abuseip.org

Sample paths probed

• /php-info.php
• /info
• /info.php_
• /phpbb/phpinfo.php
• /info.php
• /newinfo.php
• /info.php.bak
• /phpinfo.php.txt
• /phpinfo.php3
• /wp-json/gravitysmtp/v1/tests/mock-data
• /
• /admin/phpinfo.php
• /pageinfo.php
• /info.php.save.1
• /info.php.back
• /_info.php
• /info.php.1
• /siteinfo.php
• /test/info.php
• /release_info.php

Sample User-Agents

• Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0
• Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 Edg/132.0.0.0
• Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36
• Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
• Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0
• Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36
• curl/8.7.1
• Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
• Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1 Safari/605.1.15
• Mozilla/5.0 (compatible; INETDEX-BOT/2.1beta; +https://inetdex.com/bot.php)
• Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0

What does this mean?

This address sent traffic that the redirs.com edge classified as automated abuse — typically WordPress/PHP exploit scanning, credential file probing (.env, .git, .aws/), or mass-domain enumeration. The block is automatic and time-limited (24 hours from last detection).

If you believe this is a false positive, contact [email protected] with the IP and the timestamps above.