JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.53.140.72

194.53.140.72 was found in our database!

This IP was reported 63 times. Confidence of Abuse is 31%: ?

31%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS61317
Domain Name	netutils.io
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.53.140.72

Whois 194.53.140.72

IP Abuse Reports for 194.53.140.72:

This IP address has been reported a total of 63 times from 13 distinct sources. 194.53.140.72 was first reported on April 28th 2025, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-29 06:24:34 (5 hours ago)	(mod_security) mod_security (id:210350) triggered by 194.53.140.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 194.53.140.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 02:24:30.255687 2026] [security2:error] [pid 17289:tid 17295] [client 194.53.140.72:50785] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.ahsdistance.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.ahsdistance.org"] [uri "/stpiusinvite/2008/Results-2008.htm"] [unique_id "akIPnpq7qGDTmsA1_l0MoQAAAAE"], referer: http://www.ahsdistance.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-28 19:14:09 (16 hours ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 22-14.194.53.140.72.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 22-14.194.53.140.72.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 22:25:18 (3 days ago)	(mod_security) mod_security (id:210350) triggered by 194.53.140.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 194.53.140.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 18:25:13.729779 2026] [security2:error] [pid 8876:tid 8935] [client 194.53.140.72:36223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.northtexaslive.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.northtexaslive.com"] [uri "/venues/"] [unique_id "aj2qyQeq-OJaB-hQFqaXSgAAAVg"], referer: http://www.northtexaslive.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 11:00:06 (4 days ago)	(mod_security) mod_security (id:210350) triggered by 194.53.140.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 194.53.140.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 06:59:57.043417 2026] [security2:error] [pid 7146:tid 7146] [client 194.53.140.72:42181] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.cchockeyhistory.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.cchockeyhistory.org"] [uri "/"] [unique_id "aj0KLSPkIEf6JhfAniJb6QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-25 02:11:36 (4 days ago)	Attempted search for exploits and vulnerabilities detected by fail2ban ...	Port Scan Brute-Force
🇺🇸 TPI-Abuse	2026-06-24 16:36:29 (4 days ago)	(mod_security) mod_security (id:210350) triggered by 194.53.140.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 194.53.140.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 12:36:20.130286 2026] [security2:error] [pid 9706:tid 9706] [client 194.53.140.72:63251] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.yarbroughfamily.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.yarbroughfamily.org"] [uri "/MasterIndex1.pdf"] [unique_id "ajwHhCDNDUaSU1CdzEK3rAAAAAU"], referer: http://www.yarbroughfamily.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-06-01 14:30:00 (3 weeks ago)	IPBlock protected site ID [4055-d][s=07]. Persistent 404, vulnerability scanner	Hacking Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-05-29 12:48:00 (4 weeks ago)	IPBlock protected site ID [4055-d][s=07]. Persistent 404, vulnerability scanner	Hacking Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-05-28 08:57:00 (1 month ago)	IPBlock protected site ID [4055-d][s=07]. Persistent 404, vulnerability scanner	Hacking Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-05-26 08:08:00 (1 month ago)	IPBlock protected site ID [4055-d][s=07]. Persistent 404, vulnerability scanner	Hacking Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-05-25 07:55:00 (1 month ago)	IPBlock protected site ID [4055-d][s=07]. Persistent 404, vulnerability scanner	Hacking Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-05-24 07:41:00 (1 month ago)	IPBlock protected site ID [4055-d][s=07]. Persistent 404, vulnerability scanner	Hacking Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-05-23 04:52:00 (1 month ago)	IPBlock protected site ID [4055-d][s=07]. Persistent 404, vulnerability scanner	Hacking Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-05-22 03:40:00 (1 month ago)	IPBlock protected site ID [4055-d][s=07]. Persistent 404, vulnerability scanner	Hacking Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-05-20 23:51:00 (1 month ago)	IPBlock protected site ID [4055-d][s=02]. Persistent 404, vulnerability scanner	Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 63 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 120.195.61.182

🇺🇸 43.153.99.170

🇺🇸 20.127.185.37

🇨🇴 186.146.235.58

🇨🇭 172.161.72.4

🇳🇱 144.31.203.90

🇮🇹 93.35.202.218

🇩🇪 87.106.42.210

🇹🇼 59.126.224.134

🇵🇭 58.69.177.3

🇦🇷 186.122.177.140

🇫🇷 159.26.112.11

🇵🇭 157.119.68.106

🇨🇳 125.39.93.73

🇧🇩 115.127.149.226

🇮🇩 103.99.214.16

🇺🇸 91.230.168.4

🇰🇷 61.43.121.132

🇨🇭 51.107.68.88

🇺🇸 50.78.25.138