GKS-Webdesign - AbuseIPDB User Profile

Check an IP Address, Domain Name, or Subnet

e.g. 44.201.92.114, microsoft.com, or 5.188.10.0/24

User GKS-Webdesign joined AbuseIPDB in July 2021 and has reported 263 IP addresses.

Standing (weight) is good.

ACTIVE USER WEBMASTER SUPPORTER

IP	Date	Comment	Categories
64.227.133.10	29 Mar 2023	Request blocked on 2023/03/29 @ 02:38:37 am: Blocked Count: 121 Request URI: / ... show moreRequest blocked on 2023/03/29 @ 02:38:37 am: Blocked Count: 121 Request URI: /oldsite/wp-admin/install.php The Request: /oldsite/wp-admin/install.php Query String: Protocol: HTTP/1.0 IP Address: 64.227.133.10 User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 show less	Hacking Exploited Host Web App Attack
37.46.113.158	23 Mar 2023	Name: Lucretia Holroyd Email: [email protected] Company: Hacked Phone: 036081 12 9 ... show moreName: Lucretia Holroyd Email: [email protected] Company: Hacked Phone: 036081 12 90 Message: We have hacked your website xxx.xxxx and extracted your databases. This was due to the security holes you had in your your site/server which have gained us remote control of pretty much everything that was on the server. Our team is mostly interested in customer, administrative, and employee information which we have extracted through your databases once we got remote control over the server. It still needs to be sorted out but it will be well-organized once finished. First, we will be going through the emails/sms information and contacting the recipient how you held in disregard about their information being exposed to a hacking group when you could have stopped it. This would be detrimental to your personal image with these relationships with these people. Lastly, now that we have information not only will we be monetizing off it with our methods but made public or sold to other people that will do whatever show less	Phishing Web Spam Blog Spam
209.141.41.43	16 Mar 2023	Request blocked on 2023/03/15 @ 05:19:44 pm: Blocked Count: 664 Pattern Match: ... show moreRequest blocked on 2023/03/15 @ 05:19:44 pm: Blocked Count: 664 Pattern Match: { Request URI: / The Request: /?"{${print(9347655345-4954366)}}" Protocol: HTTP/1.0 IP Address: 209.141.41.43 User Agent: Mozilliqa"{${print(9347655345-4954366)}}" show less	Hacking Brute-Force Exploited Host Web App Attack
146.70.123.182	15 Mar 2023	Date: 15/03/2023 Time: 9:15 AM Name: JamesFrelp Email: a.lb.e.rt.h.a.ns ... show moreDate: 15/03/2023 Time: 9:15 AM Name: JamesFrelp Email: [email protected] Company: JamesFrelp Phone: 85179715323 Message: Mjfejdjwdjiwdhwsuf hohaufheodajidhowaf hwidjidjqiohfuehooiPQKWODJQIJ IWJDOKDOWJDIjefiwjreir jwqifjweifewifeefjrghr jfejfekwlfjrghwjwajkdjwfew --- Page URL: User Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Remote IP: 146.70.123.182 show less	Web Spam Blog Spam Web App Attack
212.102.57.85	13 Mar 2023	Name: Reagan Sheil Email: [email protected] Phone: 06-78367251 Message: We ... show moreName: Reagan Sheil Email: [email protected] Phone: 06-78367251 Message: We are a group of highly qualified ethical hackers who scan tens of thousands of sites every day for critical vulnerabilities and patch them for a small fee. On your site XXXXX.com - we have discovered 5 critical vulnerabilities, each of which can give attackers full access to your site, databases and the server as a whole. Pay $3000 (0.15 BTC) by visiting this site where you will be able to copy our bitcoin (btc) address or scan the QR code with your device https://www.blockchain.com/explorer/addresses/btc/3B5CcgNqvSQC5h59SYVTxaNy8iGSHBMXya And after payment within 12 hours we will fix all the vulnerabilities on your site and you can sleep peacefully without worrying about the safety of your site and server. If we are hired by well-known corporations, then we charge from $50000 for our services, so you are lucky that we offer you the same service for $3000 (0.15 BTC) Date: 13/03/2023 Time: 8:05 AM show less	Email Spam Hacking
209.126.3.9	06 Mar 2023	Request blocked on 2023/03/06 @ 12:12:25 am: Blocked Count: 74 Request URI: /shell.php ... show moreRequest blocked on 2023/03/06 @ 12:12:25 am: Blocked Count: 74 Request URI: /shell.php Protocol: HTTP/1.1 IP Address: 209.126.3.9 User Agent: python-requests/2.26.0 show less	Hacking Brute-Force Exploited Host Web App Attack
197.221.57.130	28 Feb 2023	Name: Marshall Upchurch Email: [email protected] Company: Hacked Phone: (03) 53 ... show moreName: Marshall Upchurch Email: [email protected] Company: Hacked Phone: (03) 5353 1113 Message: Your Site Has Been Hacked PLEASE FORWARD THiS EMAiL TO SOMEONE iN YOUR COMPANY WHO iS ALLOWED TO MAKE iMPORTANT DECiSiONS! We have hacked your website xxxxxxxxxxxxx.xxx and extracted your databases. ................. We are willing to refrain from going through with these actions for a small fee. The amount: $3500 (0.15 BTC) The Address Part 1: bc1qz0hwyvdrq5xvfwcm9 The Address Part 2: m5eg7kjktvsux4r058v6g ........................ Date: 28/02/2023 Time: 4:14 AM User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 Remote IP: 197.221.57.130 show less	Phishing Blog Spam Web App Attack
172.105.43.83	24 Feb 2023	Request blocked on 2023/02/24 @ 01:22:17 pm: Blocked Count: 109 Pattern Match: ... show moreRequest blocked on 2023/02/24 @ 01:22:17 pm: Blocked Count: 109 Pattern Match: /install.php Request URI: /oldsite/wp-admin/install.php The Request: /oldsite/wp-admin/install.php Protocol: HTTP/1.0 IP Address: 172.105.43.83 User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 show less	Hacking Brute-Force Exploited Host Web App Attack
45.61.185.37	20 Feb 2023	A bad request was blocked on 2023-02-19 @ 19:41:53. Request Details: Blocked C ... show moreA bad request was blocked on 2023-02-19 @ 19:41:53. Request Details: Blocked Count: 44 Request URI: /dev.sql.tar.z Protocol: HTTP/1.1 IP Address: 45.61.185.37 User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.47 Safari/537.36 show less	Hacking Brute-Force Web App Attack
84.17.42.45	16 Feb 2023	Request blocked on 2023/02/16 @ 09:39:12 am: Blocked Count: 127 Pattern Match: ... show moreRequest blocked on 2023/02/16 @ 09:39:12 am: Blocked Count: 127 Pattern Match: /wp-config. Request URI: /wp-config._backup Protocol: HTTP/1.0 IP Address: 84.17.42.45 User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 show less	Brute-Force Exploited Host Web App Attack
45.61.184.17	16 Feb 2023	Request blocked on 2023/02/16 @ 06:15:45 am: Blocked Count: 7 Pattern Match: { ... show moreRequest blocked on 2023/02/16 @ 06:15:45 am: Blocked Count: 7 Pattern Match: { The Request: /?"{${print(9347655345-4954366)}}" Query String: "{${print(9347655345-4954366)}}" Protocol: HTTP/1.1 IP Address: 45.61.184.17 User Agent: Mozilliqa"{${print(9347655345-4954366)}}" show less	Brute-Force Exploited Host Web App Attack
185.206.224.214	13 Jan 2023	Request blocked on 2023/01/13 @ 05:01:36 am: Blocked Count: 163 The Request: / ... show moreRequest blocked on 2023/01/13 @ 05:01:36 am: Blocked Count: 163 The Request: /wp-config._backup Protocol: HTTP/1.1 IP Address: 185.206.224.214 User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 show less	Hacking Brute-Force Exploited Host Web App Attack
18.222.230.60	30 Dec 2022	Request blocked on 2022/12/30 @ 06:16:34 pm: Blocked Count: 220 Request URI: / ... show moreRequest blocked on 2022/12/30 @ 06:16:34 pm: Blocked Count: 220 Request URI: /app/config.yml Protocol: HTTP/1.1 IP Address: 18.222.230.60 User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246 show less	Hacking Brute-Force Exploited Host Web App Attack
142.44.193.80	29 Nov 2022	Request blocked on 2022/11/29 @ 12:38:56 am: Blocked Count: 462 Pattern Match: ... show moreRequest blocked on 2022/11/29 @ 12:38:56 am: Blocked Count: 462 Pattern Match: python Request URI: /info.php Protocol: HTTP/1.1 IP Address: 142.44.193.80 User Agent: Python/3.8 aiohttp/3.8.1 show less	Brute-Force Exploited Host Web App Attack
212.102.55.113	14 Nov 2022	A bad request was blocked on 2022-11-14 @ 05:05:56. Request Details: Blocked Count: 12 ... show moreA bad request was blocked on 2022-11-14 @ 05:05:56. Request Details: Blocked Count: 1226 Request URI: /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php Protocol: HTTP/1.1 IP Address: 212.102.55.113 User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) show less	Brute-Force Exploited Host Web App Attack
137.184.82.233	10 Nov 2022	A bad request was blocked on 2022-11-09 @ 18:10:35. Request Details: Blocked Count: 29 ... show moreA bad request was blocked on 2022-11-09 @ 18:10:35. Request Details: Blocked Count: 296 Pattern Match: /jquery-file-upload/ Request URI: /assets/global/plugins/JQuery-File-Upload/server/php/ Protocol: HTTP/1.1 IP Address: 137.184.82.233 User Agent: Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/101.0.4951.61 Mobile Safari/537.36 show less	Hacking Brute-Force Web App Attack
173.44.164.244	03 Nov 2022	Form submission spammer Date: 03/11/2022 Time: 11:32 AM Page URL: https ... show moreForm submission spammer Date: 03/11/2022 Time: 11:32 AM Page URL: https://gksconsultants.com/contact-us User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Remote IP: 173.44.164.244 show less	Web Spam
4.229.234.13	01 Nov 2022	A bad request was blocked on 2022-11-01 @ 06:32:26. Request Details: Blocked C ... show moreA bad request was blocked on 2022-11-01 @ 06:32:26. Request Details: Blocked Count: 65 Request URI: /shell.php Protocol: HTTP/1.1 IP Address: 4.229.234.13 User Agent: python-requests/2.27.1 show less	Hacking Brute-Force Web App Attack
72.11.157.113	01 Nov 2022	A bad request was blocked on 2022-11-01 @ 02:39:33. Request Details: Blocked C ... show moreA bad request was blocked on 2022-11-01 @ 02:39:33. Request Details: Blocked Count: 197 Request URI: /wp-config._backup Protocol: HTTP/1.0 IP Address: 72.11.157.113 User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 show less	Hacking Brute-Force Web App Attack
68.183.89.186	23 Oct 2022	Persistent connection attempts to port 443 and port scanning - last connection = 2022-10-22 13:15:48	Port Scan Hacking Brute-Force Exploited Host
137.184.160.185	23 Oct 2022	Repeated attempts to access 443 and port scanning - latest connection = 2022-10-23 02:11:00	Port Scan Hacking Brute-Force Exploited Host
143.198.208.133	23 Oct 2022	Repeated port scanning and connecting to port 443 - 2022-10-23 04:13:32	Port Scan Hacking Brute-Force Exploited Host
79.110.62.44	01 Oct 2022	A bad request was blocked on 2022-10-01 @ 16:17:50. Request Details: Blocked C ... show moreA bad request was blocked on 2022-10-01 @ 16:17:50. Request Details: Blocked Count: 1196 Request URI: /backoffice/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php Protocol: HTTP/1.1 IP Address: 79.110.62.44 User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 show less	Hacking Brute-Force Web App Attack
143.110.250.59	29 Sep 2022	SCAN Zgrab Scanning Attempt Detected	Port Scan Hacking Brute-Force
169.150.197.153	29 Sep 2022	Form spam : Name: Merle Townley Email: [email protected] Company: Hac ... show moreForm spam : Name: Merle Townley Email: [email protected] Company: Hack Inc Phone: (08) 8280 2332 Message: Your Site Has Been Hacked PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS! We have hacked your website ................ Date: 29/09/2022 Time: 9:22 AM User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Remote IP: 169.150.197.153 show less	Phishing Web Spam Exploited Host