JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.255.123.222

5.255.123.222 was found in our database!

This IP was reported 829 times. Confidence of Abuse is 100%: ?

100%

ISP	The Infrastructure Group B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60404
Domain Name	theinfrastructure.group
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.255.123.222

Whois 5.255.123.222

IP Abuse Reports for 5.255.123.222:

This IP address has been reported a total of 829 times from 343 distinct sources. 5.255.123.222 was first reported on July 2nd 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 [email protected]	2026-06-02 05:09:11 (1 day ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-06-02T05:09:11Z	Brute-Force
🇦🇹 SchiWaGoA	2026-06-02 05:02:54 (1 day ago)	This IP was detected by CrowdSec trigger from crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇫🇷 masterguru	2026-06-02 05:02:09 (1 day ago)	Restricted File Access Attempt. Matched phrase "/.env" at REQUEST_FILENAME. (930130-131)	Hacking Web App Attack
🇵🇱 Yachiyo Runami	2026-06-02 04:24:04 (2 days ago)	Port Scan on Honeypot \| Ports: 80/HTTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 54 \| Len: 60B \| Win: ... show more Port Scan on Honeypot \| Ports: 80/HTTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 54 \| Len: 60B \| Win: 42340(1) \| F2B/ufw-honeypot@2026-06-02T04:24:04Z show less	Port Scan Hacking
🇩🇪 BlueWire Hosting	2026-06-02 02:19:39 (2 days ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇩🇪 paissangroup	2026-06-02 01:25:35 (2 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 etu brutus	2026-06-02 00:24:45 (2 days ago)	5.255.123.222 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host
🇧🇷 vfAcceloReporter	2026-06-01 22:15:27 (2 days ago)	5.255.123.222 - - [01/Jun/2026:19:15:27 -0300] "GET /.env.test HTTP/1.1" 404 125 "-" "Mozilla/5.0 (W ... show more 5.255.123.222 - - [01/Jun/2026:19:15:27 -0300] "GET /.env.test HTTP/1.1" 404 125 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" ... show less	Brute-Force Web App Attack Exploited Host
🇺🇸 itsnixk	2026-06-01 22:00:18 (2 days ago)	(mod_security) mod_security (id:930130) triggered by 5.255.123.222 (NL/The Netherlands/-): 1 in the ... show more (mod_security) mod_security (id:930130) triggered by 5.255.123.222 (NL/The Netherlands/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon Jun 01 18:00:17.107044 2026] [security2:error] [pid 1231331:tid 1231465] [client 5.255.123.222:0] ModSecurity: Access denied with code 406 (phase 1). Matched phrase ".yarnrc" at REQUEST_FILENAME. [file "/etc/modsecurity.d/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "150"] [id "930130"] [msg "Restricted File Access Attempt"] [redacted] [severity "CRITICAL"] [ver "OWASP_CRS/4.25.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/ATTACK-LFI"] [tag "capec/1000/255/153/126"] [redacted] [uri "/.yarnrc"] [unique_id "ah4A8euP18cn_Ak-SChM7QAAADM"] show less	Port Scan
🇩🇪 SwinT	2026-06-01 20:00:03 (2 days ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇵🇾 armandosaucedo.me	2026-06-01 18:58:37 (2 days ago)	Threat Intelligence via ARMTI, Web Attack: GET /.yarnrc	Web App Attack
🇱🇻 garmtech.com	2026-06-01 15:52:48 (2 days ago)	Attempted access to sensitive endpoint (/config/credentials.json) detected. Automated scan or unauth ... show more Attempted access to sensitive endpoint (/config/credentials.json) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇨🇭 4server	2026-06-01 15:27:50 (2 days ago)	[MonJun0117:27:42.9045482026][security2:error][pid1245930:tid1246159][client5.255.123.222:0]ModSecur ... show more [MonJun0117:27:42.9045482026][security2:error][pid1245930:tid1246159][client5.255.123.222:0]ModSecurity:Accessdeniedwithcode403$phase1$.Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"mail.yellory.com\"][uri\"/.env\"][unique_id\"ah2k7glwxcSxHsp3ManpsAAAARA\"] show less	Hacking Web App Attack
🇺🇸 rsa	2026-06-01 15:20:00 (2 days ago)	GET /.env.production.backup HTTP/1.1 GET /.env~ HTTP/1.1 GET /.env.production.bak HTTP/1.1 GET /. ... show more GET /.env.production.backup HTTP/1.1 GET /.env~ HTTP/1.1 GET /.env.production.bak HTTP/1.1 GET /.git/refs/heads/main/ HTTP/1.1 show less	DDoS Attack Brute-Force Web App Attack Hacking
🇩🇪 4server	2026-06-01 14:28:26 (2 days ago)	[MonJun0116:28:20.3280822026][security2:error][pid2856415:tid2856454][client5.255.123.222:0]ModSecur ... show more [MonJun0116:28:20.3280822026][security2:error][pid2856415:tid2856454][client5.255.123.222:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"webdisk.buletti-panettoni.ch\"][uri\"/.env.old\"][unique_id\"ah2XBE_t-A4MXw0Hzd3iMgAAAAo\"] show less	Port Scan Brute-Force Web App Attack

Showing 61 to 75 of 829 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 167.94.146.38

🇲🇽 159.54.148.142

🇺🇸 146.70.211.87

🇨🇳 123.59.4.98

🇹🇷 78.186.116.161

🇳🇱 77.83.39.154

🇫🇷 51.44.216.204

🇭🇰 45.142.154.103

🇫🇷 15.188.23.138

🇨🇳 14.103.220.97

🇨🇦 3.98.89.59

🇧🇪 198.235.24.232

🇨🇭 176.65.144.128

🇨🇳 119.249.100.110

🇻🇳 113.177.159.48

🇰🇪 105.161.150.34

🇲🇦 105.156.83.219

🇺🇦 91.204.122.189

🇮🇪 54.195.204.225

🇮🇳 43.230.201.87