JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.53.16

212.56.53.16 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 21%: ?

21%

ISP	VPN Consumer Los Angeles, United States
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.53.16

Whois 212.56.53.16

IP Abuse Reports for 212.56.53.16:

This IP address has been reported a total of 20 times from 11 distinct sources. 212.56.53.16 was first reported on May 9th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 matthieul.dev	2026-06-21 09:20:45 (2 days ago)	Blocked by os-abuseipdb; 3 hits, proto=udp, ports=46878	Port Scan Brute-Force
🇺🇸 TPI-Abuse	2026-06-18 18:43:45 (5 days ago)	(mod_security) mod_security (id:210580) triggered by 212.56.53.16 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210580) triggered by 212.56.53.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 14:43:41.468584 2026] [security2:error] [pid 11816:tid 11828] [client 212.56.53.16:64419] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:log_filename. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|starlinksales.net\|F\|2"] [data "Matched Data: etc/passwd found within ARGS:log_filename: ../../../../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "starlinksales.net"] [uri "/wp-admin/admin-ajax.php"] [unique_id "ajQ8XYzIrVu4bEQF1VPDgQAAAMc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 matthieul.dev	2026-06-12 01:00:23 (1 week ago)	Blocked by os-abuseipdb; 4 hits, proto=tcp, ports=24175	Port Scan Brute-Force
🇺🇸 xmission.com	2026-06-03 00:49:39 (2 weeks ago)	Blocked by UFW (TCP on 55426) Source port: 14143 TTL: 115 Packet length: 52 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 55426) Source port: 14143 TTL: 115 Packet length: 52 TOS: 0x08 This report (for 212.56.53.16) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-06-02 06:09:59 (3 weeks ago)	Blocked by UFW (TCP on 55426) Source port: 33211 TTL: 115 Packet length: 52 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 55426) Source port: 33211 TTL: 115 Packet length: 52 TOS: 0x08 This report (for 212.56.53.16) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-02-20 08:05:13 (4 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇺🇸 TPI-Abuse	2026-01-29 14:21:04 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.16 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 09:20:56.576605 2026] [security2:error] [pid 8551:tid 8551] [client 212.56.53.16:62526] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|webjemm.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "webjemm.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aXtsyL5CR1LTOgthj6gj6AAAAAM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ✨	2026-01-01 01:54:12 (5 months ago)	Rule : SMTP 12/31/25 22:53:05 1436 212.56.53.16 *hidden-privacy* ESMTP MailEnable Service, Ve ... show more Rule : SMTP 12/31/25 22:53:05 1436 212.56.53.16 *hidden-privacy* ESMTP MailEnable Service, Version: 10.53-- ready at 12/31/25 22:53:05 87 0 12/31/25 22:53:05 1436 212.56.53.16 EHLO EHLO ADMIN *hidden-privacy* [212.56.53.16], this server offers 5 extensions 220 12 12/31/25 22:53:05 1436 212.56.53.16 AUTH AUTH LOGIN 334 VXNlcm5hbWU6 18 12 12/31/25 22:53:06 1436 212.56.53.16 AUTH {blank} 334 UGFzc3dvcmQ6 18 38 [email protected] 12/31/25 22:53:06 1436 212.56.53.16 AUTH {blank} 535 Invalid Username or Password 34 22 [email protected] show less	Email Spam Port Scan Spoofing
🇧🇷 SvrAdmin	2025-12-29 00:53:58 (5 months ago)	[101] (smtpauth) Failed SMTP AUTH login from 212.56.53.16 (US/United States/-): 5 in the last 3600 s ... show more [101] (smtpauth) Failed SMTP AUTH login from 212.56.53.16 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2025-12-28 21:53:54 dovecot_login authenticator failed for (ADMIN) [212.56.53.16]:31440: 535 Incorrect authentication data ([email protected]) 2025-12-28 21:53:54 dovecot_login authenticator failed for (ADMIN) [212.56.53.16]:13599: 535 Incorrect authentication data ([email protected]) 2025-12-28 21:53:54 dovecot_login authenticator failed for (ADMIN) [212.56.53.16]:34287: 535 Incorrect authentication data ([email protected]) 2025-12-28 21:53:54 dovecot_login authenticator failed for (ADMIN) [212.56.53.16]:11822: 535 Incorrect authentication data ([email protected]) 2025-12-28 21:53:54 dovecot_login authenticator failed for (ADMIN) [212.56.53.16]:54996: 535 Incorrect authentication data ([email protected]) show less	Port Scan Hacking Brute-Force Exploited Host
🇩🇪 marzzzello	2025-11-29 00:32:20 (6 months ago)	Ports: 25x 5144	Port Scan
Anonymous	2025-09-25 00:35:13 (8 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-09-14 07:35:13 (9 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-09-11 07:30:12 (9 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-09-08 07:25:12 (9 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇨🇭 backslash	2025-08-09 20:40:09 (10 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 121.132.27.238

🇺🇸 167.71.253.111

🇺🇸 162.216.149.133

🇺🇸 142.4.31.180

🇦🇷 181.2.47.47

🇻🇳 171.250.97.199

🇺🇸 165.154.173.211

🇺🇸 150.136.214.177

🇨🇳 124.14.224.113

🇹🇭 106.0.165.219

🇪🇸 79.116.195.23

🇳🇱 45.148.10.121

🇺🇸 216.180.246.131

🇲🇦 196.75.122.212

🇲🇽 187.190.166.203

🇺🇸 103.143.231.24

🇮🇳 92.4.76.12

🇺🇸 165.154.162.73

🇺🇸 162.216.150.25

🇸🇦 94.96.162.62