abuseip.org
- Reason
- suspicious paths across 1 domains
- Hits (last hour)
- 19
- Unique targets hit
- 1
- Unique paths probed
- 99
- Detection count
- 5
- First seen
- 2026-07-16 07:13:26 UTC
- Last seen
- 2026-07-16 07:30:10 UTC
- Block expires
- 2026-07-17 07:52:31 UTC
Sample paths probed
- /home/ubuntu/.aws/credentials
- /control/.env
- /root/.aws/config
- /root/.bash_history
- /config/session.php
- /etc/profile.d/aws.sh
- /config/cache.php
- /blogs/.env
- /etc/passwd
- /test2.php
- /.well-known/security.txt
- /appsettings.Production.json
- /resources/views
- /node_modules/.env
- /~/.aws/sso/cache/
- /docker-compose.override.yml
- /.gitlab-ci/.env
- /backup/.env
- /clients/.env
- /config/settings.py
Sample User-Agents
- curl/8.7.1
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.