JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.255.97.193

5.255.97.193 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 97%: ?

97%

ISP	The Infrastructure Group B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60404
Domain Name	theinfrastructure.group
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.255.97.193

Whois 5.255.97.193

IP Abuse Reports for 5.255.97.193:

This IP address has been reported a total of 22 times from 17 distinct sources. 5.255.97.193 was first reported on June 26th 2026, and the most recent report was 31 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-28 09:02:27 (31 minutes ago)	(mod_security) mod_security (id:210492) triggered by 5.255.97.193 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.97.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 05:02:19.829042 2026] [security2:error] [pid 26603:tid 26603] [client 5.255.97.193:39976] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "solidthought.com"] [uri "/.git/HEAD"] [unique_id "akDjGxM3JPDJ9Ly-kP6H1AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-28 08:51:57 (42 minutes ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 08:47:24 (46 minutes ago)	(mod_security) mod_security (id:210492) triggered by 5.255.97.193 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.97.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 04:47:17.687991 2026] [security2:error] [pid 4333:tid 4333] [client 5.255.97.193:47390] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "smokeyspb.photos.pages4you.com"] [uri "/.git/HEAD"] [unique_id "akDflZjIbUpLZJWwi-zDyAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-28 07:05:54 (2 hours ago)	Blocked: Reason='Suspicious traffic score=75 (review-based detection)'; Requests=224	Hacking
🇦🇺 aranguren.org	2026-06-28 06:55:00 (2 hours ago)	5.255.97.193 - - [28/Jun/2026:16:54:59 +1000] "GET /.env.development HTTP/1.1" 404 995 "-" "Mozilla/ ... show more 5.255.97.193 - - [28/Jun/2026:16:54:59 +1000] "GET /.env.development HTTP/1.1" 404 995 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" 5.255.97.193 - - [28/Jun/2026:16:54:59 +1000] "GET /.aws/credentials HTTP/1.1" 404 995 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" 5.255.97.193 - - [28/Jun/2026:16:54:59 +1000] "GET /.env.local HTTP/1.1" 404 995 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15" 5.255.97.193 - - [28/Jun/2026:16:54:59 +1000] "GET /config.json HTTP/1.1" 404 995 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109" 5.255.97.193 - - [28/Jun/2026:16:54:59 +1000] "GET /api/.env HTTP/1.1" 404 995 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gec ... show less	Bad Web Bot
🇷🇴 SpamStopper	2026-06-28 06:51:24 (2 hours ago)	Fail2Ban - WordPress\(Anomis\) Looking for CMS/PHP/SQL vulnerabilities and hacked web hosts servers	Hacking Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-28 06:25:00 (3 hours ago)	5.255.97.193 - - [28/Jun/2026:08:24:55 +0200] "GET /.git/config HTTP/1.1" 403 177 "-" "Mozilla/5.0 ( ... show more 5.255.97.193 - - [28/Jun/2026:08:24:55 +0200] "GET /.git/config HTTP/1.1" 403 177 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109" ... show less	Web App Attack
🇷🇴 iulianh	2026-06-28 05:54:28 (3 hours ago)	80,443	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-28 05:37:18 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.97.193 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.97.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 01:37:12.567061 2026] [security2:error] [pid 10613:tid 10613] [client 5.255.97.193:49070] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "slusarczyk.com"] [uri "/.git/HEAD"] [unique_id "akCzCIjiDHb9izrJ0fpKvgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-28 04:50:01 (4 hours ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 04:45:57 (4 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.97.193 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.97.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 00:45:51.529077 2026] [security2:error] [pid 26312:tid 26312] [client 5.255.97.193:41334] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "camouflagebikinis.com"] [uri "/.git/HEAD"] [unique_id "akCm_zVf1eUmOCHTh3o5WgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-06-28 04:28:43 (5 hours ago)	http-sensitive-files - IP: 5.255.97.193 - time="2026-06-28T06:28:42+02:00" level=info msg="(555f66b ... show more http-sensitive-files - IP: 5.255.97.193 - time="2026-06-28T06:28:42+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 5.255.97.193 (NL/60404) : 4h ban on Ip 5.255.97.193" module=db show less	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-27 22:04:30 (11 hours ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-26. show less	Web App Attack SSH Hacking
🇫🇷 dynamix	2026-06-27 21:01:20 (12 hours ago)	Multiple WAF Violations	Web App Attack
🇫🇷 masterguru	2026-06-27 19:50:06 (13 hours ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 172.236.8.193

🇷🇺 154.83.196.237

🇳🇱 91.92.42.212

🇸🇬 20.24.9.187

🇨🇳 221.1.141.86

🇰🇷 210.118.224.138

🇺🇿 194.107.115.199

🇬🇧 193.163.125.169

🇨🇳 180.153.236.10

🇵🇰 123.253.95.255

🇪🇸 83.37.244.84

🇺🇸 68.225.185.11

🇺🇸 64.23.214.73

🇨🇳 47.103.48.50

🇺🇸 45.148.234.184

🇨🇳 42.248.182.233

🇲🇽 38.56.248.74

🇮🇶 37.239.161.10

🇮🇳 20.193.146.159

🇦🇿 5.134.53.50