ variants, possible block cache poisoning), /equipos.html and /accesorios/.html with category filter injection attempts, /checkout/cart/updatePost/ and /couponPost/ for cart manipulation, repeated /customer/account/loginPost/ access consistent with possible credential stuffing, and fuzzing against /catalog/category/view/. Also observed GraphQL probing attempts. Traffic pattern is consistent with automated vulnerability scanning and exploitation attempts. User-Agent observed as Chrome/131.0.0.0. show less	Hacking Bad Web Bot Web App Attack
🇭🇰 107.149.130.5	20 May 2026	Source IP 107.149.130.5 performed automated reconnaissance and suspected Magento / Adobe Commerce we ... show more Source IP 107.149.130.5 performed automated reconnaissance and suspected Magento / Adobe Commerce web application attack attempts against a production Magento 2.4.8 storefront. Observed behavior included: - Requests for backup/archive/application artifact paths: /master.war, /orders.tar.gz, /data.gz, /new.zip, /database.tar.tgz, /php.tgz, /clients.zip and others - Magento-specific probing against /page_cache/block/render/ with crafted originalRequest JSON and abnormal uri payload. - POST request to /checkout/cart/add/.../product/683/. - Browser-like and changing User-Agent strings consistent with automated scanning. - Source IP appeared in X-Forwarded-For as 107.149.130.5. The activity occurred shortly after Adobe APSB26-49 for Adobe Commerce / Magento, which addressed critical vulnerabilities including arbitrary code execution, arbitrary file system write, DoS and security feature bypass. This traffic is unsolicited and consistent with malicious web application scanning/probing. show less	Hacking Bad Web Bot Web App Attack