JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.53.23

212.56.53.23 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 2%: ?

ISP	VPN Consumer Los Angeles, United States
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.53.23

Whois 212.56.53.23

IP Abuse Reports for 212.56.53.23:

This IP address has been reported a total of 14 times from 9 distinct sources. 212.56.53.23 was first reported on June 13th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 filstal.org	2026-05-29 06:14:24 (2 weeks ago)	Automated bot: spoofed/impossible user-agent, web scraping or automated request patterns detected. U ... show more Automated bot: spoofed/impossible user-agent, web scraping or automated request patterns detected. UA: Mozilla/5.0 (compatible; MSIE 8.0; Windows CE; Trident/3.0) show less	Bad Web Bot Web App Attack
Anonymous	2026-02-14 14:35:14 (4 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇩🇪 Phenix Info	2026-02-02 01:25:40 (4 months ago)	SmallGuard.fr/Prestashop Honeypot	Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 22:39:18 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 17:39:14.234799 2026] [security2:error] [pid 8960:tid 8960] [client 212.56.53.23:61006] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|firstunitedreserve.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "firstunitedreserve.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX_WEkTXgA9eud7EXHYEaQAAAAM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 20:28:36 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 15:28:32.374031 2026] [security2:error] [pid 26835:tid 26835] [client 212.56.53.23:18036] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|tell-me-first.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tell-me-first.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX-3cKCvYPam3AMW5pZW-gAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 19:54:16 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 14:54:11.375420 2026] [security2:error] [pid 28781:tid 28781] [client 212.56.53.23:14354] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|engedal.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "engedal.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aX-vY1MA5xIhD_1MI_GhGwAAAAY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-30 00:43:28 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 19:43:21.862280 2026] [security2:error] [pid 7527:tid 7527] [client 212.56.53.23:19805] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mickbarton.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mickbarton.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXv-qWd6MQS-0vIrdYkBVQAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 b4un0	2026-01-22 00:08:34 (4 months ago)	Auto-report from pfSense: Detected suspicious activity.	Brute-Force SSH
🇵🇱 b4un0	2026-01-21 00:05:52 (4 months ago)	Auto-report from pfSense: Detected suspicious activity.	Brute-Force SSH
🇵🇱 b4un0	2026-01-19 20:08:42 (4 months ago)	Auto-report from pfSense: Detected suspicious activity.	Brute-Force SSH
Anonymous	2025-12-03 02:31:07 (6 months ago)	botnet	DDoS Attack
🇩🇪 stinpriza	2025-08-25 12:07:53 (9 months ago)	Web App Attack	Web App Attack
🇺🇸 xmission.com	2025-07-19 17:27:51 (10 months ago)	Blocked by UFW (TCP on 18908) Source port: 51649 TTL: 52 Packet length: 64 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 18908) Source port: 51649 TTL: 52 Packet length: 64 TOS: 0x08 This report (for 212.56.53.23) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2025-06-13 05:03:02 (1 year ago)	Malicious activity detected	Hacking Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.136.15.13

🇲🇿 197.219.208.38

🇺🇸 184.105.139.110

🇩🇪 176.65.132.119

🇸🇬 107.150.112.233

🇨🇭 104.244.74.201

🇫🇷 90.125.74.8

🇺🇸 64.62.156.142

🇳🇱 45.148.10.147

🇷🇺 5.101.64.6

🇫🇷 213.136.81.14

🇨🇳 182.134.20.173

🇲🇾 180.74.69.217

🇧🇾 151.249.173.103

🇺🇸 107.174.194.188

🇺🇸 107.150.98.168

🇫🇮 77.243.91.253

🇺🇸 73.118.120.171

🇺🇸 64.62.156.111

🇺🇸 52.176.38.190