JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.255.99.99

5.255.99.99 was found in our database!

This IP was reported 57 times. Confidence of Abuse is 100%: ?

100%

ISP	The Infrastructure Group B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60404
Domain Name	theinfrastructure.group
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.255.99.99

Whois 5.255.99.99

IP Abuse Reports for 5.255.99.99:

This IP address has been reported a total of 57 times from 39 distinct sources. 5.255.99.99 was first reported on June 8th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-10 00:44:05 (5 days ago)	Excessive multi-domain requests	Brute-Force
🇵🇱 strefapi_com	2026-06-09 12:06:39 (5 days ago)	Brute-force, web ...	Hacking Brute-Force Web App Attack
🇺🇸 Rocky Mountain Bioengineering Symposium	2026-06-09 11:09:47 (5 days ago)	5.255.99.99 - - [09/Jun/2026:05:09:46 -0600] "GET /.git/config HTTP/2.0" 300 4342 "-" "Mozilla/5.0 ( ... show more 5.255.99.99 - - [09/Jun/2026:05:09:46 -0600] "GET /.git/config HTTP/2.0" 300 4342 "-" "Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot)" ... show less	Web App Attack
🇬🇧 Greg Poulson	2026-06-09 09:52:33 (5 days ago)	Our website was hit by this DDOS at a rate of 12 in 5 minutes.	DDoS Attack Web Spam Brute-Force
🇺🇸 TPI-Abuse	2026-06-09 09:51:28 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 5.255.99.99 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 5.255.99.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 05:51:19.392901 2026] [security2:error] [pid 29673:tid 29673] [client 5.255.99.99:53734] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alhill.com"] [uri "/.git/config"] [unique_id "aifiF6Hz1rJ-T9skz47DZAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-09 08:16:54 (5 days ago)	23.604 requests from abuseipdb.com blacklisted IP (8mos1w23h)	Brute-Force Bad Web Bot
🇩🇪 XICTRON	2026-06-09 08:00:03 (5 days ago)	ModSecurity rule violation detected by Fail2Ban	Web App Attack
🇩🇪 FeG Deutschland	2026-06-09 07:44:47 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
Anonymous	2026-06-09 07:07:05 (5 days ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇨🇭 🇨🇭 Hosting	2026-06-09 05:10:08 (5 days ago)	Automated WAF report: 200-300 blocked requests from this IP detected by our WAF.	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 05:02:07 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 5.255.99.99 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 5.255.99.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 01:02:03.946078 2026] [security2:error] [pid 31351:tid 31351] [client 5.255.99.99:52000] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "help.gmacguffin.com"] [uri "/.git/config"] [unique_id "aieeS4uiWLnKidXhG2iyjAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 03:06:03 (6 days ago)	Bot / scanning and/or hacking attempts: GET /debug/pprof/cmdline HTTP/1.1, GET /.env.example HTTP/1. ... show more Bot / scanning and/or hacking attempts: GET /debug/pprof/cmdline HTTP/1.1, GET /.env.example HTTP/1.1, GET /storage/logs/laravel.log HTTP/1.1, GET /.env.local HTTP/1.1, GET /cookies HTTP/2.0, GET /config/secrets.yml HTTP/1.1, GET /secrets/gcp.json HTTP/2.0 show less	Hacking Web App Attack
🇫🇷 Baking333	2026-06-09 01:59:24 (6 days ago)	[redacted] 5.255.99.99 - - [09/Jun/2026:02:59:21 +0100] "GET /.git/config HTTP/1.1" 302 1492 0/27728 ... show more [redacted] 5.255.99.99 - - [09/Jun/2026:02:59:21 +0100] "GET /.git/config HTTP/1.1" 302 1492 0/277282 "-" "CCBot/2.0 (https://[redacted]/faq/)" [redacted] 5.255.99.99 - - [09/Jun/2026:02:59:21 +0100] "GET /.aws/credentials HTTP/1.1" 302 1492 0/314901 "-" "Mozilla/5.0 (compatible; Amazonbot/0.1; +https://[redacted]/support/amazonbot)" show less	Bad Web Bot Web App Attack
🇩🇪 sverson	2026-06-09 00:27:43 (6 days ago)	Automated report / Wordpress Attack Attempt	Hacking Web App Attack
🇬🇧 Apache	2026-06-08 23:44:42 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 5.255.99.99 (-): 5 in the last 300 secs (CF_ENA ... show more (mod_security) mod_security (id:210492) triggered by 5.255.99.99 (-): 5 in the last 300 secs (CF_ENABLE) show less	Brute-Force Web App Attack

Showing 1 to 15 of 57 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.0.63.25

🇧🇪 198.235.24.194

🇲🇰 185.193.240.246

🇺🇸 147.185.132.249

🇺🇸 147.185.132.246

🇧🇩 103.203.95.220

🇺🇸 91.230.168.1

🇺🇸 62.132.18.142

🇩🇪 217.160.68.87

🇺🇸 216.131.83.113

🇩🇪 213.209.159.158

🇳🇱 213.177.179.107

🇨🇳 210.51.67.211

🇹🇳 197.17.101.90

🇺🇸 195.184.76.211

🇨🇴 190.60.57.60

🇨🇳 180.167.128.202

🇮🇩 163.7.12.183

🇭🇰 154.221.23.232

🇪🇬 154.179.149.233