JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.255.107.76

5.255.107.76 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 100%: ?

100%

ISP	The Infrastructure Group B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60404
Domain Name	theinfrastructure.group
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.255.107.76

Whois 5.255.107.76

IP Abuse Reports for 5.255.107.76:

This IP address has been reported a total of 48 times from 35 distinct sources. 5.255.107.76 was first reported on June 26th 2026, and the most recent report was 47 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-29 05:03:55 (47 minutes ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-196)	Hacking Web App Attack
🇩🇪 4server	2026-06-29 04:48:17 (1 hour ago)	[MonJun2906:48:14.5866032026][security2:error][pid2520145:tid2520254][client5.255.107.76:0]ModSecuri ... show more [MonJun2906:48:14.5866032026][security2:error][pid2520145:tid2520254][client5.255.107.76:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"titraslochi.ch\"][uri\"/.git/HEAD\"][unique_id\"akH5DkOysmWWWTzWgnLMQQAAAJg\"] show less	Port Scan Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-29 04:19:51 (1 hour ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 Apache	2026-06-28 20:36:07 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.107.76 (-): 5 in the last 300 secs (CF_EN ... show more (mod_security) mod_security (id:210492) triggered by 5.255.107.76 (-): 5 in the last 300 secs (CF_ENABLE) show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 19:49:05 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.107.76 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.107.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 15:48:59.469311 2026] [security2:error] [pid 32287:tid 32287] [client 5.255.107.76:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.nyemdr.org"] [uri "/.git/HEAD"] [unique_id "akF6q5XJbA1x2T2H_H7Q-wAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-28 19:35:10 (10 hours ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇮🇹 VHosting	2026-06-28 19:30:04 (10 hours ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 15:21:58 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.107.76 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.107.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 11:21:48.180984 2026] [security2:error] [pid 792:tid 792] [client 5.255.107.76:41144] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.desertshadowsrv.org"] [uri "/.git/HEAD"] [unique_id "akE8DFYjmTdT2Pj-QjuQ7gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 oh.mg	2026-06-28 15:07:29 (14 hours ago)	[Sun Jun 28 17:07:26.478717 2026] [security2:error] [pid 1476814:tid 1476819] [client 5.255.107.76:5 ... show more [Sun Jun 28 17:07:26.478717 2026] [security2:error] [pid 1476814:tid 1476819] [client 5.255.107.76:58688] [client 5.255.107.76] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mail.mrman.net"] [uri "/.env"] [unique_id "akE4rif0Pgo4XybBFURGMgAAAMM"] [Sun Jun 28 17:07:28.648848 2026] [security2:error] [pid 1466460:tid 1466486] [client 5.255.107.76:40978] [client 5.255.107.76] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "ano ... show less	Web App Attack Bad Web Bot
🇩🇪 simsung	2026-06-28 14:55:13 (14 hours ago)	5.255.107.76 - - [28/Jun/2026:14:55:12 +0000] "GET /.git/HEAD HTTP/1.1" 403 177 "https://mail.holdgo ... show more 5.255.107.76 - - [28/Jun/2026:14:55:12 +0000] "GET /.git/HEAD HTTP/1.1" 403 177 "https://mail.holdgold.app/.git/HEAD" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" ... show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-28 14:25:39 (15 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.107.76 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.107.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 10:25:35.087877 2026] [security2:error] [pid 23479:tid 23479] [client 5.255.107.76:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kidswithcamerasmovie.com"] [uri "/.env.development"] [unique_id "akEu3xThN4LG5Ngg5YhzbAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 aranguren.org	2026-06-28 14:19:36 (15 hours ago)	5.255.107.76 - - [29/Jun/2026:00:19:36 +1000] "GET /.git/HEAD HTTP/1.1" 403 984 "-" "Mozilla/5.0 (Ma ... show more 5.255.107.76 - - [29/Jun/2026:00:19:36 +1000] "GET /.git/HEAD HTTP/1.1" 403 984 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" 5.255.107.76 - - [29/Jun/2026:00:19:36 +1000] "GET /config.json HTTP/1.1" 403 984 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15" 5.255.107.76 - - [29/Jun/2026:00:19:36 +1000] "GET /.env.development HTTP/1.1" 404 994 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0" 5.255.107.76 - - [29/Jun/2026:00:19:36 +1000] "GET /.env.production HTTP/1.1" 404 994 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" 5.255.107.76 - - [29/Jun/2026:00:19:36 +1000] "GET /.git/config HTTP/1.1" 403 984 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0" 5.255.107.76 - - [29/Jun/2026:00:19:36 +1000] "GET /backend/.env HTTP ... show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-28 13:51:14 (16 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.107.76 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.107.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 09:51:07.306404 2026] [security2:error] [pid 11129:tid 11129] [client 5.255.107.76:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.grainavi.com"] [uri "/api/.env"] [unique_id "akEmy7yBxGtpCrOYtmgDHAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 alecj.com	2026-06-28 12:51:53 (16 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/appsec-vpatch	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 12:49:10 (17 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.107.76 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.107.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 08:49:05.732166 2026] [security2:error] [pid 32361:tid 32361] [client 5.255.107.76:51792] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.nhhostas.com"] [uri "/.env"] [unique_id "akEYQdC_UHEijXvdsyK4GgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇹 196.190.62.217

🇦🇷 181.209.99.83

🇩🇪 68.183.64.183

🇺🇸 52.188.185.85

🇺🇸 47.254.72.182

🇨🇦 45.194.92.58

🇳🇱 45.148.10.147

🇭🇰 42.200.78.166

🇧🇷 205.210.31.174

🇺🇸 205.210.31.45

🇪🇹 196.188.244.123

🇲🇽 189.233.128.255

🇨🇱 186.173.114.152

🇦🇷 186.124.185.55

🇨🇴 186.81.124.5

🇦🇷 181.224.223.146

🇦🇷 181.25.12.129

🇯🇵 175.28.236.19

🇨🇴 152.201.111.109

🇺🇸 151.240.95.108