sondwich - AbuseIPDB User Profile

JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

User sondwich joined AbuseIPDB in April 2026 and has reported 7 IP addresses.

Standing (weight) is good.

INACTIVE USER

IP	Date	Comment	Categories
🇵🇱 195.164.49.71	19 May 2026	Automated exploit attempt targeting Yonyou NC MessageServlet RCE vulnerability via POST /servlet/~ba ... show more Automated exploit attempt targeting Yonyou NC MessageServlet RCE vulnerability via POST /servlet/~baseapp/nc.message.bs.NCMessageServlet. Host target: ocena360.mpwik.ibd.pl show less	Hacking Web App Attack
🇩🇪 216.25.126.22	19 May 2026	Automated exploit attempt targeting Yonyou NC MessageServlet RCE vulnerability via POST /servlet/~ba ... show more Automated exploit attempt targeting Yonyou NC MessageServlet RCE vulnerability via POST /servlet/~baseapp/nc.message.bs.NCMessageServlet. Host target: form.cpa.gov.pl show less	Hacking Web App Attack
🇵🇱 195.164.49.73	07 May 2026	Observed exploitation attempt for CVE-2025-31324 (SAP NetWeaver RCE). Request: POST /developmentserv ... show more Observed exploitation attempt for CVE-2025-31324 (SAP NetWeaver RCE). Request: POST /developmentserver/metadatauploader?CONTENTTYPE=MODEL&CLIENT=1 HTTP/1.1. show less	Hacking Exploited Host Web App Attack
🇵🇱 195.164.49.70	30 Apr 2026	Observed suspicious POST request to non-existent or sensitive endpoint /servlet/FileReceiveServlet. ... show more Observed suspicious POST request to non-existent or sensitive endpoint /servlet/FileReceiveServlet. The request triggered a PHP warning: "Missing boundary in multipart/form-data", which often indicates a malformed automated exploit attempt or a vulnerability scan (file upload attack). Client IP: 195.164.49.70. show less	Exploited Host Web App Attack
🇩🇪 46.101.96.136	30 Apr 2026	Bot targeting vulnerable CGI endpoints for firmware upload exploitation. Request: POST /cgi-bin/quic ... show more Bot targeting vulnerable CGI endpoints for firmware upload exploitation. Request: POST /cgi-bin/quick/quick.cgi?func=switch_os&todo=uploaf_firmware_image. Host: ankieta.warta.pl. PHP Warning: File Upload Mime headers garbled. show less	Exploited Host Web App Attack
🇺🇸 159.203.91.15	30 Apr 2026	Bot searching for vulnerable CGI endpoints. Request: POST /cgi-bin/quick/quick.cgi?func=switch_os&to ... show more Bot searching for vulnerable CGI endpoints. Request: POST /cgi-bin/quick/quick.cgi?func=switch_os&todo=uploaf_firmware_image. PHP Warning: File Upload Mime headers garbled. show less	Exploited Host Web App Attack
🇵🇱 195.164.49.69	30 Apr 2026	Unauthorized POST request to sensitive endpoint: POST /development server/metadata uploader?CONTENT ... show more Unauthorized POST request to sensitive endpoint: POST /development server/metadata uploader?CONTENT TYPE=MODEL CLIENT=1 HTTP/1.1. Potential reconnaissance or exploitation attempt targeting development infrastructure. show less	Web App Attack