JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.5.53.102

194.5.53.102 was found in our database!

This IP was reported 90 times. Confidence of Abuse is 39%: ?

39%

ISP	VPN Consumer Paris, France
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇫🇷 France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.5.53.102

Whois 194.5.53.102

IP Abuse Reports for 194.5.53.102:

This IP address has been reported a total of 90 times from 52 distinct sources. 194.5.53.102 was first reported on December 17th 2021, and the most recent report was 46 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2024-05-05 11:33:40 (2 years ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2024-04-16 16:04:02 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.102 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 16 12:03:58.525404 2024] [security2:error] [pid 1489] [client 194.5.53.102:55039] [client 194.5.53.102] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.157"] [uri "/.env"] [unique_id "Zh6hbtgJ0-WcbKMuxF2J7gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 unifr	2024-02-25 00:04:26 (2 years ago)	Unauthorized IMAP connection attempt	Brute-Force
🇦🇺 oncord	2024-01-27 01:09:32 (2 years ago)	Form spam	Web Spam
🇫🇷 conseilgouz	2024-01-26 12:55:11 (2 years ago)	scw-Joomla User : try to access forms...	Hacking
🇺🇸 oncord	2024-01-26 00:54:50 (2 years ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2024-01-15 13:04:55 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.102 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 15 08:04:51.178633 2024] [security2:error] [pid 11327] [client 194.5.53.102:60885] [client 194.5.53.102] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.mfleetservice.com"] [uri "/.env"] [unique_id "ZaUtc2C1jJFoHKgH20NQvQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2023-04-02 12:26:15 (3 years ago)	194.5.53.102 - - [02/Apr/2023:15:26:14 +0300] "GET /.env HTTP/1.1" 404 274 "-" "Mozilla/5.0 (X11; Li ... show more 194.5.53.102 - - [02/Apr/2023:15:26:14 +0300] "GET /.env HTTP/1.1" 404 274 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2023-04-02 08:22:12 (3 years ago)	194.5.53.102 - - [02/Apr/2023:11:22:11 +0300] "GET /wp-content/ALFA_DATA HTTP/1.1" 404 273 "www.bing ... show more 194.5.53.102 - - [02/Apr/2023:11:22:11 +0300] "GET /wp-content/ALFA_DATA HTTP/1.1" 404 273 "www.bing.com" "wp_is_mobile" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2023-04-02 02:20:56 (3 years ago)	194.5.53.102 - - [02/Apr/2023:05:19:06 +0300] "GET /wp-content/outcms.php?up HTTP/1.1" 404 288 "www. ... show more 194.5.53.102 - - [02/Apr/2023:05:19:06 +0300] "GET /wp-content/outcms.php?up HTTP/1.1" 404 288 "www.bing.com" "wp_is_mobile" 194.5.53.102 - - [02/Apr/2023:05:20:55 +0300] "GET /wp-admin/alfacgiapi HTTP/1.1" 404 274 "www.bing.com" "wp_is_mobile" ... show less	Web App Attack
🇺🇸 NXTwoThou	2022-12-29 06:53:56 (3 years ago)	python-requests/2.27.1	Port Scan
🇪🇸 10dencehispahard SL	2022-12-17 06:26:48 (3 years ago)	Suspicious activity detected by Modsecurity [Application attack LFI]	Hacking Web App Attack
🇮🇪 RoboSOC	2022-12-16 23:50:07 (3 years ago)	phpunit Remote Code Execution Vulnerability, PTR: PTR record not found	Hacking
🇩🇪 niceshops.com	2022-12-16 23:41:40 (3 years ago)	Vulnerability scanning (GET /.env)	Web App Attack
🇬🇧 headwall	2021-12-17 21:15:56 (4 years ago)	Probe for WordPress internals file xmlrpc.php by client 194.5.53.102 on local port 443	Web App Attack

Showing 76 to 90 of 90 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.151

🇸🇬 107.150.112.233

🇺🇸 2607:f8b0:400e:c05::123

🇺🇸 205.210.31.17

🇭🇰 199.45.155.96

🇳🇱 190.2.149.244

🇫🇷 147.93.93.184

🇻🇳 103.48.82.186

🇳🇱 85.11.167.11

🇺🇸 65.49.1.100

🇳🇱 45.148.10.157

🇩🇪 43.228.157.184

🇮🇳 216.10.245.205

🇳🇱 213.177.179.166

🇬🇧 188.30.79.201

🇨🇳 183.218.213.217

🇺🇸 166.155.116.155

🇮🇳 125.19.179.18

🇮🇳 122.166.49.42

🇰🇷 116.123.150.231