JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.253.246.55

5.253.246.55 was found in our database!

This IP was reported 155 times. Confidence of Abuse is 100%: ?

100%

ISP	Tube-Hosting
Usage Type	Data Center/Web Hosting/Transit
ASN	AS49581
Hostname(s)	tube-server.com
Domain Name	tube-hosting.com
Country	🇩🇪 Germany
City	Aachen, North Rhine-Westphalia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.253.246.55

Whois 5.253.246.55

IP Abuse Reports for 5.253.246.55:

This IP address has been reported a total of 155 times from 85 distinct sources. 5.253.246.55 was first reported on May 2nd 2022, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 macrob	2026-06-22 01:13:48 (1 hour ago)	2026/06/22 01:13:46 [error] 3377845#3377845: 321683040 access forbidden by rule, client: 5.253.246. ... show more 2026/06/22 01:13:46 [error] 3377845#3377845: 321683040 access forbidden by rule, client: 5.253.246.55, server: binixo.pl, request: "GET /wp-includes/about.php HTTP/2.0", host: "binixo.pl" 2026/06/22 01:13:46 [error] 3377845#3377845: 321683040 access forbidden by rule, client: 5.253.246.55, server: binixo.pl, request: "GET /wp-content/ HTTP/2.0", host: "binixo.pl" 2026/06/22 01:13:46 [error] 3377845#3377845: 321683042 access forbidden by rule, client: 5.253.246.55, server: binixo.pl, request: "GET /wp-content/plugins/dummyyummy/wp-signup.php HTTP/2.0", host: "binixo.pl" ... show less	Web App Attack
🇩🇪 maxpower	2026-06-22 01:07:55 (1 hour ago)	(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 5.253.246.55 (tube-server.com): 1 in the last ... show more (aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 5.253.246.55 (tube-server.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 5.253.246.55 - - [22/Jun/2026:03:07:53 +0200] "GET /lock360.php HTTP/2.0" 301 292 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "5.253.246.55" host=vorticitv.vortici.it show less	Port Scan
🇬🇧 andypiper	2026-06-22 01:01:51 (1 hour ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇷🇴 iulianh	2026-06-21 23:38:22 (2 hours ago)	80,443	Brute-Force SSH
🇩🇪 Ba-Yu	2026-06-21 21:50:06 (4 hours ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇵🇱 strefapi_com	2026-06-21 21:28:42 (4 hours ago)	Brute-force, web ...	Hacking Brute-Force Web App Attack
🇫🇷 AGEPCom	2026-06-21 20:47:52 (5 hours ago)	Smart-Ban: IP bannie via score AbuseIPDB	Brute-Force Web App Attack
Anonymous	2026-06-21 19:48:07 (6 hours ago)	[redacted]site 5.253.246.55 - - [21/Jun/2026:21:47:59 +0200] "GET /admin.php HTTP/2.0" 404 431229 "- ... show more [redacted]site 5.253.246.55 - - [21/Jun/2026:21:47:59 +0200] "GET /admin.php HTTP/2.0" 404 431229 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" [redacted]site 5.253.246.55 - - [21/Jun/2026:21:48:00 +0200] "GET /wp-content/admin.php HTTP/2.0" 404 431229 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" [redacted]site 5.253.246.55 - - [21/Jun/2026:21:48:00 +0200] "GET /wp-admin/images/admin.php HTTP/2.0" 404 152031 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" [redacted]site 5.253.246.55 - - [21/Jun/2026:21:48:00 +0200] "GET /adminfuns.php HTTP/2.0" 404 431229 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" [redacted]site 5.253.246.55 - - [21/Jun/2026:21:48:00 +0200] "GET /wp-admin/css/ HTTP/2.0" 404 196 "-" "Mo ... show less	Hacking Web App Attack
🇫🇷 rellik	2026-06-21 18:55:00 (7 hours ago)	Brute Force Scanning Critical Directories	Hacking Brute-Force Web App Attack
🇮🇹 NonOggiCaroMio	2026-06-21 18:21:31 (8 hours ago)	Arruso ca si: crowdsecurity/http-admin-interface-probing	Brute-Force
🇱🇻 garmtech.com	2026-06-21 16:54:25 (9 hours ago)	Attempted access to sensitive endpoint (/wp-content/admin.php) detected. Automated scan or unauthori ... show more Attempted access to sensitive endpoint (/wp-content/admin.php) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇬🇷 setupgr	2026-06-21 16:18:01 (10 hours ago)	(mod_security) mod_security (id:1000001) triggered by 5.253.246.55 (NL/The Netherlands/Limburg/Eygel ... show more (mod_security) mod_security (id:1000001) triggered by 5.253.246.55 (NL/The Netherlands/Limburg/Eygelshoven/-/[AS49581 FERDINANDZINK]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sun Jun 21 19:17:58.210247 2026] [security2:error] [pid 1109141:tid 1109316] [client 5.253.246.55:51807] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/wp-content/admin.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "93"] [id "1000001"] [msg "Bad file blocked: /wp-content/admin.php"] [severity "CRITICAL"] [tag "security"] [hostname "pankoskal.gr"] [uri "/wp-content/admin.php"] [unique_id "ajgOtiXd52GCp6daGPr8oAAAAM8"] show less	Port Scan
🇩🇪 Gwyneth Llewelyn	2026-06-21 16:03:58 (10 hours ago)	5.253.246.55 - - [21/Jun/2026:17:03:56 +0100] "GET /cgi-bin/index.php HTTP/2.0" 404 1064 "-" "Mozill ... show more 5.253.246.55 - - [21/Jun/2026:17:03:56 +0100] "GET /cgi-bin/index.php HTTP/2.0" 404 1064 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Bad Web Bot
Anonymous	2026-06-21 15:34:52 (10 hours ago)	PAD: Scan_404,Scan_Exploit!,Scan_Well_Known! detected	Hacking
🇩🇪 ger-stg-sifi1	2026-06-21 15:14:26 (11 hours ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack

Showing 1 to 15 of 155 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.213.87.240

🇳🇱 204.76.203.36

🇬🇧 192.166.209.99

🇺🇸 65.49.1.163

🇺🇸 65.49.1.153

🇺🇸 64.62.197.61

🇮🇩 2404:c0:be01:5b47:641d:1ca8:2fcf:6840

🇧🇷 205.210.31.175

🇦🇷 190.220.172.154

🇺🇸 172.58.252.69

🇳🇱 91.92.40.12

🇨🇭 86.119.41.177

🇺🇸 68.131.37.10

🇨🇳 58.210.7.34

🇺🇸 47.134.248.57

🇺🇸 43.166.215.141

🇳🇱 34.178.21.247

🇺🇸 20.55.2.194

🇱🇹 216.132.188.48

🇧🇪 198.235.24.253