abuseip.org
- Reason
- suspicious paths across 4 domains
- Hits (last hour)
- 45
- Unique targets hit
- 4
- Unique paths probed
- 80
- Detection count
- 9
- First seen
- 2026-05-26 00:00:46 UTC
- Last seen
- 2026-05-26 00:09:44 UTC
- Block expires
- 2026-05-27 00:59:26 UTC
Sample paths probed
- /wp-content/upgrade/wordpress-6.9.1-partial-0/wordpress/wp-includes/home.php
- /wp-includes/blocks/group/
- /wp-includes/certificates/
- /wp-includes/widgets/
- /css.php
- /wp-includes/Text/Diff/Engine/template-singl-portfolio.php
- /dev.ndmd.kn/wp-includes/js/tinymce/wp-tinymce.php
- /wp-includes/theme-compat/classwithtostring.php
- /wp-content/plugins/enhanced-text-widget1/analyst/src/403x.php
- /wp-includes/blocks/gallery/
- /wp-includes/block-supports/chosen.php
- /wp-content/languages/autoload_classmap.php
- /wp-admin/css/colors/midnight/
- /wp-admin/js/widgets/admin.php
- /wp-admin/css/colors/ectoplasm/
- /wp-includes/js/tinymce/wp-tinymce.php
- /wp-content/wppa-depot/wp-conflg.php
- /xxx.php
- /wp-includes/backup.php
- /wp-content/upgrade/wordpress-6.9.1-partial-0/wordpress/wp-admin/admin.php
Sample User-Agents
- Go-http-client/1.1
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.