JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.53.143

212.56.53.143 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer Los Angeles, United States
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.53.143

Whois 212.56.53.143

IP Abuse Reports for 212.56.53.143:

This IP address has been reported a total of 14 times from 9 distinct sources. 212.56.53.143 was first reported on June 8th 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-02-23 16:32:48 (3 months ago)	Blocked by UFW (TCP on 6881) Source port: 58674 TTL: 114 Packet length: 52 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 6881) Source port: 58674 TTL: 114 Packet length: 52 TOS: 0x08 This report (for 212.56.53.143) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-01-29 16:32:51 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 11:32:44.542010 2026] [security2:error] [pid 5016:tid 5016] [client 212.56.53.143:45890] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|wplusw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wplusw.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXuLrNo3oTC6THaxPoBVNwAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-29 15:35:01 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 10:34:56.534374 2026] [security2:error] [pid 18396:tid 18396] [client 212.56.53.143:34538] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gonzalez.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gonzalez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXt-IFUUvaJc_n4SU4nLCQAAABg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 DumaNet	2025-12-03 06:29:00 (6 months ago)	Blocked for port scanning. Time: Mon Dec 1. 11:49:27 2025 +0100 IP: 212.56.53.143 (US/United State ... show more Blocked for port scanning. Time: Mon Dec 1. 11:49:27 2025 +0100 IP: 212.56.53.143 (US/United States/-) Sample of block hits: Dec 1 11:48:38 iron kernel: [71060315.588659] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=212.56.53.143 DST=[removed] LEN=52 TOS=0x00 PREC=0x00 TTL=120 ID=61180 DF PROTO=TCP SPT=43147 DPT=554 WINDOW=65535 RES=0x00 SYN URGP=0 Dec 1 11:48:39 iron kernel: [71060316.566589] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=212.56.53.143 DST=[removed] LEN=52 TOS=0x00 PREC=0x00 TTL=120 ID=61181 DF PROTO=TCP SPT=43147 DPT=554 WINDOW=65535 RES=0x00 SYN URGP=0 Dec 1 11:48:41 iron kernel: [71060318.580673] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=212.56.53.143 DST=[removed] LEN=52 TOS=0x00 PREC=0x00 TTL=120 ID=61182 DF PROTO=TCP SPT=43147 DPT=554 WINDOW=65535 RES=0x00 SYN URGP=0 Dec 1 11:49:11 iron kernel: [71060348.186161] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=212.56.53.143 DST=[removed] LEN=52 TOS=0x00 PREC=0x00 TTL=120 ID=61183 DF PROTO=TCP SPT=21937 DPT=554 show less	Port Scan
🇺🇸 TPI-Abuse	2025-11-28 19:30:13 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 14:30:07.869768 2025] [security2:error] [pid 14699:tid 14699] [client 212.56.53.143:41970] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cesmat.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cesmat.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSn4P4TnuaB0L_XcfDuQpQAAABU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-05 03:15:25 (7 months ago)	Try to connect to Port_Scan_1521_stealth	Port Scan
🇺🇸 TPI-Abuse	2025-10-25 04:12:36 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 212.56.53.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 212.56.53.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 25 00:12:31.286185 2025] [security2:error] [pid 27486:tid 27486] [client 212.56.53.143:53230] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|cnprcertificationreviews.org\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cnprcertificationreviews.org"] [uri "/instagram.com"] [unique_id "aPxOLwtcaZ5QInyhr5zFNwAAAAU"], referer: https://cnprcertificationreviews.org/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-09-29 07:05:11 (8 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-09-09 13:35:15 (9 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-09-06 13:30:17 (9 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇩🇪 Packets-Decreaser.NET	2025-09-05 19:38:59 (9 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇨🇦 ISPLtd	2025-08-19 23:15:00 (10 months ago)	Probing for WP sites	Bad Web Bot Web App Attack
Anonymous	2025-08-04 15:30:43 (10 months ago)	Botnet - login attempts with leaked random user/pass lists	Hacking Brute-Force Web App Attack
Anonymous	2025-06-08 22:13:17 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇻 190.61.113.71

🇳🇱 176.65.139.239

🇳🇱 176.65.139.229

🇦🇴 154.116.254.157

🇬🇧 31.14.254.84

🇺🇸 20.14.73.1

🇯🇵 8.216.15.149

🇺🇸 3.129.187.38

🇷🇴 193.32.162.83

🇨🇳 180.104.19.76

🇨🇦 134.122.46.243

🇺🇸 104.168.93.75

🇮🇹 88.147.30.59

🇬🇧 86.9.212.155

🇸🇬 84.75.155.6

🇱🇹 45.227.254.170

🇳🇱 45.92.1.83

🇺🇸 2604:a880:400:d1:0:4:9e77:6001

🇩🇪 185.249.74.198

🇺🇸 172.58.84.19