abuseip.org
- Reason
- suspicious paths across 1 domains
- Hits (last hour)
- 60
- Unique targets hit
- 1
- Unique paths probed
- 87
- Detection count
- 5
- First seen
- 2026-06-02 12:22:20 UTC
- Last seen
- 2026-06-02 12:22:57 UTC
- Block expires
- 2026-06-03 13:03:37 UTC
Sample paths probed
- /xex.php
- /wp-includes/blocks/comments-pagination-numbers/
- /wp-content/plugins/contact-form-7/wp-contact-form-7.php
- /wp-includes/assets/a1cord.php
- /wp-includes/js/jcrop/
- /wp-includes/fonts/ty.php
- /wp-content/themes/wp_theme_ahewl/shell.php
- /wp-includes/blocks/comment-edit-link/
- /wp-includes/certificates/ty.php
- /wp-includes/PHPMailer/tx20.php
- /wp-includes/Requests/zxasd.php
- /wp-includes/buy.php
- /wp-content/plugins/wp_helper_avcdl/shell.php
- /wp-content/themes/spacious-pro/js/theia-sticky-sidebar/
- /wp-content/plugins/wp_helper_bimfl/shell.php
- /wp-includes/theme-compat/database.php
- /wp-content/plugins/wp_helper_rrvvo/shell.php
- /wp-includes/css/ty.php
- /wp-content/edit-wolf.php
- /wp-includes/theme-compat/sql.php
Sample User-Agents
- Go-http-client/1.1
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.