JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.189.184.133

5.189.184.133 was found in our database!

This IP was reported 358 times. Confidence of Abuse is 100%: ?

100%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi3238721.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.189.184.133

Whois 5.189.184.133

IP Abuse Reports for 5.189.184.133:

This IP address has been reported a total of 358 times from 235 distinct sources. 5.189.184.133 was first reported on April 18th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇿🇦 slartybartfast69420blazit	2026-06-20 20:42:07 (4 hours ago)	Fail2ban picked up 5.189.184.133 attacking nginx	Web App Attack
🇿🇦 slartybartfast69420blazit	2026-06-18 20:43:21 (2 days ago)	Fail2ban picked up 5.189.184.133 attacking nginx	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-16 22:04:14 (4 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-15. show less	Web App Attack SSH Hacking
🇿🇦 slartybartfast69420blazit	2026-06-16 20:44:04 (4 days ago)	Fail2ban picked up 5.189.184.133 attacking nginx	Web App Attack
🇲🇽 octageeks.com	2026-06-16 04:06:12 (4 days ago)	Wordpress malicious attack:[sshd]	Web App Attack
🇩🇪 tentwentyfour	2026-06-15 17:14:21 (5 days ago)	Blocked for probing for sensitive web application components	Brute-Force Web App Attack
🇳🇱 wlt-blocker	2026-06-15 17:07:50 (5 days ago)	Unauthorized access to webpage admin	Web App Attack
🇩🇪 onlyops.app	2026-06-15 15:00:04 (5 days ago)	Web application firewall (ModSecurity) detected malicious traffic \| detected by Fail2Ban (plesk-mods ... show more Web application firewall (ModSecurity) detected malicious traffic \| detected by Fail2Ban (plesk-modsecurity jail) \| onlyops.app show less	Exploited Host
🇳🇱 e.fierstra	2026-06-15 14:52:23 (5 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇧🇷 diego	2026-06-15 13:35:19 (5 days ago)	[probe-168-134] 2026-06-15 13:18:41, Client: 5.189.184.133, Protocol: 6, Unauthorized activity to HT ... show more [probe-168-134] 2026-06-15 13:18:41, Client: 5.189.184.133, Protocol: 6, Unauthorized activity to HTTP: GET /api/.env show less	Web App Attack
🇬🇧 consul.to	2026-06-15 13:13:19 (5 days ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 4server	2026-06-15 09:45:31 (5 days ago)	[MonJun1511:45:26.2191172026][security2:error][pid4004237:tid4004308][client5.189.184.133:0]ModSecur ... show more [MonJun1511:45:26.2191172026][security2:error][pid4004237:tid4004308][client5.189.184.133:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"subitotraslochi.ch\"][uri\"/app2/.env\"][unique_id\"ai_JtkGRoLEUZl5PPJtxKgAAAIo\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-06-15 09:33:24 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 127	Exploited Host Web App Attack
🇩🇪 todix	2026-06-15 09:17:06 (5 days ago)	Web App Attack Exploid from 5.189.184.133	Web App Attack
🇬🇧 Yosi	2026-06-15 09:00:51 (5 days ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force

Showing 1 to 15 of 358 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.219

🇧🇷 177.77.149.128

🇺🇦 159.224.132.77

🇩🇪 149.102.230.119

🇹🇷 82.153.241.210

🇰🇿 81.88.144.7

🇺🇸 64.62.197.37

🇰🇷 220.77.214.59

🇨🇳 218.0.56.30

🇧🇷 205.210.31.253

🇧🇷 205.210.31.243

🇧🇷 205.210.31.240

🇰🇪 197.248.34.233

🇬🇧 195.206.182.217

🇨🇴 190.90.80.205

🇲🇽 187.246.21.203

🇬🇧 185.247.137.95

🇫🇮 178.20.210.208

🇸🇪 171.25.158.80

🇳🇱 160.119.76.51