JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.5.53.90

194.5.53.90 was found in our database!

This IP was reported 120 times. Confidence of Abuse is 60%: ?

60%

ISP	VPN Consumer Paris, France
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇫🇷 France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.5.53.90

Whois 194.5.53.90

IP Abuse Reports for 194.5.53.90:

This IP address has been reported a total of 120 times from 65 distinct sources. 194.5.53.90 was first reported on June 25th 2021, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 openstrike.co.uk	2026-06-04 05:13:26 (21 hours ago)	2 attacks on VC URLs: GET /.git/config HTTP/1.1	Hacking
🇺🇸 TPI-Abuse	2026-06-03 16:03:01 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.90 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 12:02:57.882609 2026] [security2:error] [pid 25769:tid 25769] [client 194.5.53.90:56317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bryteandbroderick.org"] [uri "/.git/config"] [unique_id "aiBQMbkP2f-t8cmNYAEvcgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 15:30:26 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.90 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 11:30:20.690586 2026] [security2:error] [pid 27622:tid 27622] [client 194.5.53.90:43327] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "christmasweddingnapkins.com"] [uri "/.git/"] [unique_id "aiBIjNvs9UADm2tQRAI6DAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 14:56:25 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.90 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 10:56:20.588919 2026] [security2:error] [pid 4745:tid 4745] [client 194.5.53.90:34299] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "intergalactichuman.com"] [uri "/.git/HEAD"] [unique_id "aiBAlGXrdbLn_p1-VT3q2QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 14:12:48 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.90 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 10:12:42.121850 2026] [security2:error] [pid 12906:tid 12906] [client 194.5.53.90:37391] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "greenmountainfeeds.com"] [uri "/.git/HEAD"] [unique_id "aiA2Wv8G72bRfFRZSyuj9wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-03 13:05:12 (1 day ago)	Abuse Detected (4)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 11:03:58 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.90 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 07:03:53.833166 2026] [security2:error] [pid 3794:tid 3794] [client 194.5.53.90:33375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "holgerfeld.com"] [uri "/.git/HEAD"] [unique_id "aiAKGW5oxlHQhY_37lqCAwAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ShadowWhisperer	2026-06-03 07:42:27 (1 day ago)	RDP credential attempt.	Brute-Force Hacking
🇫🇷 cityhunter_rhone	2026-06-03 07:27:04 (1 day ago)	Honeypot port triggered: HONEYPOT PORT 3389 touched. Automatic permanent ban. Mercurius-Guide automa ... show more Honeypot port triggered: HONEYPOT PORT 3389 touched. Automatic permanent ban. Mercurius-Guide automated detection. show less	Port Scan Hacking Brute-Force
🇫🇷 geeek	2026-06-03 07:25:42 (1 day ago)	Port scanning: 3389 TCP Blocked	Port Scan
🇵🇱 nfsec.pl	2026-06-03 06:05:07 (1 day ago)	Detected: TCP scan on port: 3389 with flags: SYN	Port Scan
🇨🇦 Luhte	2026-06-03 06:00:08 (1 day ago)	Unsolicited TCP connection from 194.5.53.90 to port 0 at 2026-06-03T06:00:08Z. Source IP completed t ... show more Unsolicited TCP connection from 194.5.53.90 to port 0 at 2026-06-03T06:00:08Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring. show less	Port Scan Hacking
🇩🇪 Luhte	2026-06-03 05:36:25 (1 day ago)	Unsolicited TCP connection from 194.5.53.90 to port 0 at 2026-06-03T05:36:25Z. Source IP completed t ... show more Unsolicited TCP connection from 194.5.53.90 to port 0 at 2026-06-03T05:36:25Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring. show less	Port Scan Hacking
🇩🇪 YF	2026-05-27 19:10:59 (1 week ago)	Attaque distribuée subnet	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-05-18 22:18:00 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 194.5.53.90 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 194.5.53.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 18:17:53.255953 2026] [security2:error] [pid 2228:tid 2228] [client 194.5.53.90:57917] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "97films.media"] [uri "/.env.php"] [unique_id "aguQEfrB0oLWCycacxJD_wAAABM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 120 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 85.217.149.57

🇨🇳 47.115.211.116

🇬🇧 35.203.211.133

🇧🇪 34.62.74.204

🇬🇧 217.154.62.224

🇳🇱 212.83.173.218

🇸🇬 172.104.186.246

🇺🇸 162.216.150.28

🇺🇸 154.92.22.13

🇫🇮 147.185.133.109

🇺🇸 129.222.0.57

🇨🇳 113.194.203.31

🇮🇳 103.215.152.199

🇮🇩 103.79.247.161

🇨🇦 85.217.149.24

🇷🇴 80.94.92.184

🇸🇬 64.233.173.99

🇸🇬 47.84.192.43

🇪🇸 5.154.34.218

🇺🇸 216.180.246.92