Studio KonKon - AbuseIPDB User Profile

JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

User Studio KonKon , the webmaster of studiokonkon.com, joined AbuseIPDB in October 2019 and has reported 80 IP addresses.

Standing (weight) is good.

INACTIVE USER WEBMASTER SUPPORTER

IP	Date	Comment	Categories
🇺🇸 54.240.9.122	15 Dec 2025	Fake email spoofing █████@amazon.com claiming that my "organisation" qualifies for a "business accou ... show more Fake email spoofing █████@amazon.com claiming that my "organisation" qualifies for a "business account with Amazon". The email appears to exploit the amazonses.com domain. Though the sender claims to work for amazon.co.uk and uses British English, email data shows it was actually sent from: Sao Paulo, Brazil. The fact remains that I do not qualify for a "business account with Amazon" because I am not a seller with Amazon, do not earn enough to pay TAX nor qualify for registered VAT status. show less	Phishing Email Spam Spoofing Exploited Host
🇩🇪 82.165.229.87	25 Oct 2025	Fake email from █████.lakeside-services.com and █████@mail.com attempting to steal passwords. Claim ... show more Fake email from █████.lakeside-services.com and █████@mail.com attempting to steal passwords. Claim that password from webmail will expire a date several weeks before the email received and spoofing my domain name in From field. show less	Phishing Email Spam Spoofing
🇬🇧 176.32.230.4	25 Oct 2025	Fake email from █████.lakeside-services.com and █████@mail.com attempting to steal passwords. Claim ... show more Fake email from █████.lakeside-services.com and █████@mail.com attempting to steal passwords. Claim that password from webmail will expire a date several weeks before the email received and spoofing my domain name in From field. show less	Phishing Email Spam Spoofing
🇮🇳 59.183.65.50	24 Aug 2025	Attempting to send spam emails under my email address. Both dkim and spf fail; emails spoofing my em ... show more Attempting to send spam emails under my email address. Both dkim and spf fail; emails spoofing my email/domain were rejected by corp.mail.ru. show less	Phishing Email Spam Spoofing
🇳🇬 102.212.163.5	24 Aug 2025	Multiple fake email claiming to be from "Server Team Management" with a malicious link to apparently ... show more Multiple fake email claiming to be from "Server Team Management" with a malicious link to apparently "fix" the issue. Sender from server.j3redmarketing.com; ███@haycreekranch.net; ███@eurostar.lv; papa.de.hostns.io. [Content] Dear █████, Request to delete your account has been received; request is under process. If the request was made in error and you are not aware, Log in and cancel the request now (button: Cancel Deactivation Request On █████) show less	Phishing Email Spam
🇺🇸 50.6.206.75	24 Aug 2025	Multiple fake "Messages Failed Report" claiming to be from the System Administrator with a malicious ... show more Multiple fake "Messages Failed Report" claiming to be from the System Administrator with a malicious link to apparently "fix" the issue. I am the System Administrator so this is clearly a phishing attack. Sender from server.j3redmarketing.com; ███@haycreekranch.net; ███@eurostar.lv; papa.de.hostns.io. [Content] An email you sent was not successfully delivered to (5) intended recipients. The error usually indicates that the recipient's email server rejected the message. CLICK HERE to review recipients, fix failed email deliveries and prevent future issues. Note: Please verify you are not a robot and not auto-generated. System Administrator █████ show less	Phishing Email Spam
🇬🇧 194.35.235.224	03 Aug 2025	Threat/hate mail. Reported to police. User Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 15_7_1 like ... show more Threat/hate mail. Reported to police. User Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 15_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.3 Mobile/15E148 Safari/604.1 IP: Likely VPN tunnelled through a VPS (194.35.235.224) show less	Web Spam Email Spam
🇲🇬 197.158.119.152	03 Aug 2025	Email spam through web contact form. ---------- FROM: (REDACTED)@outpush.io SUBJECT: Discover pus ... show more Email spam through web contact form. ---------- FROM: (REDACTED)@outpush.io SUBJECT: Discover push notifications ads CONTENT: Hello, Have you ever thought about web push notifications to communicate with visitors on (REDACTED)? At outpush.io, we developed a free solution that is much more efficient than email... About 75% of openings on each campaign! On top of that, we send personalized advertising in pushes allowing you to earn additional income, without doing anything. Want to talk about it for (REDACTED)? Have a great day, (REDACTED) Co-founder @ outpush.io Let's talk: https://calendly.com/(REDACTED) show less	Web Spam Email Spam
🇨🇦 154.12.162.51	03 Aug 2025	COMMENT: Multiple aggressive malicious threats from user for payment of fake domain expiry notice ( ... show more COMMENT: Multiple aggressive malicious threats from user for payment of fake domain expiry notice (REDACTED = Our related domain names) [CONTENT START] FROM: Joe Miller <[email protected]> YOUR IMMEDIATE ATTENTION TO THIS MESSAGE IS ABSOLUTELY NECESSARY! YOUR DOMAIN (REDACTED) WILL BE TERMINATED WITHIN 24 HOURS We have not received your payment for the renewal of your domain (REDACTED) We have made several attempts to reach you by phone, to inform you regarding the TERMINATION of your domain (REDACTED) CLICK HERE FOR SECURE ONLINE PAYMENT: http://yourdomainclinical.xyz/?n=(REDACTED)&r=a&t=1607773992&p=v1 IF WE DO NOT RECEIVE YOUR PAYMENT WITHIN 24 HOURS, YOUR DOMAIN (REDACTED) WILL BE TERMINATED CLICK HERE FOR SECURE ONLINE PAYMENT: http://yourdomainclinical.xyz/?n=(REDACTED)&r=a&t=1607773992&p=v1 ACT IMMEDIATELY. The submission notification (REDACTED) will EXPIRE WITHIN 24 HOURS after reception of this email [/CONTENT START] show less	Phishing Web Spam Email Spam
🇹🇷 159.253.47.172	28 Aug 2024	Fake Netflix account deactivation message about failed subscription payment. domains (REDACTED)@wpkb ... show more Fake Netflix account deactivation message about failed subscription payment. domains (REDACTED)@wpkb.inixgzjgxwa.us and (REDACTED)@www.7158rr.com designates 159.253.47.172 as permitted senders, passed SPF with 159.253.47.172, spoofed "to" header as [email protected]; uses links to fake webpage to steal personal data "https://storage.googleapis.com/wingoodsnwessserverone/ackgrounderche.html#(REDACTED)" (Note: hash has been redacted to protect other users) show less	Phishing Email Spam Spoofing
🇳🇱 91.92.241.45	02 Jul 2024	Extensice requests (1,000+) Probing for SSH, Let's Encrypt, hostings files, Wordpress plugins, subdo ... show more Extensice requests (1,000+) Probing for SSH, Let's Encrypt, hostings files, Wordpress plugins, subdomains, webmail files, sitemaps, RSS feeds, unknown software etc. show less	DDoS Attack Web Spam Port Scan Hacking Brute-Force
🇩🇪 195.88.87.247	02 Jul 2024	Extensive (2,000+) requests to access random root level php files (random filenames containing a sin ... show more Extensive (2,000+) requests to access random root level php files (random filenames containing a single and double letters and numbers) that don't exist including known non-server related system filenames that also do not exist. show less	Web Spam Brute-Force
🇨🇭 179.43.149.114	02 Jul 2024	Extensive number of HTTP requests to access PHP information	Hacking
🇳🇱 5.62.20.16	02 Jul 2024	Attempting to locate "{redacted}/id3/license.txt/wp-login.php" on multiple non-existing subdomains.	Hacking Brute-Force
🇳🇱 91.92.250.32	02 Jul 2024	Exstensive number of attempts to locate a non-existant "wp-login.php" file in different directories' ... show more Exstensive number of attempts to locate a non-existant "wp-login.php" file in different directories' of domain. show less	Hacking Brute-Force
🇺🇸 173.0.84.229	24 Jun 2024	Fake PayPal money request from "{redacted}@grossdrakeassociates.onmicrosoft.com" with username "work ... show more Fake PayPal money request from "{redacted}@grossdrakeassociates.onmicrosoft.com" with username "worker14@GrossDrakeAssociates". [No such request was made on PayPal itself and does not appear in PayPal Activity]. Appears to be sent via Outlook but passes SPF/DKIM/DMARC checks of both Microsoft and PayPal. show less	Phishing Email Spam Spoofing
🇳🇱 5.79.75.41	17 Jun 2024	BFP (Brute Force Protection): Blocked an RDP attack attempting a Remote Connection on port 47139	Port Scan Port Scan Hacking Hacking Brute-Force Brute-Force
🇳🇱 195.78.54.252	17 Jun 2024	BFP (Brute Force Protection): Blocked an RDP attack attempting a Remote Connection on port 28665	Port Scan Port Scan Hacking Hacking Brute-Force Brute-Force
🇨🇭 193.32.127.154	17 Jun 2024	BFP (Brute Force Protection): Blocked an attack attempting a Remote Connection on port 6881	Port Scan Port Scan Hacking Hacking Brute-Force Brute-Force
🇺🇸 142.202.189.108	18 Apr 2024	False claim of expired Netflix account (non-existant) with phishing link from "{redacted}@olvlv.yusz ... show more False claim of expired Netflix account (non-existant) with phishing link from "{redacted}@olvlv.yusznpxknuqw.com"/ ID: "{uuid}[email protected]" / "mc.hkcdc.org" and "hinet-ip.hinet.net" as permitted senders. Return path: vlytdmhpbkex.com / tfqdtaqvikmr.us / Loop: tfloydeooajt.com / Carbon Copy: qvrjayimdfqa.com show less	Phishing Email Spam Spoofing
🇺🇸 142.202.189.108	17 Apr 2024	webmail spam claiming to be from Netflix, that our (non-existent) account has expired and asking to ... show more webmail spam claiming to be from Netflix, that our (non-existent) account has expired and asking to complete a short survey to get extra subscription extention. Link uses a "tinyurl.com" endpoint to a malicious webpage. from domain(s) cctv.giraffedigital.co.uk and hinet-ip.hinet.net as permitted senders. show less	Phishing Email Spam Spoofing
🇩🇪 159.69.71.60	17 Apr 2024	Fake email from "{redacted}@mail-top.asia" claiming our webmail accounts will be blocked unless clic ... show more Fake email from "{redacted}@mail-top.asia" claiming our webmail accounts will be blocked unless clicking on a link (attempt to steal personal information and install malware). Offending headers: papa.de.hostns.io with LMTP / 95.213.165.242:56619 show less	Phishing Email Spam Spoofing
🇷🇺 95.213.165.242	17 Apr 2024	Fake email from "{redacted}@mail-top.asia" claiming our webmail accounts will be blocked unless clic ... show more Fake email from "{redacted}@mail-top.asia" claiming our webmail accounts will be blocked unless clicking on a link (attempt to steal personal information and install malware). Offending headers: apa.de.hostns.io with LMTP / 95.213.165.242:56619 show less	Phishing Email Spam Spoofing
🇩🇪 159.69.71.60	09 Apr 2024	papa.de.hostns.io / daf6cfbaf2.nxcli.io / cloudhost-10969997.us-midwest-2.nxcli.net ~ fake email spo ... show more papa.de.hostns.io / daf6cfbaf2.nxcli.io / cloudhost-10969997.us-midwest-2.nxcli.net ~ fake email spoofing our email address as sender from "{redacted}@2fa.io" claiming to be server admin that our website and accounts have been disabled and wanting to verify 2FA data. show less	Phishing Email Spam Spoofing
🇺🇸 162.255.119.28	09 Apr 2024	fake email using our spoofing email address as sender from "{redacted}@2fa.io" claiming to be server ... show more fake email using our spoofing email address as sender from "{redacted}@2fa.io" claiming to be server admin that our website and accounts have been disabled and wanting to verify 2FA data. ~ papa.de.hostns.io / daf6cfbaf2.nxcli.io / cloudhost-10969997.us-midwest-2.nxcli.net show less	Phishing Email Spam Spoofing