Guardian - AbuseIPDB User Profile

Check an IP Address, Domain Name, or Subnet

e.g. 18.206.14.36, microsoft.com, or 5.188.10.0/24

User Guardian joined AbuseIPDB in February 2022 and has reported 5,542 IP addresses.

Standing (weight) is good.

ACTIVE USER WEBMASTER

IP	Date	Comment	Categories
209.97.161.119	50 minutes ago	Multi abuses [2]: Unauthorized connection attempt / Port scanning, Unauthorized attempt to remote co ... show moreMulti abuses [2]: Unauthorized connection attempt / Port scanning, Unauthorized attempt to remote code execution (Ignition) 209.97.161.119 [05/Jul/2022:05:51:11] "GET /invoker/readonly HTTP/1.1" 209.97.161.119 [05/Jul/2022:05:51:12] "GET /_ignition/execute-solution HTTP/1.1" show less	Port Scan Web App Attack
172.104.42.214	1 hour ago	Unauthorized connection attempt / Port scanning (x3) 172.104.42.214 [05/Jul/2022:04:56:22] "GE ... show moreUnauthorized connection attempt / Port scanning (x3) 172.104.42.214 [05/Jul/2022:04:56:22] "GET / HTTP/1.1" 172.104.42.214 [05/Jul/2022:04:56:23] "GET //feed/ HTTP/1.1" 172.104.42.214 [05/Jul/2022:04:56:23] "GET //xmlrpc.php?rsd HTTP/1.1" show less	Port Scan Web App Attack
20.102.57.178	2 hours ago	Unauthorized attempt to retrieve configuration file 20.102.57.178 [05/Jul/2022:04:30:04] "GET ... show moreUnauthorized attempt to retrieve configuration file 20.102.57.178 [05/Jul/2022:04:30:04] "GET /.env HTTP/1.1" show less	Port Scan Web App Attack
64.62.197.152	2 hours ago	Unauthorized connection attempt to SMTP Relay	Spoofing Brute-Force
71.6.146.185	2 hours ago	Unauthorized connection attempt to SMTP Relay	Spoofing Brute-Force
192.241.222.79	4 hours ago	Remote code execution vulnerability affecting Microsoft Exchange server 192.241.222.79 [05/Jul ... show moreRemote code execution vulnerability affecting Microsoft Exchange server 192.241.222.79 [05/Jul/2022:01:52:36] "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" show less	Port Scan Web App Attack
119.188.125.179	5 hours ago	Unauthorized connection attempt to SMTP Relay	Spoofing Brute-Force
192.241.219.213	5 hours ago	Remote code execution vulnerability affecting Microsoft Exchange server 192.241.219.213 [05/Ju ... show moreRemote code execution vulnerability affecting Microsoft Exchange server 192.241.219.213 [05/Jul/2022:01:29:21] "GET /owa/auth/logon.aspx HTTP/1.1" show less	Port Scan Web App Attack
192.241.223.66	5 hours ago	Remote code execution vulnerability affecting Microsoft Exchange server 192.241.223.66 [05/Jul ... show moreRemote code execution vulnerability affecting Microsoft Exchange server 192.241.223.66 [05/Jul/2022:01:27:18] "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" show less	Port Scan Web App Attack
192.241.213.124	5 hours ago	Unauthorized connection attempt to SMTP Relay	Spoofing Brute-Force
45.144.154.10	7 hours ago	Multi abuses [2]: Unauthorized attempt to retrieve configuration file, Unauthorized connection attem ... show moreMulti abuses [2]: Unauthorized attempt to retrieve configuration file, Unauthorized connection attempt / Port scanning 45.144.154.10 [04/Jul/2022:23:13:35] "GET /.env HTTP/1.1" 45.144.154.10 [04/Jul/2022:23:13:35] "POST / HTTP/1.1" show less	Port Scan Web App Attack
40.67.229.30	8 hours ago	Multi abuses [2]: Unauthorized attempt to retrieve configuration file, Unauthorized connection attem ... show moreMulti abuses [2]: Unauthorized attempt to retrieve configuration file, Unauthorized connection attempt / Port scanning 40.67.229.30 [04/Jul/2022:21:54:50] "GET /.env HTTP/1.1" 40.67.229.30 [04/Jul/2022:21:54:50] "POST / HTTP/1.1" show less	Port Scan Web App Attack
142.190.29.10	10 hours ago	Unauthorized connection attempt to SMTP Relay	Spoofing Brute-Force
2.56.57.117	10 hours ago	Unauthorized attempt to retrieve configuration file 2.56.57.117 [04/Jul/2022:19:59:27] "GET /. ... show moreUnauthorized attempt to retrieve configuration file 2.56.57.117 [04/Jul/2022:19:59:27] "GET /.env HTTP/1.1" show less	Port Scan Web App Attack
180.252.123.194	10 hours ago	Scanning for installed WordPress and vulnerabilities 180.252.123.194 [04/Jul/2022:19:56:14] "G ... show moreScanning for installed WordPress and vulnerabilities 180.252.123.194 [04/Jul/2022:19:56:14] "GET /wp-login.php HTTP/1.1" show less	Port Scan Web App Attack
103.203.57.26	10 hours ago	Unauthorized connection attempt to SMTP Relay	Spoofing Brute-Force
178.159.242.182	11 hours ago	Scanning for installed WordPress and vulnerabilities 178.159.242.182 [04/Jul/2022:19:30:24] "G ... show moreScanning for installed WordPress and vulnerabilities 178.159.242.182 [04/Jul/2022:19:30:24] "GET /wp-login.php HTTP/1.1" show less	Port Scan Web App Attack
124.222.157.60	13 hours ago	Unauthorized connection attempt to SMTP Relay	Spoofing Brute-Force
212.192.246.113	15 hours ago	Scanning for installed WordPress and vulnerabilities 212.192.246.113 [04/Jul/2022:15:30:51] "G ... show moreScanning for installed WordPress and vulnerabilities 212.192.246.113 [04/Jul/2022:15:30:51] "GET /wp-config.php-backup HTTP/1.1" show less	Port Scan Web App Attack
165.154.44.158	15 hours ago	Unauthorized connection attempt to SMTP Relay	Spoofing Brute-Force
51.210.251.22	15 hours ago	Scanning for installed WordPress and vulnerabilities 51.210.251.22 [04/Jul/2022:14:55:45] "GET ... show moreScanning for installed WordPress and vulnerabilities 51.210.251.22 [04/Jul/2022:14:55:45] "GET /wp-login.php HTTP/1.1" show less	Port Scan Web App Attack
180.76.179.193	15 hours ago	Unauthorized connection attempt to SMTP Relay	Spoofing Brute-Force
121.4.238.122	16 hours ago	Multi abuses [2]: Unauthorized connection attempt / Port scanning, Scanning for installed WordPress ... show moreMulti abuses [2]: Unauthorized connection attempt / Port scanning, Scanning for installed WordPress and vulnerabilities 121.4.238.122 [04/Jul/2022:14:34:42] "HEAD / HTTP/1.1" 121.4.238.122 [04/Jul/2022:14:34:43] "GET /wp-login.php HTTP/1.1" show less	Port Scan Web App Attack
221.2.163.231	16 hours ago	Unauthorized connection attempt to SMTP Relay	Spoofing Brute-Force
2.56.58.71	17 hours ago	Unauthorized connection attempt to SMTP Relay	Spoofing Brute-Force