JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.56.116.235

193.56.116.235 was found in our database!

This IP was reported 157 times. Confidence of Abuse is 100%: ?

100%

ISP	VPN Consumer Atlanta, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62240
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Atlanta, Georgia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.56.116.235

Whois 193.56.116.235

IP Abuse Reports for 193.56.116.235:

This IP address has been reported a total of 157 times from 53 distinct sources. 193.56.116.235 was first reported on June 4th 2022, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 centurion	2026-06-27 01:18:02 (2 hours ago)	Unauthorized attempt on lab [5060/tcp] Source port: 42381 TTL: 117 Packet length: 52 TOS: 0x00 https ... show more Unauthorized attempt on lab [5060/tcp] Source port: 42381 TTL: 117 Packet length: 52 TOS: 0x00 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-26 17:56:30 (9 hours ago)	Try to connect to Port_Scan_5060_stealth	Port Scan
🇩🇪 london2038.com	2026-06-26 16:02:09 (11 hours ago)	Connection atttempts against closed TCP ports Jun 26 18:02:06 BLOCK SRC=193.56.116.235 LEN=52 TOS=0x ... show more Connection atttempts against closed TCP ports Jun 26 18:02:06 BLOCK SRC=193.56.116.235 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=49404 DF PROTO=TCP SPT=62783 DPT=5060 WINDOW=65500 RES=0x00 CWR ECE SYN Jun 26 18:02:07 BLOCK SRC=193.56.116.235 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=49405 DF PROTO=TCP SPT=62783 DPT=5060 WINDOW=65500 RES=0x00 CWR ECE SYN Jun 26 18:02:09 BLOCK SRC=193.56.116.235 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=49406 DF PROTO=TCP SPT=62783 DPT=5060 WINDOW=65500 RES=0x00 SYN show less	Port Scan
🇧🇾 stroytrest	2026-06-26 14:23:47 (13 hours ago)	2026-06-26T17:23:47.173125+03:00 gate kernel: [2798426.339970] nftables: JAIL-SIP IN=wan OUT= MAC= S ... show more 2026-06-26T17:23:47.173125+03:00 gate kernel: [2798426.339970] nftables: JAIL-SIP IN=wan OUT= MAC= SRC=193.56.116.235 DST=xxx.xxx.xxx.xxx LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=61659 DF PROTO=TCP SPT=39967 DPT=5060 WINDOW=65500 RES=0x00 CWR ECE SYN URGP=0 ... show less	Port Scan
🇩🇪 Admins@FBN	2026-06-26 10:38:22 (16 hours ago)	IPS:drop <match> dstport=5060	Brute-Force Exploited Host
Anonymous	2026-06-26 10:30:08 (16 hours ago)	Triggered: repeated knocking on closed ports.	Port Scan
Anonymous	2026-06-26 08:10:41 (19 hours ago)	Unauthorized access (5060/tcp/sip)	Port Scan Fraud VoIP
🇹🇷 Threat.live	2026-06-26 08:10:02 (19 hours ago)	Suspicious Connection Attempts	Brute-Force
🇺🇸 cazae	2026-06-26 06:31:01 (20 hours ago)	Unauthorized attempt on debian [5060/tcp] Source port: 65391 TTL: 112 Packet length: 52 TOS: 0x08 h ... show more Unauthorized attempt on debian [5060/tcp] Source port: 65391 TTL: 112 Packet length: 52 TOS: 0x08 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Fraud VoIP
🇫🇷 security.rdmc.fr	2026-06-26 05:28:53 (21 hours ago)	VoIP Attack proto:TCP src:33952 dst:5060	Port Scan Fraud VoIP
🇩🇪 LRob.fr	2026-06-19 04:15:09 (1 week ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇫🇷 tecnicorioja	2026-06-16 22:00:48 (1 week ago)	wp-login attack [16/Jun/2026:12:53:48	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 11:01:58 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 193.56.116.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 193.56.116.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 07:01:54.005123 2026] [security2:error] [pid 10426:tid 10426] [client 193.56.116.235:57951] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bzbdesigns.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bzbdesigns.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajEtIR3q3IGJ6SV2-7atHwAAAAQ"], referer: https://www.bing.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-16 10:38:35 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 127	Exploited Host Web App Attack
🇨🇿 plzenskypruvodce.cz	2026-06-16 07:36:24 (1 week ago)	2026-06-16T09:34:18.829609+02:00 web wordpress(choteborky.cz)[3244592]: Authentication attempt for u ... show more 2026-06-16T09:34:18.829609+02:00 web wordpress(choteborky.cz)[3244592]: Authentication attempt for unknown user johnelouter from 193.56.116.235 2026-06-16T09:34:25.613961+02:00 web wordpress(choteborky.cz)[3244533]: Authentication attempt for unknown user bapaksaya from 193.56.116.235 2026-06-16T09:36:24.433560+02:00 web wordpress(choteborky.cz)[3244533]: Authentication attempt for unknown user gateway from 193.56.116.235 ... show less	Brute-Force

Showing 1 to 15 of 157 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.239.251.12

🇨🇳 180.95.238.29

🇯🇵 172.233.94.148

🇳🇱 93.174.93.12

🇷🇺 83.171.89.209

🇲🇽 45.7.45.226

🇺🇦 37.46.230.244

🇺🇸 216.24.219.39

🇷🇺 178.177.40.170

🇺🇸 162.216.150.44

🇮🇳 122.187.234.54

🇸🇪 65.99.181.123

🇬🇧 51.68.200.137

🇧🇷 187.72.189.140

🇩🇪 167.94.145.18

🇩🇪 164.90.208.56

🇬🇧 159.65.18.197

🇺🇸 143.244.168.161

🇰🇷 115.178.75.243

🇻🇳 103.48.192.48