abuseip.org
- Reason
- suspicious paths across 1 domains
- Hits (last hour)
- 32
- Unique targets hit
- 1
- Unique paths probed
- 429
- Detection count
- 4
- First seen
- 2026-06-16 09:55:58 UTC
- Last seen
- 2026-06-16 10:56:06 UTC
- Block expires
- 2026-06-17 10:56:34 UTC
Sample paths probed
- /sites/all/modules/avatar_uploader/lib/demo/view.php?file=../../../../../../../../../../../etc/passwd
- /api/filemanager?path=%2F..%2f..%2fContent
- /assets/file:%2f%2f/etc/passwd
- /tarantella/cgi-bin/secure/ttawlogin.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd
- /include/downmix.inc.php
- /.../.../.../.../.../.../.../.../.../windows/win.ini
- /LetsEncrypt/Index?fileName=/etc/passwd
- /webtools/control/httpService
- /debug/pprof/
- /tag_test_action.php?url=a&token&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}echo%20md5%28%22CVE-2018-7700%22%29%3B{/dede:field}
- /_next/../../../../../../../../../etc/passwd
- /solr/admin/cores?wt=json
- /..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd
- /
- /debug/pprof/goroutine?debug=1
- //css//..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows\win.ini
- /_s_/dyn/Log_highlight?href=../../../../windows/win.ini&n=1
- /index.php?option=com_jtagmembersdirectory&task=attachment&download_file=../../../../../../../../../../../etc/passwd
- /imcat/root/tools/adbug/binfo.php?phpinfo1
- /XMLCHART
Sample User-Agents
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.