abuseip.org
- Reason
- scanning 56 domains
- Hits (last hour)
- 2,744
- Unique targets hit
- 56
- Unique paths probed
- 2,205
- Detection count
- 12
- First seen
- 2026-05-13 04:45:17 UTC
- Last seen
- 2026-05-13 04:52:51 UTC
- Block expires
- 2026-05-14 05:42:01 UTC
Sample paths probed
- /.ssh/known_hosts
- /.supabase/
- /api/application
- /api/v1/namespaces/default/pods/log
- /.dbeaver/credentials-config.json
- /de/finden-sie-unternehmensdaten-fuer-fundierte-geschaeftsentscheidungen-6968009/
- /api/v1/namespaces/kube-system/configmaps
- /api/v1/projects
- /api/v1/persistentvolumes
- /.svn/
- /api2/json/cluster/config
- /.drone.yml
- /apis/argoproj.io/v1alpha1/rollouts
- /api/v0/eventfeed
- /
- /api/v1/configmaps
- /.terraform.lock.hcl
- /api/v1/dns/nameservers
- /api2/json/cluster/resources
- /+CSCOE+/logon.html
Sample User-Agents
- Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/618.31.14 (KHTML, like Gecko) Version/17.7 Safari/618.31.14
- Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0
- Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
- Mozilla/5.0 (Fedora; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0
- Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
- Mozilla/5.0 (Knoppix; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0
- Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
- Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
- Mozilla/5.0 (ZZ; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0
- Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
- Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0
- Mozilla/5.0 (Macintosh; Intel Mac OS X 14.1) AppleWebKit/616.8 (KHTML, like Gecko) Version/17.2.12 Safari/616.8
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.2 Mobile/15E148 Safari/604.1
- Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
- Mozilla/5.0 (Macintosh; Intel Mac OS X 14_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.153183
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36
- Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:86.0) Gecko/20100101 Firefox/86.0
- Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
- Mozilla/5.0 (Ubuntu; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0
- Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.