abuseip.org
- Reason
- suspicious paths across 6 domains
- Hits (last hour)
- 108
- Unique targets hit
- 6
- Unique paths probed
- 211
- Detection count
- 25
- First seen
- 2026-07-08 01:09:43 UTC
- Last seen
- 2026-07-08 01:15:05 UTC
- Block expires
- 2026-07-09 02:09:42 UTC
Sample paths probed
- /admingui/version/Masthead.jsp?productNameSrc=http://d96p7tn25cps73dk4bdgk5wmygah71wpa.oast.site/test.jpg&productNameHeight=500&productNameWidth=500
- /index.php?option=com_myblog&Itemid=1&task=../../../../../../../../etc/passwd%00
- /web/dbredirect?redirect=https%3a%2f%2foast.me%2f
- /admingui/version/Masthead.jsp?productNameSrc=http://d96p7tn25cps73dk4bdg4sosc85ormsfg.oast.site/test.jpg&productNameHeight=500&productNameWidth=500
- /_next/static/../server/pages-manifest.json
- /dolibarr/adherents/cartes/carte.php?mode=cardlogin&foruserlogin=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&model=5160&optioncss=print
- /web/session/logout?redirect=https://oast.me
- /
- /web/session/logout?redirect=https%3a%2f%2foast.me%2f
- /admingui/version/Version?productNameSrc=http://d96p7tn25cps73dk4bdg13h7aazz1bh69.oast.site/test.jpg&productNameHeight=500&productNameWidth=500
- /redir.php?https://interact.sh
- /admingui/version/Masthead.jsp?productNameSrc=http://d96p7tn25cps73dk4bdgq3u6q6a89qtfc.oast.site/test.jpg&productNameHeight=500&productNameWidth=500
- /static?/%2557EB-INF/web.xml
- /concat?/%2557EB-INF/web.xml
- /index.php?option=com_svmap&controller=../../../../../../../etc/passwd%00
- /admingui/version/Version?productNameSrc=http://d96p7tn25cps73dk4bdg54izojid5ir71.oast.site/test.jpg&productNameHeight=500&productNameWidth=500
- /telaen/redir.php?https://interact.sh
- /wp-admin/admin.php?page=download_report&report=users&status=all
- /webmail/basic/?referer=https://interact.sh&_c=auth&ctz=120&signup_password&_a%5bsignup%5d=1
- /admingui/version/Version?productNameSrc=http://d96p7tn25cps73dk4bdgemkstidqwn954.oast.site/test.jpg&productNameHeight=500&productNameWidth=500
Sample User-Agents
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Edg/135.0.0.0
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.5 Safari/605.1.15
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15
- Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) obsidian/1.8.10 Chrome/132.0.6834.196 Electron/34.2.0 Safari/537.36
- Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0
- Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:136.0) Gecko/20100101 Firefox/136.0
- Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Safari/605.1.15
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Edg/134.0.0.0
- Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:137.0) Gecko/20100101 Firefox/137.0
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
- Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
- Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.