JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.255.127.166

5.255.127.166 was found in our database!

This IP was reported 295 times. Confidence of Abuse is 100%: ?

100%

ISP	The Infrastructure Group B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60404
Domain Name	theinfrastructure.group
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.255.127.166

Whois 5.255.127.166

IP Abuse Reports for 5.255.127.166:

This IP address has been reported a total of 295 times from 166 distinct sources. 5.255.127.166 was first reported on April 16th 2026, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 oh.mg	2026-05-01 12:30:12 (1 month ago)	[Fri May 01 14:30:11.344849 2026] [security2:error] [pid 1663380:tid 1663418] [client 5.255.127.166: ... show more [Fri May 01 14:30:11.344849 2026] [security2:error] [pid 1663380:tid 1663418] [client 5.255.127.166:40428] [client 5.255.127.166] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "www.mmnto.org"] [uri "/.git/config"] [unique_id "afSc0_cVPv0PzXw6_B6rVwAAAIU"] [Fri May 01 14:30:11.344849 2026] [security2:error] [pid 1663380:tid 1663424] [client 5.255.127.166:40438] [client 5.255.127.166] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] ... show less	Web App Attack Bad Web Bot
🇺🇸 Major Hostility	2026-05-01 11:00:07 (1 month ago)	"GET /.git/config HTTP/1.1" 404 "GET /.git/HEAD HTTP/1.1" 404	Web App Attack
🇦🇺 Block Rockin' Beats	2026-05-01 11:00:04 (1 month ago)	Scanning for exploitable scripts	Hacking Web App Attack
🇩🇪 Starburst SysOp Team	2026-05-01 09:40:33 (1 month ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-nue6-2)	Hacking Web App Attack
Anonymous	2026-05-01 07:53:24 (1 month ago)	Sensitive file access attempt	Hacking
🇩🇪 derLoosi	2026-05-01 07:49:40 (1 month ago)	HV1.1 Blocked by UFW	Port Scan
🇺🇸 kosada.com	2026-05-01 07:04:24 (1 month ago)	Web vulnerability probing: /.git/HEAD	Web App Attack
Anonymous	2026-04-30 19:45:59 (1 month ago)	[01/May/2026:05:45:59 +1000] "GET /.git/config HTTP/1.1" 301 292 "Mozilla/5.0 (Macintosh; Intel Mac ... show more [01/May/2026:05:45:59 +1000] "GET /.git/config HTTP/1.1" 301 292 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" show less	Hacking Web App Attack
🇺🇸 CBJ	2026-04-30 17:56:34 (1 month ago)	fail2ban: apache-filepath-recon ...	Web App Attack
🇩🇪 4server	2026-04-30 14:37:21 (1 month ago)	[ThuApr3016:37:19.9166042026][security2:error][pid2445845:tid2445936][client5.255.127.166:0]ModSecur ... show more [ThuApr3016:37:19.9166042026][security2:error][pid2445845:tid2445936][client5.255.127.166:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"autodiscover.aaaa6877.org\"][uri\"/.git/config\"][unique_id\"afNpH8eie-FwurtyiCEiVQAAAdQ\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 Blexyel	2026-04-30 14:06:19 (1 month ago)	5.255.127.166 - - [30/Apr/2026:16:06:14 +0200] "GET /.git/config HTTP/1.1" 200 2116 "-" "Mozilla/5.0 ... show more 5.255.127.166 - - [30/Apr/2026:16:06:14 +0200] "GET /.git/config HTTP/1.1" 200 2116 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" ... show less	Brute-Force Web App Attack
🇺🇸 Rocky Mountain Bioengineering Symposium	2026-04-30 14:01:57 (1 month ago)	5.255.127.166 - - [30/Apr/2026:08:01:56 -0600] "GET /.git/config HTTP/1.1" 301 4458 "https://autocon ... show more 5.255.127.166 - - [30/Apr/2026:08:01:56 -0600] "GET /.git/config HTTP/1.1" 301 4458 "https://autoconfig.main.rmbs.org/.git/config" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" ... show less	Web App Attack
🇩🇪 simsung	2026-04-30 11:13:54 (1 month ago)	5.255.127.166 - - [30/Apr/2026:11:13:52 +0000] "GET /.git/HEAD HTTP/1.1" 403 146 "https://mail.holdg ... show more 5.255.127.166 - - [30/Apr/2026:11:13:52 +0000] "GET /.git/HEAD HTTP/1.1" 403 146 "https://mail.holdgold.app/.git/HEAD" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" ... show less	Bad Web Bot
🇩🇪 dbmwebdesign	2026-04-30 08:40:34 (1 month ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇫🇷 ELYAZ	2026-04-30 08:32:38 (1 month ago)	(y3) Failed access -byebye- from 5.255.127.166 (NL/Netherlands/-): (CF_ENABLE)	Hacking

Showing 106 to 120 of 295 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 193.3.53.8

🇺🇸 185.255.100.250

🇨🇳 153.37.227.44

🇮🇳 122.187.230.162

🇫🇷 88.138.20.172

🇲🇾 47.250.155.223

🇳🇱 45.148.10.121

🇨🇳 27.18.68.250

🇳🇱 213.177.179.127

🇧🇷 200.165.15.78

🇬🇧 185.247.137.196

🇺🇸 167.172.223.199

🇫🇮 147.185.133.225

🇰🇷 121.66.124.147

🇸🇬 121.6.81.59

🇨🇳 117.80.152.104

🇷🇺 94.25.40.30

🇨🇳 61.146.129.133

🇫🇮 45.154.244.2

🇮🇳 36.50.167.81