JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.53.139

212.56.53.139 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer Los Angeles, United States
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.53.139

Whois 212.56.53.139

IP Abuse Reports for 212.56.53.139:

This IP address has been reported a total of 19 times from 10 distinct sources. 212.56.53.139 was first reported on May 8th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-03-23 21:49:42 (2 months ago)	Blocked by UFW (TCP on 34942) Source port: 56616 TTL: 115 Packet length: 52 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 34942) Source port: 56616 TTL: 115 Packet length: 52 TOS: 0x08 This report (for 212.56.53.139) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-03-15 08:29:21 (3 months ago)	Blocked by UFW (TCP on 51413) Source port: 61025 TTL: 115 Packet length: 52 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 51413) Source port: 61025 TTL: 115 Packet length: 52 TOS: 0x08 This report (for 212.56.53.139) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-03-09 05:02:37 (3 months ago)	Blocked by UFW (TCP on 51413) Source port: 40723 TTL: 115 Packet length: 52 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 51413) Source port: 40723 TTL: 115 Packet length: 52 TOS: 0x08 This report (for 212.56.53.139) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-03-02 11:13:13 (3 months ago)	Blocked by UFW (TCP on 51413) Source port: 3914 TTL: 115 Packet length: 52 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 51413) Source port: 3914 TTL: 115 Packet length: 52 TOS: 0x08 This report (for 212.56.53.139) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 bazter.pro	2026-02-10 00:02:23 (4 months ago)	Auto-Ban [2026-02-10 02:02:19]: Suspicious Datacenter (VPN Consumer Los Angeles, United States); DC: ... show more Auto-Ban [2026-02-10 02:02:19]: Suspicious Datacenter (VPN Consumer Los Angeles, United States); DC: VPN Consumer Los Angeles, United States [Paths: 6] \| Details: Sensitive files/paths: /xmlrpc.php, /xmlrpc.php, /xmlrpc.php, /xmlrpc.php, /wp-admin/ \| Other paths: /?author=1, /wp-login.php, /xmlrpc.php, /wp-login.php?redirect_to=https%3A%2F%2Fblog.it-srv.org%2Fwp-admin%2F&reauth=1, /wp-admin/, /wp-json/wp/v2/users show less	Web App Attack
🇩🇪 Wido	2026-02-02 04:54:06 (4 months ago)	Web Attack: Unauthorized access attempt to sensitive/hidden system file.	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-02 02:22:50 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.139 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 21:22:43.890326 2026] [security2:error] [pid 31997:tid 32025] [client 212.56.53.139:14634] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|soonervolunteer.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "soonervolunteer.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aYAKc98lCoXrM0LFUGlWDAAAANc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-02 00:56:21 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.139 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 19:56:14.223852 2026] [security2:error] [pid 893974:tid 893974] [client 212.56.53.139:10004] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|staben.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "staben.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX_2Lg_9dyD43f6gM1umxAAAAAM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-02-02 00:11:00 (4 months ago)	IPBlock protected site ID [4055-d][s=02]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 23:18:21 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.139 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 18:18:18.771621 2026] [security2:error] [pid 16422:tid 16422] [client 212.56.53.139:5847] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ozera.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ozera.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX_fOp4l23wiZewsKKrOvAAAACE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 22:12:51 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.139 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 17:12:48.018227 2026] [security2:error] [pid 13531:tid 13531] [client 212.56.53.139:12337] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|robertwhitbeck.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "robertwhitbeck.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX_P4C9pqWL8ng3SYGH6ZgAAAB0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 voormedia	2026-02-01 21:37:36 (4 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 21:04:41 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.139 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 16:04:37.544336 2026] [security2:error] [pid 26194:tid 26194] [client 212.56.53.139:31458] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|intermixx.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "intermixx.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX-_5f5-eM559jHK7U1VOgAAAA0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 18:47:29 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.139 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 13:47:26.228030 2026] [security2:error] [pid 23208:tid 23208] [client 212.56.53.139:51274] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cw-enterprises.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cw-enterprises.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX-fvk9Tri_u_jZ_cHgV3gAAABQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 17:16:29 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.139 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 12:16:22.937928 2026] [security2:error] [pid 17340:tid 17340] [client 212.56.53.139:6349] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|teenybikini.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "teenybikini.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX-KZl0eIGh2-g3yXCvS-wAAAA8"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.13.26.42

🇳🇱 193.176.31.247

🇺🇸 185.191.171.6

🇰🇪 165.90.24.143

🇨🇳 117.175.51.134

🇮🇳 65.0.20.26

🇨🇳 222.142.39.185

🇫🇷 185.188.249.30

🇮🇳 152.58.189.43

🇵🇾 143.202.209.172

🇨🇳 112.46.215.85

🇬🇧 87.106.44.172

🇦🇹 45.137.172.116

🇺🇸 34.187.200.80

🇺🇸 16.58.56.214

🇩🇪 213.209.159.228

🇲🇴 182.93.7.194

🇺🇦 176.110.103.88

🇹🇼 118.171.66.130

🇨🇳 115.190.181.18