JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.255.127.166

5.255.127.166 was found in our database!

This IP was reported 295 times. Confidence of Abuse is 100%: ?

100%

ISP	The Infrastructure Group B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60404
Domain Name	theinfrastructure.group
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.255.127.166

Whois 5.255.127.166

IP Abuse Reports for 5.255.127.166:

This IP address has been reported a total of 295 times from 166 distinct sources. 5.255.127.166 was first reported on April 16th 2026, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 6kilowatti	2026-04-28 04:41:09 (1 month ago)	5.255.127.166 - - [28/Apr/2026:07:41:08 +0300] "GET /.git/config HTTP/1.1" 404 153 "-" "Mozilla/5.0 ... show more 5.255.127.166 - - [28/Apr/2026:07:41:08 +0300] "GET /.git/config HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" ... show less	Web App Attack
🇬🇧 gurnip	2026-04-28 04:07:17 (1 month ago)	Vulnerability probe of page /.git/HEAD, not found on server.	Brute-Force Web App Attack
Anonymous	2026-04-27 20:09:28 (1 month ago)	2026/04/27 08:14:21 [error] 2090#2090: 5968 access forbidden by rule, client: 5.255.127.166, server ... show more 2026/04/27 08:14:21 [error] 2090#2090: 5968 access forbidden by rule, client: 5.255.127.166, server: guiadovarejo.com.br, request: "GET /.git/HEAD HTTP/1.1", host: "www.guiadovarejo.com.br", referrer: "https://guiadovarejo.com.br/.git/HEAD" 2026/04/27 08:14:21 [error] 2087#2087: 5966 access forbidden by rule, client: 5.255.127.166, server: guiadovarejo.com.br, request: "GET /.git/config HTTP/1.1", host: "www.guiadovarejo.com.br", referrer: "https://guiadovarejo.com.br/.git/config" 2026/04/27 08:15:41 [error] 2087#2087: 5987 access forbidden by rule, client: 5.255.127.166, server: guiasorocabano.com.br, request: "GET /.git/HEAD HTTP/1.1", host: "www.guiasorocabano.com.br", referrer: "https://guiasorocabano.com.br/.git/HEAD" ... show less	Port Scan
🇩🇪 iNetWorker	2026-04-27 19:57:47 (1 month ago)	trolling for resource vulnerabilities	Web App Attack
🇩🇪 4server	2026-04-27 19:07:24 (1 month ago)	[MonApr2721:07:22.4717132026][security2:error][pid3857385:tid3857531][client5.255.127.166:0]ModSecur ... show more [MonApr2721:07:22.4717132026][security2:error][pid3857385:tid3857531][client5.255.127.166:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"mail.lacer.ch\"][uri\"/.git/config\"][unique_id\"ae-z6ltUZ0E80Mexy2iV2QAAAks\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 masterguru	2026-04-27 19:00:13 (1 month ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 5.255.127.166 (NL/The Netherlands/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 5.255.127.166 (NL/The Netherlands/-): 2 in the last 3600 secs (0-201) show less	Hacking
🇳🇱 e.fierstra	2026-04-27 18:59:46 (1 month ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
Anonymous	2026-04-27 18:36:30 (1 month ago)	5.255.127.166 - - [27/Apr/2026:08:14:21 -0300] "GET /.git/config HTTP/1.1" 301 169 "-" "Mozilla/5.0 ... show more 5.255.127.166 - - [27/Apr/2026:08:14:21 -0300] "GET /.git/config HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" ... show less	Port Scan Hacking SQL Injection Brute-Force Bad Web Bot Exploited Host
Anonymous	2026-04-27 16:33:43 (1 month ago)	Web App Attack, Hacking	Hacking Web App Attack
Anonymous	2026-04-27 16:31:33 (1 month ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
Anonymous	2026-04-27 15:26:58 (1 month ago)	T: f2b 404 5x	Web App Attack
🇬🇧 poundawebsiteltd	2026-04-27 13:49:14 (1 month ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 5.255.127.166 - - [27/Apr/2026:1 ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 5.255.127.166 - - [27/Apr/2026:14:49:13 +0100] GET /communities/jewish-community/jewish-community-welcome/.git/HEAD HTTP/1.1 403 3088 https://[REDACTED_DOMAIN]/.git/HEAD Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 show less	Web App Attack
🇩🇪 raph	2026-04-27 11:49:21 (1 month ago)	[DOT FILES] crawler .env, .git, .config, etc.	Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-04-27 10:18:38 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12	Exploited Host Web App Attack
🇫🇷 pm33	2026-04-27 09:04:28 (1 month ago)	Probing for resource vulnerabilities HTTP(S)	Web App Attack

Showing 151 to 165 of 295 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 203.161.38.233

🇺🇸 178.156.253.13

🇪🇸 85.61.90.129

🇺🇸 2607:f8b0:4001:c13::126

🇧🇷 187.110.238.50

🇫🇮 185.148.1.18

🇨🇳 171.215.53.186

🇺🇸 147.185.132.116

🇨🇳 120.48.34.72

🇨🇳 111.55.197.6

🇫🇷 91.231.89.75

🇨🇳 47.115.231.183

🇬🇧 35.203.210.222

🇬🇧 35.203.210.101

🇺🇸 205.210.31.48

🇵🇱 194.180.48.148

🇨🇳 118.249.191.163

🇳🇱 45.148.10.21

🇵🇭 38.225.214.9

🇺🇸 216.25.89.84