abuseip.org
- Reason
- suspicious paths across 1 domains
- Hits (last hour)
- 20
- Unique targets hit
- 1
- Unique paths probed
- 578
- Detection count
- 22
- First seen
- 2026-07-11 11:20:31 UTC
- Last seen
- 2026-07-11 12:20:43 UTC
- Block expires
- 2026-07-12 12:20:51 UTC
Sample paths probed
- /login_ok.htm
- /streams/v1/polyaxon/default/s/runs/%2e%2e/artifact?stream=true&path=../../../../etc/passwd
- /assets/../../.HTTP/HTTP.db
- /cgi-bin/supervisor/Factory.cgi
- /hx/resources/public/$SCHEMAS$?Filename=c%3a%5cwindows%5cwin.ini
- /listing?cat=6&filter=1&job-type=1&keywords=Mr.&location=1&order=desc&placeid=US&placetype=country&range1=1&range2=1)%20AND%20(SELECT%201864%20FROM%20(SELECT(SLEEP(6)))gOGh)%20AND%20(6900=6900&salary-type=1&sort=id&subcat
- /api/v1/apikey?/api/v1/ping
- /trufusionPortal/jsp/internal_admin_contact_login.jsp
- /app/modules/ut-cac/admin/cli.php
- /druid/indexer/v1/sampler?for=connect
- /Doc/WebLogin.asp
- /__weave/file/tmp/weave/fs/../../../etc/passwd
- /
- /api/query
- /index.php?mod=textviewer&src=file:///etc/passwd
- /getcfg.php?a=%0A_POST_SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1'
- /controlloLogin.js
- /C6/Jhsoft.Web.departments/GetTreeDate.aspx/?id=1;WAITFOR+DELAY+'0:0:6'--
- /tcp.php
- /.webui/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini
Sample User-Agents
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.