abuseip.org
- Reason
- suspicious paths across 1 domains
- Hits (last hour)
- 103
- Unique targets hit
- 1
- Unique paths probed
- 442
- Detection count
- 11
- First seen
- 2026-06-26 15:29:07 UTC
- Last seen
- 2026-06-26 15:42:49 UTC
- Block expires
- 2026-06-27 16:30:45 UTC
Sample paths probed
- //admin/upload
- //dana-na/auth/url_default/welcome.cgi
- /configuration.php?
- /.env
- /uploads%252e%252e%252f%252e%252e%252fetc/passwd?
- /.aws/%2Fcredentials
- /.env.bak%23
- /uploads%252e%252e%252f%252e%252e%252fetc/passwd%23
- /configuration.php%23
- /.env.backup%23
- /uploads%252e%252e%252f%252e%252e%252fetc/passwd
- //api/attachment
- //api/file/upload
- /uploads../config/database.yml
- /.env.backup
- /configuration.php
- //admin/
- /.env.bak
- /.env.backup?
- //upload
Sample User-Agents
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.7103.113 Safari/537.36
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.7103.113 Safari/537.36
- Mozilla/5.0 (Linux; U; Android 14; en-US; SM-G991B) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 UCBrowser/15.4.8.1121 Mobile Safari/537.36
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Edg/126.0.0.0
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.