abuseip.org
- Reason
- suspicious paths across 1 domains
- Hits (last hour)
- 103
- Unique targets hit
- 1
- Unique paths probed
- 466
- Detection count
- 11
- First seen
- 2026-06-26 15:35:18 UTC
- Last seen
- 2026-06-26 15:43:46 UTC
- Block expires
- 2026-06-27 16:35:46 UTC
Sample paths probed
- /_next/static../settings.py
- /storage/%2e%2e/.htpasswd?
- /storage/%2e%2e/.htpasswd
- /etc/nginx/nginx.conf
- /storage..%5c.env
- /storage/%2e%2e/.htpasswd%23
- /.env
- /home/www-data/.ssh/id_rsa
- /root/.aws/credentials%23
- /_next/static../settings.py?
- /%2F.htaccess
- /root/.aws/credentials
- /storage..%5c.env%23
- /%2Fstorage..%5c.env
- /etc/nginx/%2Fnginx.conf
- /.env?
- /.env%23
- /etc/nginx/nginx.conf?
- /_next/static../settings.py%23
- /home/www-data/.ssh/id_rsa?
Sample User-Agents
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.7103.113 Safari/537.36
- Mozilla/5.0 (Linux; U; Android 14; en-US; SM-G991B) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 UCBrowser/15.4.8.1121 Mobile Safari/537.36
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.