abuseip.org

home · sitemap

Public registry of IP addresses currently blocked by the redirs.com anycast edge for automated abuse — credential scanning, WordPress/PHP exploit probing, and mass-domain enumeration.

Blocked IPs: 1,117
Total recent hits: 194,276
Last refresh: 2026-05-02 00:24:44 UTC
Block duration: 24 hours from last detection

How to look up an IP

Visit https://abuseip.org/ip/<address>. For example: https://abuseip.org/ip/172.212.188.103.

The full list of blocked IPs is in the sitemap.

Bulk export

Machine-readable feeds, regenerated hourly:

/blocklist.txt — one IP per line, suitable for firewalls / fail2ban / ipset
/blocklist.json — full structured records (reason, hits, timestamps, sample paths)
/blocklist.xml — same data as XML

Customer hostnames are intentionally omitted from all exports.

Recent detections

83.118.176.122 — suspicious paths across 2 domains (254 hits)
185.177.72.11 — suspicious paths across 1 domains (117 hits)
143.20.37.61 — suspicious paths across 16 domains (205 hits)
203.175.125.141 — suspicious paths across 3 domains (70 hits)
107.174.35.154 — scanning 17 domains (812 hits)
34.154.213.61 — suspicious paths across 1 domains (67 hits)
145.220.91.19 — scanning 183 domains (183 hits)
172.212.217.10 — scanning 112 domains (1,949 hits)
172.190.142.176 — scanning 52 domains (3,493 hits)
92.118.39.29 — suspicious paths across 366 domains (366 hits)
138.246.253.24 — scanning 86 domains (86 hits)
20.220.233.65 — scanning 110 domains (4,043 hits)
72.167.150.128 — scanning 18 domains (32 hits)
88.151.197.173 — scanning 45 domains (2,201 hits)
130.12.180.144 — suspicious paths across 565 domains (569 hits)
167.71.226.156 — scanning 27 domains (45 hits)
176.65.148.161 — scanning 161 domains (252 hits)
85.11.167.165 — scanning 17 domains (34 hits)
159.100.13.237 — scanning 25 domains (38 hits)
20.151.131.235 — scanning 55 domains (2,447 hits)
104.28.214.113 — suspicious paths across 8 domains (50 hits)
107.172.58.36 — scanning 55 domains (110 hits)
198.251.71.113 — scanning 19 domains (32 hits)
107.173.39.104 — suspicious paths across 13 domains (169 hits)
64.204.142.32 — scanning 19 domains (946 hits)

Removal & contact

Blocks expire automatically 24 hours after the last detected hit. For false-positive reports email [email protected] with the IP and the relevant timestamps.