JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.255.98.168

5.255.98.168 was found in our database!

This IP was reported 51 times. Confidence of Abuse is 100%: ?

100%

ISP	The Infrastructure Group B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60404
Domain Name	theinfrastructure.group
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.255.98.168

Whois 5.255.98.168

IP Abuse Reports for 5.255.98.168:

This IP address has been reported a total of 51 times from 29 distinct sources. 5.255.98.168 was first reported on June 21st 2026, and the most recent report was 1 minute ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-22 04:51:34 (1 minute ago)	(mod_security) mod_security (id:210492) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 00:51:29.476504 2026] [security2:error] [pid 17085:tid 17085] [client 5.255.98.168:10420] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.cook-islands-boat-registration.com"] [uri "/.env"] [unique_id "aji_UU7tsTqY70BgeRGxtwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 04:19:40 (33 minutes ago)	(mod_security) mod_security (id:210492) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 00:19:35.672134 2026] [security2:error] [pid 18726:tid 18726] [client 5.255.98.168:49020] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.medcoarabia.com"] [uri "/.env"] [unique_id "aji31wtUEple-VgeUyCSUAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 todix	2026-06-22 03:49:44 (1 hour ago)	Web App Attack Exploid from 5.255.98.168	Web App Attack
Anonymous	2026-06-22 03:35:14 (1 hour ago)	[ns1.skdns.gr] httpd-suspicious-path: iis-w3c	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 03:30:55 (1 hour ago)	(mod_security) mod_security (id:210730) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 23:30:50.234914 2026] [security2:error] [pid 20081:tid 20081] [client 5.255.98.168:30506] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|serviciosdedistribucioncastimpex.com.spyasociados.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "serviciosdedistribucioncastimpex.com.spyasociados.com"] [uri "/wp-content/debug.log"] [unique_id "ajisasuWpWokOxG-h2vALAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-22 02:53:21 (1 hour ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 5.255.98.168 (NL/The Netherlands/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 5.255.98.168 (NL/The Netherlands/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-22 02:37:57 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 22:37:50.129588 2026] [security2:error] [pid 13323:tid 13323] [client 5.255.98.168:48428] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.whitetailridgeantiques.com"] [uri "/app/.env"] [unique_id "ajif_ovVYoDs6gI8BUw3UQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WellSpring	2026-06-22 02:29:10 (2 hours ago)	env leak on 312.today/app/.env — WellSpr.ing/NetSentinel civic-AI security layer	Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 02:19:40 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 22:19:37.191181 2026] [security2:error] [pid 5278:tid 5278] [client 5.255.98.168:14526] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.intercotrading.com"] [uri "/.env"] [unique_id "ajibuXb5b6lIksfznN_1xgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-06-22 02:13:53 (2 hours ago)	5.255.98.168 - - [22/Jun/2026:05:13:44 +0300] "GET /wp-content/debug.log HTTP/1.1" 404 710 "-" "Mozi ... show more 5.255.98.168 - - [22/Jun/2026:05:13:44 +0300] "GET /wp-content/debug.log HTTP/1.1" 404 710 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" 5.255.98.168 - - [22/Jun/2026:05:13:45 +0300] "GET /src/.env HTTP/1.1" 404 710 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Safari/605.1.15" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 01:44:53 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 21:44:45.815678 2026] [security2:error] [pid 16682:tid 16682] [client 5.255.98.168:21632] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.baystarpartners.com"] [uri "/.env"] [unique_id "ajiTjcd7AG98jqCN9EdgQQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 01:24:29 (3 hours ago)	(mod_security) mod_security (id:210730) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 21:24:24.753363 2026] [security2:error] [pid 22583:tid 22583] [client 5.255.98.168:64120] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.kathydumesnilart.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.kathydumesnilart.com"] [uri "/wp-content/debug.log"] [unique_id "ajiOyAz3kmpy86DdVZlL5gAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 andypiper	2026-06-22 01:02:31 (3 hours ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 00:56:19 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 20:56:12.633486 2026] [security2:error] [pid 6053:tid 6053] [client 5.255.98.168:57676] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.despojosocial.com"] [uri "/.env"] [unique_id "ajiILJWUGkQvW9bUMivevgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 00:32:46 (4 hours ago)	(mod_security) mod_security (id:210492) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 5.255.98.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 20:32:41.043860 2026] [security2:error] [pid 19915:tid 19915] [client 5.255.98.168:53734] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.bigholegolf.com"] [uri "/.env.local"] [unique_id "ajiCqcMd8ufueq_P_wCisgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 51 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 45.123.217.22

🇬🇧 213.166.84.57

🇳🇱 185.223.235.22

🇩🇪 178.105.131.140

🇺🇸 172.234.218.34

🇰🇷 119.195.102.159

🇲🇾 110.159.75.189

🇵🇱 87.251.64.141

🇳🇱 81.19.216.119

🇺🇸 75.89.148.240

🇳🇱 52.174.67.71

🇩🇪 51.102.178.42

🇺🇸 50.16.232.215

🇨🇳 43.226.39.182

🇧🇷 43.164.193.198

🇺🇸 20.40.218.136

🇷🇴 2.57.122.177

🇺🇸 216.244.66.239

🇳🇱 193.176.31.248

🇩🇪 165.154.164.24