abuseip.org
- Reason
- scanning 58 domains
- Hits (last hour)
- 164
- Unique targets hit
- 357
- Unique paths probed
- 169
- Detection count
- 13
- First seen
- 2026-06-26 05:11:47 UTC
- Last seen
- 2026-06-26 05:21:42 UTC
- Block expires
- 2026-06-27 06:13:22 UTC
Sample paths probed
- /_next/static/chunks/f607c27597bbbc40.js
- /javascript/NLUtil.jsp?JSP_VER=1&skin=refreshed&NS_VER=2026.1&minver=15&locale=en_US&buildver=30058
- /pms?module=logging&file_name=../../../../../../~/.aws/credentials&number_of_lines=10000
- /_next/static/chunks/413-958d2df9782226fb.js
- /ui/jquery/jquery_isolation.js?NS_VER=2026.1&minver=15
- /.env
- /blog.env
- /assets/vendor/swiper/swiper-bundle.min.js
- /sites/default/files/js/js_NDnrl2J4i9oM52oUjuPzZyqVtxo7TG1qZl6tMi4R2b4.js?scope=footer&delta=10&language=en&theme=openy_carnation&include=eJxdj0FyAyEMBD-Ew5NUAyhArEWUYJPw-6zX3oNz6ZrW6CAlTAgWmw9c8F3VhsuqWZgmss8H_vsHvvD7PtycBAqGFgsV3W1QEI334Z8yNWE9ViaCsD858OO0c1sUYQ2zavNZNEBuYy6pLV_1nVOdav7U26Wvtnz6K1Dmxlbjq2mamCBs0590iyT4wkhsz7yhNrei6J5IF-09YfLwcR9TN7e2COrHHdT1ARiyoRcv9fjU1h-OTHtP
- /application/.env
- /
- /_static/??-eJyVjFsKgCAQAC+UbkkYfkRnMRVJ1get5vWzI/Q1MDADvTCTU3WpwonZs4LNX4mg59tqS8ygJnIEYShdkT2CB5rgR2ZigUd84GdLFt0YHHFfNqnkrNQqwgsCei/Y
- /assets/vendor/isotope-layout/isotope.pkgd.min.js
- /_assets/1110-82427eca3661f95d.js
- /admin/config?cmd=cat+/root/.aws/credentials
- /api/.env
- /wp-content/.env
- /sites/default/files/js/js_wBxZCKjs5NscZNssKe7fxDMV4A5d4BWt0J_KUtX2RYg.js?scope=footer&delta=8&language=en&theme=openy_carnation&include=eJxlkO1uwyAMRV-I1I9kGeJRrw6OwEnHnn75WCa1-3N17jEC5Kj03SGK3eiTvkI08-aVZmzelRuQtVvlyZzDSE5KnStEvtMqVlvIZlkZnTLkLd77eemLnILGDaMyHNnoGWzm0jFRLeRiBbJaJB32L0jJ1_jBo7hVOOpw1d9psZGRlKvDkWEVfjaU8iFFnLGlaqpw2OGyw2nDdpBXLg4qzfcXO2qEO9PI9eSJpByEO-HEZcHkhFEtPeCPQk9qy4jWcZm3fW0L_Gd-AKZbkS0
- /.env.local
- /_next/static/chunks/0ghbiq09bm1h~.js?dpl=dpl_3pbTCWqQiNM4YCaVkdbGksKnRGTy
Sample User-Agents
- Mozilla/5.0
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.