abuseip.org
- Reason
- suspicious paths across 1 domains
- Hits (last hour)
- 85
- Unique targets hit
- 1
- Unique paths probed
- 886
- Detection count
- 12
- First seen
- 2026-07-17 15:45:26 UTC
- Last seen
- 2026-07-17 15:53:12 UTC
- Block expires
- 2026-07-18 16:47:13 UTC
Sample paths probed
- /.aws/credentials.zip
- /.aws/config.bak
- /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings
- /.aws/credentials.ini
- /.aws/credentials.tar.gz
- /.aws/credentials.yml
- /.aws/config.old
- /.aws/credentials.save
- /.aws/credentials.bak
- /.aws/credentials.yaml
- /.aws/credentials.json
- /.aws/credentials.txt
- /.aws/credentials.php
- /.aws/credentials.swp
- /.aws/credentials.old
- /.aws/credentials.dist
- /.aws/credentials.xml
- /.aws/credentials.backup
- /.aws/credentials~
- /.aws/credentials.orig
Sample User-Agents
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
- curl/8.7.1
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.