abuseip.org
- Reason
- suspicious paths across 1 domains
- Hits (last hour)
- 24
- Unique targets hit
- 1
- Unique paths probed
- 49
- Detection count
- 1
- First seen
- 2026-06-20 10:27:46 UTC
- Last seen
- 2026-06-20 10:29:11 UTC
- Block expires
- 2026-06-21 10:41:31 UTC
Sample paths probed
- /alfa-rex.php
- /wp-admin/css/colors/blue/about.php
- /gawean.PhP7
- /404.php
- /worm0.PhP7
- /wp-config-sample.php
- /wp-admin/css/colors/coffee/index.php
- /alfanew.php
- /wp.php
- /wp-includes/plugins.php
- /wp-admin/x.php?action=768776e296b6f286f26796e2a72607e2972647
- /wp-blog.php
- /wp-includes/blocks/table/int/tmpl/index.php
- /alfa-rex.php7
- /wp-admin/js/about.php
- /yanz.php
- /wp-includes/themes.php
- /wp-includes/Requests/Text/admin.php
- /cjfuns.php
- /users.php
Sample User-Agents
No User-Agent recorded (likely scripted, no UA header).
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.