abuseip.org
- Reason
- suspicious paths across 3 domains
- Hits (last hour)
- 1,221
- Unique targets hit
- 4
- Unique paths probed
- 5,852
- Detection count
- 20
- First seen
- 2026-05-13 15:06:59 UTC
- Last seen
- 2026-05-13 16:17:53 UTC
- Block expires
- 2026-05-14 16:18:21 UTC
Sample paths probed
- /admin4.nsf
- /api/v1/pods/
- /test/cmd_realtime.php
- /nacos/v1/auth/users?pageNo=1&pageSize=9
- /config/databases.yml
- /*/_search
- /mifs/aad/api/v2/ping
- /package.json
- //content/usergenerated/watchTowr.1.json
- /api/endpoints?limit=100&start=0
- /databases.yml
- /v1/internal/ui/services
- /mifs/asfV3/api/v2/admins/users
- /
- /cacti/cmd_realtime.php
- /v1/auth/users?pageNo=1&pageSize=9
- /_all/_search
- /content/usergenerated/etc/commerce/smartlists/watchTowr.json
- /api/v1/namespaces/default/pods/db/log
- /domcfg.nsf
Sample User-Agents
- Mozilla/5.0 (watchTowr; Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0
- Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.