JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.255.117.99

5.255.117.99 was found in our database!

This IP was reported 60 times. Confidence of Abuse is 100%: ?

100%

ISP	The Infrastructure Group B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60404
Domain Name	theinfrastructure.group
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.255.117.99

Whois 5.255.117.99

IP Abuse Reports for 5.255.117.99:

This IP address has been reported a total of 60 times from 37 distinct sources. 5.255.117.99 was first reported on June 21st 2026, and the most recent report was 3 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 openstrike.co.uk	2026-06-23 05:14:25 (3 minutes ago)	38 attacks on env grabbing URLs, config grabbing URLs (type 2), VC URLs, password grabbing URLs: GET ... show more 38 attacks on env grabbing URLs, config grabbing URLs (type 2), VC URLs, password grabbing URLs: GET /.env.local.copy HTTP/1.1 GET /config/default.json HTTP/1.1 GET /.git/HEAD HTTP/1.1 GET /.aws/credentials HTTP/1.1 show less	Hacking
🇳🇱 homeshowdomain.nl	2026-06-22 21:59:56 (7 hours ago)	Auto-ban: >3000 req/min op 2026-06-22	Web App Attack SSH Hacking
Anonymous	2026-06-22 20:32:04 (8 hours ago)	"GET /wp-content/debug.log HTTP/1.1"	Hacking Web App Attack
🇪🇸 gnom4ik	2026-06-22 13:55:12 (15 hours ago)	ban-reviewer auto report; ip=5.255.117.99; scenario=crowdsecurity/http-crawl-non_statics; scenario_c ... show more ban-reviewer auto report; ip=5.255.117.99; scenario=crowdsecurity/http-crawl-non_statics; scenario_context=crowdsecurity/http-crawl-non_statics,crowdsecurity/http-sensitive-files; verdict=valid_ban; confidence=0.92; categories=19; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high show less	Bad Web Bot
🇫🇷 masterguru	2026-06-22 12:13:49 (17 hours ago)	URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ... show more URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-201) show less	Hacking
Anonymous	2026-06-22 12:05:08 (17 hours ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇨🇭 4server	2026-06-22 11:02:29 (18 hours ago)	[MonJun2213:02:26.6525432026][security2:error][pid1274810:tid1274831][client5.255.117.99:0]ModSecuri ... show more [MonJun2213:02:26.6525432026][security2:error][pid1274810:tid1274831][client5.255.117.99:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Stringmatchwithin\".asa/.asax/.ascx/.backup/.bak/.bat/.cdx/.cer/.cfg/.cmd/.com/.config/.conf/.cs/.csproj/.csr/.dat/.db/.dbf/.dll/.dos/.htr/.htw/.ida/.idc/.idq/.inc/.ini/.key/.licx/.lnk/.log/.mdb/.old/.pass/.pdb/.pol/.printer/.pwd/.rdb/.resources/.resx/.sql/.swp/.sys/.vb/.vbs/.vbproj/.vsdisco/.webinfo/.xsx/\"atTX:extension.[file\"/etc/apache2/conf.d/modsec_rules/00_asl_zz_strict.conf\"][line\"91\"][id\"390716\"][rev\"2\"][msg\"Atomicorp.comWAFRules:URLfileextensionisrestrictedbypolicy\"][data\".log\"][severity\"ERROR\"][hostname\"stmconsulenze.ch\"][uri\"/wp-content/debug.log\"][unique_id\"ajkWQv4U1GOSQsgGLTEu1gAAAVI\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 10:50:59 (18 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.117.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.117.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 06:50:52.724682 2026] [security2:error] [pid 26009:tid 26009] [client 5.255.117.99:22698] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.agapeaccounting.com"] [uri "/.env.local"] [unique_id "ajkTjI898DtT7-hhINK5OQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 10:12:20 (19 hours ago)	(mod_security) mod_security (id:210730) triggered by 5.255.117.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 5.255.117.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 06:12:15.189844 2026] [security2:error] [pid 13000:tid 13000] [client 5.255.117.99:29674] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|parasolia.angelabcomics.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "parasolia.angelabcomics.com"] [uri "/wp-content/debug.log"] [unique_id "ajkKf5lERsH8SMOnvsJzEwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-22 10:03:50 (19 hours ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: NL, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: NL, Attack patterns: WordPress scanning, Backup file probing, Cloud secrets probing show less	Bad Web Bot Web App Attack
🇬🇧 blueskysystems	2026-06-22 09:30:03 (19 hours ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇳🇱 Savvii	2026-06-22 09:21:30 (19 hours ago)	15 attempts against mh-modsecurity-ban on pf221108	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-22 08:41:36 (20 hours ago)	URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .backup/ ... show more URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .compositefont/ .config/ .conf/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .scr/ .sct/ .shs/ .sql/ .swp/ .sys/ .tlb/ .tmp/ .url/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-196) show less	Hacking
🇳🇱 Savvii	2026-06-22 07:47:28 (21 hours ago)	20 attempts against mh-misbehave-ban on ozone	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-22 07:32:37 (21 hours ago)	755 requests with url.path credentials.json 113 requests with url.path secrets.json	Brute-Force Bad Web Bot

Showing 1 to 15 of 60 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.203.149.63

🇪🇨 45.236.143.118

🇨🇳 218.61.251.3

🇺🇸 195.184.76.61

🇺🇸 162.216.149.44

🇺🇸 139.144.239.72

🇨🇳 120.48.175.69

🇮🇩 110.136.15.173

🇮🇳 106.219.164.11

🇷🇴 80.94.92.171

🇺🇸 20.64.104.31

🇨🇦 4.204.223.67

🇳🇱 195.178.110.135

🇹🇭 150.95.82.21

🇺🇸 104.22.24.146

🇩🇪 69.5.169.141

🇺🇸 65.111.13.59

🇳🇱 64.89.162.15

🇰🇷 211.106.133.202

🇧🇷 191.17.20.109