JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.255.115.37

5.255.115.37 was found in our database!

This IP was reported 238 times. Confidence of Abuse is 100%: ?

100%

ISP	The Infrastructure Group B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60404
Domain Name	theinfrastructure.group
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.255.115.37

Whois 5.255.115.37

IP Abuse Reports for 5.255.115.37:

This IP address has been reported a total of 238 times from 107 distinct sources. 5.255.115.37 was first reported on April 14th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hary74656	2026-04-16 12:57:14 (1 month ago)	[Thu Apr 16 13:19:51.183358 2026] [security2:error] [pid 29823:tid 29918] [client 5.255.115.37:37288 ... show more [Thu Apr 16 13:19:51.183358 2026] [security2:error] [pid 29823:tid 29918] [client 5.255.115.37:37288] [client 5.255.115.37] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.git/" at REQUEST_FILENAME. [file "/usr/share/modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.git/ found within REQUEST_FILENAME: /.git/config"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "aschi.at"] [uri "/.git/config"] [unique_id "aeDF1q3gGPO6mBdZepOSKwAAAbE"] [Thu Apr 16 13:19:51.183359 2026] [security2:error] [pid 29634:tid 29751] [client 5.255.115.37:37266] [client 5.255.115.37] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.git/" at REQUEST_FILENAME. [file "/usr/share/mods ... show less	Web App Attack
🇳🇱 wlt-blocker	2026-04-16 11:49:05 (1 month ago)	Unauthorized access to webpage admin	Web App Attack
🇬🇧 consul.to	2026-04-16 11:40:32 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 iNetWorker	2026-04-16 11:29:59 (1 month ago)	trolling for resource vulnerabilities	Web App Attack
🇩🇪 Petros Stefanakis	2026-04-16 06:44:56 (1 month ago)	(mod_security) mod_security triggered on hostname [redacted] 5.255.115.37 (NL/Netherlands/-)	SQL Injection
🇸🇪 nekopavel	2026-04-15 23:19:44 (1 month ago)	5.255.115.37 - - [16/Apr/2026:01:19:41 +0200]"GET /.git/config HTTP/1.1" 301 0"-" neko.chat "Mozilla ... show more 5.255.115.37 - - [16/Apr/2026:01:19:41 +0200]"GET /.git/config HTTP/1.1" 301 0"-" neko.chat "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36""0.006" "0.004""Dronten" "NL" 5.255.115.37 - - [16/Apr/2026:01:19:41 +0200]"GET /.git/HEAD HTTP/1.1" 301 0"-" neko.chat "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36""0.004" "0.004""Dronten" "NL" 5.255.115.37 - - [16/Apr/2026:01:19:41 +0200]"GET / HTTP/1.1" 200 1435"https://neko.chat/.git/config" web.neko.chat "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36""0.006" "0.003""Dronten" "NL" ... show less	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 22:13:19 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 5.255.115.37 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.115.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 18:13:15.240524 2026] [security2:error] [pid 3437848:tid 3437848] [client 5.255.115.37:37868] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewanderingwoods.quest"] [uri "/.git/HEAD"] [unique_id "aeANe7o972CvNJvleUVDtAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-04-15 21:05:25 (1 month ago)	Too many Status 40X (32) Scanning/Probing (32) Request Overload (230)	Brute-Force Web App Attack
🇩🇪 ecs.ge	2026-04-15 20:56:10 (1 month ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-04-15 20:39:18 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 5.255.115.37 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.115.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 16:39:12.265976 2026] [security2:error] [pid 2733412:tid 2741416] [client 5.255.115.37:36916] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "moidawg.gg"] [uri "/.git/HEAD"] [unique_id "ad_3cLUFku8JuaTvt62WHwAAAMY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-04-15 19:04:26 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 17:44:33 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 5.255.115.37 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.115.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 13:44:26.361221 2026] [security2:error] [pid 3791848:tid 3791848] [client 5.255.115.37:39282] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "longleggedblond.com"] [uri "/.git/config"] [unique_id "ad_OevuZxEN5Sv0lLHodvAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 17:07:58 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 5.255.115.37 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.115.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 13:07:53.571042 2026] [security2:error] [pid 3198806:tid 3198806] [client 5.255.115.37:34880] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lollytalk.com"] [uri "/.git/config"] [unique_id "ad_F6doxz0vjjNUClQk_QwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-15 10:59:10 (1 month ago)	PSCSERV WPSCAN 5.255.115.37	Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-04-15 09:16:12 (1 month ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack

Showing 211 to 225 of 238 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.110

🇺🇸 205.210.31.36

🇮🇩 180.246.68.105

🇩🇪 152.53.21.176

🇧🇷 131.100.242.102

🇨🇳 123.245.84.179

🇨🇳 120.48.102.177

🇺🇸 107.158.118.22

🇹🇷 104.247.179.243

🇬🇧 35.203.211.179

🇮🇳 202.141.94.63

🇦🇷 186.38.26.5

🇳🇱 176.65.148.244

🇭🇰 118.193.43.158

🇨🇳 103.91.208.101

🇫🇷 91.231.89.204

🇫🇷 84.46.247.185

🇦🇷 45.238.107.70

🇳🇱 45.148.10.152

🇺🇸 45.33.40.18