JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.53.46

212.56.53.46 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 11%: ?

11%

ISP	VPN Consumer Los Angeles, United States
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.53.46

Whois 212.56.53.46

IP Abuse Reports for 212.56.53.46:

This IP address has been reported a total of 25 times from 11 distinct sources. 212.56.53.46 was first reported on April 27th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-20 02:26:21 (2 days ago)	Multiple WAF Violations	Web App Attack
🇸🇬 mypatricks	2026-05-27 02:53:07 (3 weeks ago)	212.56.53.46 \| Port: 10369 \| DNS: 212.56.53.46 2026-05-27T10:53:06+08:00 America/Los_Angeles \| IPs S ... show more 212.56.53.46 \| Port: 10369 \| DNS: 212.56.53.46 2026-05-27T10:53:06+08:00 America/Los_Angeles \| IPs Spam list \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3939.17 Safari/537.36 HTTP/1.1 443 GET \| URL: /tracking/?bfbe00920858020d701d89cdddab8b81=1774529833 \| Ref: https://xxxxxx/ \| Country: US/United States/-08:00 IP City: Los Angeles macOS a021ba2e5e2833ad-LAX/Los Angeles, CA, United States 1 hits/0 secs Robots 2 show less	Brute-Force Web App Attack Blog Spam Web Spam Exploited Host
🇩🇪 ghostwarriors	2026-04-19 09:20:03 (2 months ago)	Unauthorized connection to FTP port 21	FTP Brute-Force Brute-Force
Anonymous	2025-12-30 23:00:15 (5 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇫🇷 SpaceHost-Server	2025-11-12 17:05:37 (7 months ago)	Nov 12 18:05:36 pegasus postfix/smtpd[860304]: warning: unknown[212.56.53.46]: SASL LOGIN authentica ... show more Nov 12 18:05:36 pegasus postfix/smtpd[860304]: warning: unknown[212.56.53.46]: SASL LOGIN authentication failed: authentication failure, [email protected] Nov 12 18:05:36 pegasus postfix/smtpd[860350]: warning: unknown[212.56.53.46]: SASL LOGIN authentication failed: authentication failure, [email protected] Nov 12 18:05:36 pegasus postfix/smtpd[860874]: warning: unknown[212.56.53.46]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Hacking Brute-Force
🇫🇷 SpaceHost-Server	2025-11-12 07:03:46 (7 months ago)	Nov 12 08:03:45 pegasus postfix/smtpd[349363]: warning: unknown[212.56.53.46]: SASL LOGIN authentica ... show more Nov 12 08:03:45 pegasus postfix/smtpd[349363]: warning: unknown[212.56.53.46]: SASL LOGIN authentication failed: authentication failure, [email protected] Nov 12 08:03:45 pegasus postfix/smtpd[349364]: warning: unknown[212.56.53.46]: SASL LOGIN authentication failed: authentication failure, [email protected] Nov 12 08:03:45 pegasus postfix/smtpd[349365]: warning: unknown[212.56.53.46]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Hacking Brute-Force
🇫🇷 SpaceHost-Server	2025-11-12 02:03:10 (7 months ago)	Nov 12 03:03:08 pegasus postfix/smtpd[4123571]: warning: unknown[212.56.53.46]: SASL LOGIN authentic ... show more Nov 12 03:03:08 pegasus postfix/smtpd[4123571]: warning: unknown[212.56.53.46]: SASL LOGIN authentication failed: authentication failure, [email protected] Nov 12 03:03:08 pegasus postfix/smtpd[4123572]: warning: unknown[212.56.53.46]: SASL LOGIN authentication failed: authentication failure, [email protected] Nov 12 03:03:08 pegasus postfix/smtpd[4123573]: warning: unknown[212.56.53.46]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-09 11:16:13 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.46 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 09 06:16:07.719294 2025] [security2:error] [pid 2477:tid 2477] [client 212.56.53.46:1290] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|frankcgill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "frankcgill.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRB39-_x12zi1rA-mEtemQAAAAk"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-09 04:10:24 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.46 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 08 23:10:16.628550 2025] [security2:error] [pid 7008:tid 7008] [client 212.56.53.46:5717] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|firstunitedreserve.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "firstunitedreserve.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRAUKNMXmnDi74WodS8muwAAABw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-08 22:46:55 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.53.46 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.53.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 08 17:46:49.378980 2025] [security2:error] [pid 28478:tid 28478] [client 212.56.53.46:1756] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bohk.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bohk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ_IWc9Q-7CHq45vc8xALwAAABo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 Progetto1	2025-11-01 01:15:50 (7 months ago)	Mail - Multiple failed login attempts	Brute-Force Exploited Host
🇸🇬 mypatricks	2025-08-31 06:55:49 (9 months ago)	212.56.53.46 \| Port: 51176 \| DNS: 212.56.53.46 2025-08-31T14:55:48+08:00 America/Los_Angeles \| IPs S ... show more 212.56.53.46 \| Port: 51176 \| DNS: 212.56.53.46 2025-08-31T14:55:48+08:00 America/Los_Angeles \| IPs Spam list \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1 Safari/605.1.15 HTTP/1.1 443 GET \| URL: /shop/birthday-cake-chooser/libra/ \| Ref: https://xxxxxx/cart/?d75c18d31846a4681815e95671609552=1754808661b#content \| Country: US/United States/-08:00 IP City: Los Angeles 977a9fd2295adbba-LAX/Los Angeles, CA, United States Robots 2 show less	Web Spam Blog Spam Brute-Force Exploited Host Web App Attack
🇦🇺 MAGIC	2025-06-07 11:04:24 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-06-02 11:15:10 (1 year ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-05-30 11:10:12 (1 year ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 72.180.209.122

🇧🇷 2804:13ac:5828:2601:6b13:3e54:c6c9:6b34

🇳🇵 2404:7c00:48:a87b:cc79:e0ca:d8bb:efb5

🇨🇳 150.139.201.247

🇫🇷 146.70.194.236

🇨🇳 113.73.235.188

🇩🇪 104.29.146.101

🇺🇸 34.75.75.216

🇭🇰 185.242.232.164

🇵🇰 110.38.247.8

🇮🇳 103.161.31.5

🇺🇸 100.48.216.194

🇺🇸 66.132.186.178

🇵🇱 34.118.82.15

🇬🇧 2a06:4880:a000::bf

🇩🇪 2602:fb54:1e00::1e7

🇲🇽 189.194.140.170

🇸🇬 118.139.164.171

🇮🇳 103.84.131.171

🇺🇸 65.49.20.89