abuseip.org
- Reason
- suspicious paths across 1 domains
- Hits (last hour)
- 25
- Unique targets hit
- 4
- Unique paths probed
- 370
- Detection count
- 1
- First seen
- 2026-06-20 01:05:21 UTC
- Last seen
- 2026-06-20 01:24:30 UTC
- Block expires
- 2026-06-21 01:24:58 UTC
Sample paths probed
- /ecp/default.flt
- /webman/login.cgi
- /webSuite/login.aspx
- /dana/home/
- /diag.html?images/
- /GponForm/diag_Form?images/
- /cgi-bin/index.cgi
- /hax/..CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx
- /login.htm
- /vpn/../vpns/cfg/smb.conf
- /owa/auth/logon.aspx
- /rest/api/latest/application-properties
- /
- /vpns/portal.html
- /userportal/webpages/myaccount/login.jsp
- /tws/getStatus
- /WebVerifier/Login.aspx
- /status
- /App_Extensions/
- /_api/web/
Sample User-Agents
- Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)
- RootEvidence/1.0
What does this mean?
This address sent traffic that the redirs.com edge classified as automated abuse โ typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).
If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.