JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.255.121.5

5.255.121.5 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 85%: ?

85%

ISP	The Infrastructure Group B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60404
Domain Name	theinfrastructure.group
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.255.121.5

Whois 5.255.121.5

IP Abuse Reports for 5.255.121.5:

This IP address has been reported a total of 18 times from 14 distinct sources. 5.255.121.5 was first reported on June 8th 2026, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 pipeline.es	2026-06-08 09:08:42 (10 hours ago)	Web scanning / probing for vulnerable paths \| URL: /.env.staging \| Evidence: rhin.es 5.255.121.5 - - ... show more Web scanning / probing for vulnerable paths \| URL: /.env.staging \| Evidence: rhin.es 5.255.121.5 - - [08/Jun/2026:11:08:04 +0200] \"GET /.env.staging HTTP/1.1\" 404 210 \"-\" \"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; GPTBot/1.2; +https://openai.com/gptbot\" GEOIP_COUNTRY_CODE=NL \| ASN: The Infrastructure Group B.V. \| Country: NL show less	Port Scan Web App Attack
🇳🇱 Savvii	2026-06-08 09:07:00 (10 hours ago)	23 attempts against mh-misbehave-ban on redirect	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 09:06:53 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.121.5 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 5.255.121.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 05:06:47.166433 2026] [security2:error] [pid 3794:tid 3794] [client 5.255.121.5:47018] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.vansfanz.rollinchassis.com"] [uri "/.git/config"] [unique_id "aiaGJ4pcSM8AyKeGhvnPHQAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-08 08:39:37 (10 hours ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 Savvii	2026-06-08 08:37:40 (10 hours ago)	20 attempts against mh-misbehave-ban on redirect	Brute-Force Bad Web Bot Web App Attack
🇩🇪 EGP Abuse Dept	2026-06-08 08:28:36 (10 hours ago)	Scanning for web/db/file exploits on www.vanberlooptiek.nl	SQL Injection Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-08 08:26:17 (10 hours ago)	Try to access /.aws/credentials	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 08:16:53 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.121.5 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 5.255.121.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 04:16:49.700935 2026] [security2:error] [pid 30798:tid 30798] [client 5.255.121.5:58458] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "banis-associates.com"] [uri "/.git/config"] [unique_id "aiZ6cfwQv09FLndC_DLZEQAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Savvii	2026-06-08 08:10:03 (11 hours ago)	27 attempts against mh-misbehave-ban on redirect	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-08 08:08:36 (11 hours ago)	Abuse Detected (5)	Brute-Force Web App Attack
🇭🇳 unph	2026-06-08 07:53:09 (11 hours ago)	Intento de acceso sospechoso bloqueado por AbuseIPDB Blocker Plugin	Brute-Force
🇫🇷 masterguru	2026-06-08 07:40:09 (11 hours ago)	BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:User-Agent. (1100000 ... show more BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:User-Agent. (1100000-195) show less	Bad Web Bot
Anonymous	2026-06-08 07:32:05 (11 hours ago)	Bot / scanning and/or hacking attempts: GET /secrets.json HTTP/1.1, GET /config/application.properti ... show more Bot / scanning and/or hacking attempts: GET /secrets.json HTTP/1.1, GET /config/application.properties HTTP/1.1, [21/21] read: stream 0, , GET /.env HTTP/2.0, GET /config/secrets.yml HTTP/2.0, GET /.aws/credentials HTTP/1.1, GET /application.yml HTTP/2.0, GET /.env HTTP/1.1, GET /.env.development HTTP/2.0, GET /application.properties HTTP/2.0, GET /.env.bak HTTP/2.0 show less	Hacking Web App Attack
🇨🇭 backslash	2026-06-08 07:21:04 (11 hours ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
Anonymous	2026-06-08 07:04:41 (12 hours ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 217.60.195.25

🇺🇸 205.210.31.109

🇺🇸 205.210.31.81

🇺🇸 205.210.31.76

🇩🇪 196.242.141.20

🇺🇸 193.3.53.7

🇧🇷 177.44.133.72

🇨🇳 112.249.63.174

🇺🇸 40.121.200.75

🇧🇪 34.62.109.18

🇬🇧 195.206.182.200

🇰🇷 168.107.20.21

🇨🇳 116.178.131.36

🇳🇱 89.190.156.4

🇱🇺 83.142.209.138

🇺🇸 3.134.95.152

🇨🇳 223.247.47.89

🇨🇳 218.27.202.178

🇬🇧 193.176.29.21

🇸🇦 188.53.189.251