JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.53.24

212.56.53.24 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 100%: ?

100%

ISP	VPN Consumer Los Angeles, United States
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.53.24

Whois 212.56.53.24

IP Abuse Reports for 212.56.53.24:

This IP address has been reported a total of 49 times from 37 distinct sources. 212.56.53.24 was first reported on May 14th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 Erpelstolz	2026-06-06 09:55:04 (1 week ago)	external host: 212.56.53.24 - - [06/Jun/2026:11:55:03 +0200] "GET /backend/.env HTTP/1.1" 404 258 "- ... show more external host: 212.56.53.24 - - [06/Jun/2026:11:55:03 +0200] "GET /backend/.env HTTP/1.1" 404 258 "-" "Mozilla/5.0 (Windows NT 10.0; rv:120.0) Gecko/20100101 Firefox/120.0" CF-Ray:- CF-IP:- show less	Web App Attack
🇯🇵 weils.net	2026-06-06 09:30:05 (1 week ago)	2026-06-06 17:30:04(GMT+8) - /cms/.env	Bad Web Bot
🇩🇪 Hary74656	2026-06-06 09:27:41 (1 week ago)	[Sat Jun 06 11:27:36.930505 2026] [security2:error] [pid 283915:tid 284018] [client 212.56.53.24:511 ... show more [Sat Jun 06 11:27:36.930505 2026] [security2:error] [pid 283915:tid 284018] [client 212.56.53.24:51181] [client 212.56.53.24] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.env" at REQUEST_FILENAME. [file "/usr/share/modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "78.46.107.184"] [uri "/.env"] [unique_id "aiPoCPznGicLssC42Q1VbAAABCs"] [Sat Jun 06 11:27:37.534286 2026] [security2:error] [pid 283665:tid 283854] [client 212.56.53.24:31621] [client 212.56.53.24] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.env" at REQUEST_FILENAME. [file "/usr/share/modsecurity- ... show less	Web App Attack
🇮🇹 mgarofano80	2026-06-06 09:02:19 (1 week ago)		Brute-Force Web App Attack
🇩🇪 Lino Project	2026-06-06 08:24:25 (1 week ago)	212.56.53.24 - - [06/Jun/2026:10:24:22 +0200] "GET /.env HTTP/1.1" 404 360 "-" "Mozilla/5.0 (Windows ... show more 212.56.53.24 - - [06/Jun/2026:10:24:22 +0200] "GET /.env HTTP/1.1" 404 360 "-" "Mozilla/5.0 (Windows NT 10.0; rv:120.0) Gecko/20100101 Firefox/120.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 pm33	2026-06-06 08:19:37 (1 week ago)	Unauthorized connections HTTP 403	Web App Attack
🇬🇧 andypiper	2026-06-06 01:02:35 (1 week ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇬🇧 [email protected]	2026-06-06 00:11:08 (1 week ago)	212.56.53.24 - - [06/Jun/2026:00:11:07 +0000] "GET /.env HTTP/1.1" 404 316 "-" "Mozilla/5.0 (Windows ... show more 212.56.53.24 - - [06/Jun/2026:00:11:07 +0000] "GET /.env HTTP/1.1" 404 316 "-" "Mozilla/5.0 (Windows NT 10.0; rv:120.0) Gecko/20100101 Firefox/120.0" 212.56.53.24 - - [06/Jun/2026:00:11:07 +0000] "GET /.env.bak HTTP/1.1" 404 316 "-" "Mozilla/5.0 (Windows NT 10.0; rv:120.0) Gecko/20100101 Firefox/120.0" 212.56.53.24 - - [06/Jun/2026:00:11:07 +0000] "GET /.env HTTP/1.1" 404 316 "-" "Mozilla/5.0 (Windows NT 10.0; rv:120.0) Gecko/20100101 Firefox/120.0" ... show less	Web App Attack
🇺🇸 bigscoots.com	2026-06-05 20:02:26 (1 week ago)	(smtpauth) Failed SMTP AUTH login from 212.56.53.24 (US/United States/-): 5 in the last 3600 secs; P ... show more (smtpauth) Failed SMTP AUTH login from 212.56.53.24 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-06-05 15:58:36 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:44398: 535 Incorrect authentication data ([email protected]) 2026-06-05 15:58:50 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:4591: 535 Incorrect authentication data ([email protected]) 2026-06-05 15:58:56 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:2194: 535 Incorrect authentication data ([email protected]) 2026-06-05 16:02:12 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:7657: 535 Incorrect authentication data ([email protected]) 2026-06-05 16:02:25 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:62647: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-06-05 15:45:23 (1 week ago)	(smtpauth) Failed SMTP AUTH login from 212.56.53.24 (US/United States/-): 5 in the last 3600 secs; P ... show more (smtpauth) Failed SMTP AUTH login from 212.56.53.24 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-06-05 11:32:26 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:22816: 535 Incorrect authentication data ([email protected]) 2026-06-05 11:32:40 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:11035: 535 Incorrect authentication data ([email protected]) 2026-06-05 11:32:46 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:28289: 535 Incorrect authentication data ([email protected]) 2026-06-05 11:45:02 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:33751: 535 Incorrect authentication data ([email protected]) 2026-06-05 11:45:18 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:45688: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇳🇱 Grad	2026-06-05 15:29:13 (1 week ago)	Jun 5 17:29:12 server dovecot: imap-login: Disconnected: Connection closed (auth failed, 1 attempts ... show more Jun 5 17:29:12 server dovecot: imap-login: Disconnected: Connection closed (auth failed, 1 attempts in 2 secs): user=<[email protected]>, method=PLAIN, rip=212.56.53.24, lip=188.212.112.185, TLS, session=<ExiGUoNTZyDUODUY> ... show less	Email Spam Brute-Force
🇺🇸 bigscoots.com	2026-06-05 15:26:44 (1 week ago)	(smtpauth) Failed SMTP AUTH login from 212.56.53.24 (US/United States/-): 5 in the last 3600 secs; P ... show more (smtpauth) Failed SMTP AUTH login from 212.56.53.24 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-06-05 10:43:25 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:59810: 535 Incorrect authentication data ([email protected]) 2026-06-05 10:46:03 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:20011: 535 Incorrect authentication data ([email protected]) 2026-06-05 10:46:19 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:31235: 535 Incorrect authentication data ([email protected]) 2026-06-05 11:26:22 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:53420: 535 Incorrect authentication data ([email protected]) 2026-06-05 11:26:38 dovecot_plain authenticator failed for H=(localhost) [212.56.53.24]:40473: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇫🇷 Lunix	2026-06-05 13:55:55 (1 week ago)		Brute-Force Web App Attack
🇨🇦 electronico	2026-06-05 13:47:03 (1 week ago)	2026-06-06T00:46:40.146336+11:00 mail postfix/smtps/smtpd[1153605]: warning: unknown[212.56.53.24]: ... show more 2026-06-06T00:46:40.146336+11:00 mail postfix/smtps/smtpd[1153605]: warning: unknown[212.56.53.24]: SASL PLAIN authentication failed: (reason unavailable), sasl_username=serveur@host 2026-06-06T00:46:56.470709+11:00 mail postfix/submission/smtpd[1155068]: warning: unknown[212.56.53.24]: SASL PLAIN authentication failed: (reason unavailable), sasl_username=serveur@host 2026-06-06T00:47:03.253928+11:00 mail postfix/smtps/smtpd[1154977]: warning: unknown[212.56.53.24]: SASL PLAIN authentication failed: (reason unavailable), sasl_username=serveur@host ... show less	Brute-Force Email Spam
🇬🇧 Artelis	2026-06-05 13:32:39 (1 week ago)	212.56.53.24 - - [05/Jun/2026:13:32:39 +0000] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows ... show more 212.56.53.24 - - [05/Jun/2026:13:32:39 +0000] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; rv:120.0) Gecko/20100101 Firefox/120.0" ... show less	Web App Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 2400:cb00:35:1000:3dc7:ef7a:3894:d2cc

🇳🇱 213.165.230.88

🇬🇧 193.163.125.178

🇨🇳 180.171.143.104

🇩🇪 165.245.219.182

🇰🇷 119.195.102.159

🇨🇳 115.190.127.190

🇬🇧 87.106.65.126

🇳🇱 45.156.87.13

🇬🇧 5.226.140.101

🇮🇳 182.95.187.86

🇺🇸 144.172.106.68

🇷🇴 80.94.92.168

🇺🇸 73.145.107.251

🇺🇸 66.132.186.195

🇺🇸 66.132.172.59

🇺🇸 65.38.96.196

🇨🇳 58.214.246.78

🇲🇾 49.125.201.90

🇺🇸 38.92.187.10