JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.53.184

212.56.53.184 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer Los Angeles, United States
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.53.184

Whois 212.56.53.184

IP Abuse Reports for 212.56.53.184:

This IP address has been reported a total of 16 times from 9 distinct sources. 212.56.53.184 was first reported on June 26th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 int8	2026-03-21 00:56:15 (2 months ago)	2026-03-21T00:56:15.693314636Z Minecraft server scanner: status request	Port Scan
🇩🇪 zUnlegit	2026-03-21 00:54:38 (2 months ago)	2026-03-21 00:54:19: Minecraft server scan detected from 212.56.53.184 on port 25565 of mailserver	Port Scan
🇧🇷 SvrAdmin	2025-12-30 14:41:20 (5 months ago)	[101] (smtpauth) Failed SMTP AUTH login from 212.56.53.184 (US/United States/-): 5 in the last 3600 ... show more [101] (smtpauth) Failed SMTP AUTH login from 212.56.53.184 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2025-12-30 11:41:14 dovecot_login authenticator failed for (ADMIN) [212.56.53.184]:18588: 535 Incorrect authentication data ([email protected]) 2025-12-30 11:41:14 dovecot_login authenticator failed for (ADMIN) [212.56.53.184]:48028: 535 Incorrect authentication data ([email protected]) 2025-12-30 11:41:14 dovecot_login authenticator failed for (ADMIN) [212.56.53.184]:3284: 535 Incorrect authentication data ([email protected]) 2025-12-30 11:41:14 dovecot_login authenticator failed for (ADMIN) [212.56.53.184]:27126: 535 Incorrect authentication data ([email protected]) 2025-12-30 11:41:14 dovecot_login authenticator failed for (ADMIN) [212.56.53.184]:57656: 535 Incorrect authentication data ([email protected]) show less	Port Scan Hacking Brute-Force Exploited Host
🇮🇩 sockominfo	2025-12-15 05:00:59 (6 months ago)	Zimbra: Login failures from malicious IP: 212.56.53.184. Threat Score: 5.1/10 (MEDIUM). Reported by ... show more Zimbra: Login failures from malicious IP: 212.56.53.184. Threat Score: 5.1/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2025-12-15 03:00:58 (6 months ago)	Zimbra: Login failures from malicious IP: 212.56.53.184. Threat Score: 5.2/10 (MEDIUM). Reported by ... show more Zimbra: Login failures from malicious IP: 212.56.53.184. Threat Score: 5.2/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2025-12-15 01:00:58 (6 months ago)	Zimbra: Login failures from malicious IP: 212.56.53.184. Threat Score: 5.3/10 (MEDIUM). Reported by ... show more Zimbra: Login failures from malicious IP: 212.56.53.184. Threat Score: 5.3/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2025-12-14 23:00:58 (6 months ago)	Zimbra: Login failures from malicious IP: 212.56.53.184. Threat Score: 5.4/10 (MEDIUM). Reported by ... show more Zimbra: Login failures from malicious IP: 212.56.53.184. Threat Score: 5.4/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2025-12-14 22:00:58 (6 months ago)	Zimbra: Login failures from malicious IP: 212.56.53.184. Threat Score: 5.5/10 (MEDIUM). Reported by ... show more Zimbra: Login failures from malicious IP: 212.56.53.184. Threat Score: 5.5/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2025-12-14 17:59:32 (6 months ago)	[WAZUH] Zimbra: Login failures from malicious IP: 212.56.53.184	Hacking Web App Attack
Anonymous	2025-12-04 20:21:38 (6 months ago)	(smtpauth) Failed SMTP AUTH login from 212.56.53.184 (US/United States/-)	Brute-Force
🇺🇸 TPI-Abuse	2025-11-10 18:08:41 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.184 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.184 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 13:08:34.121044 2025] [security2:error] [pid 21058:tid 21093] [client 212.56.53.184:43979] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|andyboynton.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "andyboynton.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRIqIs4-qxqwBkJtEzlkHwAAAEM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 stinpriza	2025-11-10 12:02:30 (7 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-11-10 04:44:18 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.184 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.184 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 09 23:44:12.700312 2025] [security2:error] [pid 13056:tid 13056] [client 212.56.53.184:53064] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rogerbrooks.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rogerbrooks.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRFtnEV3MXXM0kKU9Ym7PQAAABA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-09 21:56:14 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.184 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.184 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 09 16:56:10.733034 2025] [security2:error] [pid 10255:tid 10327] [client 212.56.53.184:55156] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|williampower.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "williampower.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aREN-mbSKilg1vA0YlKmIAAAAYU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-08-04 15:23:32 (10 months ago)	Botnet - login attempts with leaked random user/pass lists	Hacking Brute-Force Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 45.40.61.195

🇺🇸 23.92.25.114

🇮🇳 202.160.146.246

🇮🇩 180.243.6.105

🇦🇷 168.196.33.186

🇺🇸 162.216.150.51

🇨🇳 119.96.223.148

🇳🇬 102.91.78.50

🇮🇹 88.147.125.201

🇲🇽 38.65.170.195

🇸🇦 37.242.171.0

🇫🇷 37.58.136.133

🇳🇿 203.211.72.126

🇮🇶 198.160.168.243

🇷🇴 193.46.255.86

🇮🇳 182.95.47.2

🇫🇮 147.185.133.130

🇭🇰 114.111.52.109

🇸🇬 94.231.206.152

🇯🇴 86.108.92.78