JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.5.53.79

194.5.53.79 was found in our database!

This IP was reported 105 times. Confidence of Abuse is 36%: ?

36%

ISP	VPN Consumer Paris, France
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇫🇷 France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.5.53.79

Whois 194.5.53.79

IP Abuse Reports for 194.5.53.79:

This IP address has been reported a total of 105 times from 61 distinct sources. 194.5.53.79 was first reported on December 17th 2022, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Marc	2026-06-03 15:11:32 (3 days ago)	194.5.53.79 - - [03/Jun/2026:17:11:32 +0200] "GET /.git-audit-probe-2959fb32409c27f1/HEAD HTTP/1.1" ... show more 194.5.53.79 - - [03/Jun/2026:17:11:32 +0200] "GET /.git-audit-probe-2959fb32409c27f1/HEAD HTTP/1.1" 404 2964 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:140.0) Gecko/20100101 Firefox/140.0" 194.5.53.79 - - [03/Jun/2026:17:11:32 +0200] "GET /.git/HEAD HTTP/1.1" 404 403 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:140.0) Gecko/20100101 Firefox/140.0" 194.5.53.79 - - [03/Jun/2026:17:11:32 +0200] "GET /.git/config HTTP/1.1" 404 403 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:140.0) Gecko/20100101 Firefox/140.0" show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-03 13:58:24 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.79 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 09:58:15.879065 2026] [security2:error] [pid 15396:tid 15396] [client 194.5.53.79:37313] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mitchellart.com"] [uri "/.git/HEAD"] [unique_id "aiAy9wV8c9BtB-atLRw5ggAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 13:31:23 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.79 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 09:31:17.446837 2026] [security2:error] [pid 17711:tid 17711] [client 194.5.53.79:50001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jhollingshead.com"] [uri "/.git/"] [unique_id "aiAspROEEBSp1eHHyOCW8AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 12:56:54 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.79 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 08:56:48.426742 2026] [security2:error] [pid 8116:tid 8116] [client 194.5.53.79:27747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "toepfer.org"] [uri "/.git/HEAD"] [unique_id "aiAkkJdzWQHF527tpLIyiAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 12:29:13 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.79 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 08:29:05.839774 2026] [security2:error] [pid 14404:tid 14404] [client 194.5.53.79:45669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tomorrowsdust.net"] [uri "/.git/HEAD"] [unique_id "aiAeEaqzHc5jlZvoBbVn0QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 12:05:13 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.79 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 08:05:09.515573 2026] [security2:error] [pid 5164:tid 5164] [client 194.5.53.79:60787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "network22.net"] [uri "/.git/"] [unique_id "aiAYdR21hL5BjSmEabS6ywAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 11:15:37 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.79 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 07:15:34.201396 2026] [security2:error] [pid 7716:tid 7716] [client 194.5.53.79:61931] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "watsoncousins.net"] [uri "/.git/config"] [unique_id "aiAM1voURK7cJsVDKV-IZQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 10:57:53 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.79 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 06:57:48.784970 2026] [security2:error] [pid 10425:tid 10425] [client 194.5.53.79:21823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thorsander.com"] [uri "/.git/HEAD"] [unique_id "aiAIrDjgtiAuVnOvKKSRGQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 YF	2026-05-27 19:10:49 (1 week ago)	Attaque distribuée subnet	DDoS Attack Web App Attack
🇩🇪 Admin-Gito	2026-05-27 16:06:17 (1 week ago)	194.5.53.79 - - [27/May/2026:18:02:35 +0200] "POST //xmlrpc.php HTTP/1.1" 200 3151 "-" "Mozilla/5.0 ... show more 194.5.53.79 - - [27/May/2026:18:02:35 +0200] "POST //xmlrpc.php HTTP/1.1" 200 3151 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36" 194.5.53.79 - - [27/May/2026:18:02:55 +0200] "POST //xmlrpc.php HTTP/1.1" 200 3150 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Edg/139.0.3124.85" 194.5.53.79 - - [27/May/2026:18:04:02 +0200] "POST //xmlrpc.php HTTP/1.1" 200 3151 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 Edg/140.0.3124.85" ... show less	Brute-Force Web App Attack
🇹🇼 kk_it_man	2026-05-14 08:53:02 (3 weeks ago)	ET WEB_SERVER Script tag in URI Possible Cross Site Scripting Attempt	Port Scan
Anonymous	2026-04-19 00:10:03 (1 month ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (13/60 min)'; Requests=13	Port Scan
Anonymous	2026-04-15 17:31:48 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 194.5.53.79 (FR/France/-)	Brute-Force
🇮🇹 VHosting	2026-04-15 17:12:53 (1 month ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇺🇸 mnsf	2026-03-09 01:05:11 (2 months ago)	Too many Status 40X (13)	Brute-Force Web App Attack

Showing 1 to 15 of 105 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 112.216.129.27

🇺🇸 66.132.195.87

🇨🇳 223.73.27.31

🇩🇪 194.187.176.94

🇺🇸 185.243.5.189

🇺🇸 172.236.228.111

🇪🇸 146.70.180.9

🇮🇳 145.79.58.79

🇨🇳 124.227.31.88

🇭🇰 112.120.171.95

🇨🇳 106.117.108.105

🇸🇬 101.47.20.221

🇷🇴 93.114.194.159

🇵🇱 87.251.64.141

🇩🇪 64.89.163.92

🇺🇸 18.188.233.138

🇯🇵 8.211.144.142

🇳🇱 176.65.148.197

🇺🇸 165.154.172.200

🇺🇸 162.216.150.56