JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.53.18

212.56.53.18 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer Los Angeles, United States
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.53.18

Whois 212.56.53.18

IP Abuse Reports for 212.56.53.18:

This IP address has been reported a total of 20 times from 12 distinct sources. 212.56.53.18 was first reported on April 25th 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-02-27 23:28:22 (3 months ago)	6 requests with user_agent.original AppleCoreMedia/1.0.0.23A344 (Macintosh; U; Intel Mac OS X 14_0; ... show more 6 requests with user_agent.original AppleCoreMedia/1.0.0.23A344 (Macintosh; U; Intel Mac OS X 14_0; da_dk) 6 requests with user_agent.original Mozilla/5.0 (Macintosh; U; PPC; en-US; rv:0.9.3) Gecko/20010802 show less	Brute-Force Bad Web Bot
🇺🇸 xmission.com	2026-02-27 00:40:28 (3 months ago)	Blocked by UFW (TCP on 1) Source port: 28427 TTL: 115 Packet length: 52 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 1) Source port: 28427 TTL: 115 Packet length: 52 TOS: 0x08 This report (for 212.56.53.18) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-01-26 04:15:00 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 23:14:56.506801 2026] [security2:error] [pid 14464:tid 14464] [client 212.56.53.18:28659] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|postermodelsworldwideinc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "postermodelsworldwideinc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXbqQEKnYZ5dnMucu8eHtAAAAAw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-26 02:47:38 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 21:47:34.705426 2026] [security2:error] [pid 6168:tid 6168] [client 212.56.53.18:47892] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jasonmcquain.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jasonmcquain.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXbVxuagAM49gIvXhu0ibQAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-26 02:22:10 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 21:22:05.120520 2026] [security2:error] [pid 5527:tid 5527] [client 212.56.53.18:30035] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|revidiego.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "revidiego.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXbPzXkEBOqp4T4XUe-QfQAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-25 20:26:46 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 15:26:40.763263 2026] [security2:error] [pid 17496:tid 17496] [client 212.56.53.18:11691] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|greenmountainfeeds.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "greenmountainfeeds.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXZ8gIxFrDOHY4kjUgUACwAAAAE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-25 20:08:17 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 15:08:11.408893 2026] [security2:error] [pid 2411419:tid 2411438] [client 212.56.53.18:54154] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|churchstjoseph.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "churchstjoseph.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aXZ4Kyqv0nmL_q70CbF5WQAAAJE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-25 19:42:15 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 14:42:08.673246 2026] [security2:error] [pid 32408:tid 32421] [client 212.56.53.18:7544] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|meanmouse.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "meanmouse.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXZyEDQrZanMtJ8brVcJfgAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-25 17:41:55 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 12:41:50.504259 2026] [security2:error] [pid 14946:tid 14946] [client 212.56.53.18:32959] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|versallis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "versallis.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXZV3jCrXObB6XB1QGl9fAAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-25 15:10:42 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 10:10:38.807729 2026] [security2:error] [pid 32518:tid 32518] [client 212.56.53.18:5565] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hkaida.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hkaida.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXYybmbB7_96Q1qddOTRHwAAAAk"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-18 14:02:26 (5 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇦🇺 screwlooseit.com.au	2025-11-27 21:18:58 (6 months ago)	Blocked by CSF 13 firewall - Rule: mysaslmatch GB/United Kingdom/-	Web App Attack
🇬🇧 stom	2025-06-15 22:28:16 (11 months ago)	2025-06-15T22:28:12.993763ls2.tom2.co.uk postfix/smtpd[7439]: warning: unknown[212.56.53.18]: SASL L ... show more 2025-06-15T22:28:12.993763ls2.tom2.co.uk postfix/smtpd[7439]: warning: unknown[212.56.53.18]: SASL LOGIN authentication failed: authentication failure ... show less	Email Spam Brute-Force
🇨🇦 Mediashaker	2025-06-15 22:26:52 (11 months ago)	(smtpauth) Failed SMTP AUTH login from 212.56.53.18 (US/United States/-)	Brute-Force
🇦🇺 oncord	2025-06-04 13:54:42 (1 year ago)	Form spam	Web Spam

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 193.228.139.227

🇺🇸 186.233.184.67

🇧🇷 177.55.61.255

🇺🇸 161.35.230.183

🇸🇬 129.226.95.93

🇺🇸 109.105.210.67

🇭🇰 103.81.170.118

🇷🇺 92.36.33.175

🇦🇹 68.210.120.110

🇭🇰 47.83.9.173

🇧🇷 205.210.31.238

🇧🇷 191.6.25.239

🇧🇷 186.236.237.105

🇦🇪 176.205.254.176

🇺🇸 147.185.132.91

🇨🇳 113.73.235.41

🇵🇱 87.251.64.176

🇪🇸 80.24.1.119

🇫🇮 77.105.161.120

🇲🇾 47.250.82.40