JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.255.104.192

5.255.104.192 was found in our database!

This IP was reported 74 times. Confidence of Abuse is 100%: ?

100%

ISP	The Infrastructure Group B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60404
Domain Name	theinfrastructure.group
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.255.104.192

Whois 5.255.104.192

IP Abuse Reports for 5.255.104.192:

This IP address has been reported a total of 74 times from 46 distinct sources. 5.255.104.192 was first reported on June 21st 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ger-stg-sifi1	2026-06-22 13:21:38 (2 hours ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 agenciahypelab.com.br	2026-06-22 12:52:13 (3 hours ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH
Anonymous	2026-06-22 10:37:26 (5 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 5.255.104.192 (-)	SQL Injection
🇺🇸 interbiznw.com	2026-06-22 09:50:44 (6 hours ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 apislytics	2026-06-22 09:29:26 (6 hours ago)	Automatic hard ban after repeated rate-limit abuse	Brute-Force
Anonymous	2026-06-22 09:26:02 (6 hours ago)	5.255.104.192 - - [22/Jun/2026:11:26:02 +0200] "GET /wp-content/ HTTP/1.1" 301 169 "-" "Mozilla/5.0 ... show more 5.255.104.192 - - [22/Jun/2026:11:26:02 +0200] "GET /wp-content/ HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" show less	Web App Attack
🇩🇪 webanyone	2026-06-22 09:15:33 (7 hours ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
Anonymous	2026-06-22 08:59:11 (7 hours ago)	Date: 2026/06/22 17 59 11 URI: http://compet.kr/.env	Web App Attack
🇩🇪 webanyone	2026-06-22 08:45:35 (7 hours ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇫🇷 masterguru	2026-06-22 08:19:12 (8 hours ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 5.255.104.192 (NL/The Netherlands/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 5.255.104.192 (NL/The Netherlands/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-22 07:57:14 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.104.192 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 5.255.104.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 03:57:09.274721 2026] [security2:error] [pid 2633:tid 2633] [client 5.255.104.192:6598] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.captainquirks.com"] [uri "/.env"] [unique_id "ajjq1cEWLfVCc_SXAfVUxgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-22 07:24:28 (8 hours ago)	1.131 requests with url.path credentials.json 522 requests with url.path .git/* 341 requests wi ... show more 1.131 requests with url.path credentials.json 522 requests with url.path .git/* 341 requests with url.path config.json 139 requests with url.path secrets.json show less	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-22 07:11:31 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.104.192 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 5.255.104.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 03:11:28.363165 2026] [security2:error] [pid 18632:tid 18632] [client 5.255.104.192:37776] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.itbmsinc.com"] [uri "/.env.local"] [unique_id "ajjgIA83Z80uInDppcTEvwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 06:35:54 (9 hours ago)	(mod_security) mod_security (id:210730) triggered by 5.255.104.192 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 5.255.104.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 02:35:49.188157 2026] [security2:error] [pid 11284:tid 11284] [client 5.255.104.192:62764] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|qwixel.bridgital.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "qwixel.bridgital.com"] [uri "/wp-content/debug.log"] [unique_id "ajjXxY_sj8soN_X0n68BeAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-22 05:59:03 (10 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 127	Exploited Host Web App Attack

Showing 1 to 15 of 74 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 192.140.28.61

🇺🇸 91.230.168.233

🇭🇰 45.192.184.50

🇺🇸 3.87.27.156

🇨🇳 222.129.37.92

🇷🇴 193.32.162.84

🇳🇮 186.77.198.69

🇪🇨 186.3.164.78

🇳🇱 185.242.226.97

🇨🇳 123.245.85.50

🇹🇼 111.70.1.128

🇧🇬 91.92.199.36

🇺🇸 64.62.156.222

🇳🇱 45.148.10.151

🇨🇳 8.134.124.8

🇲🇽 187.216.224.85

🇺🇸 161.35.10.187

🇦🇺 149.167.185.251

🇸🇬 139.99.38.177

🇨🇳 117.176.122.57