JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.48.135

212.56.48.135 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 91%: ?

91%

ISP	VPN Consumer Amsterdam, The Netherlands
Usage Type	Fixed Line ISP
ASN	AS3257
Domain Name	vpnconsumer.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.48.135

Whois 212.56.48.135

IP Abuse Reports for 212.56.48.135:

This IP address has been reported a total of 38 times from 27 distinct sources. 212.56.48.135 was first reported on September 2nd 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-10 14:35:30 (6 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
Anonymous	2026-06-10 01:43:24 (1 week ago)	(mod_security) mod_security triggered on hostname [redacted])	SQL Injection
🇩🇪 Ba-Yu	2026-06-10 01:30:36 (1 week ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 21:28:13 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 212.56.48.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 212.56.48.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 17:28:05.205417 2026] [security2:error] [pid 10656:tid 10656] [client 212.56.48.135:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 212.56.48.135 (+1 hits since last alert)\|www.upskirtcrazy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.upskirtcrazy.com"] [uri "/xmlrpc.php"] [unique_id "aiiFZZ9V_PU-G8GkB6u5MAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-09 21:10:48 (1 week ago)	2.239 requests from abuseipdb.com blacklisted IP (6mos1w13h)	Brute-Force Bad Web Bot
🇩🇪 Gwyneth Llewelyn	2026-06-09 21:01:28 (1 week ago)	212.56.48.135 - - [09/Jun/2026:22:01:26 +0100] "GET /wp-login.php HTTP/1.1" 404 2480 "-" "Mozilla/5. ... show more 212.56.48.135 - - [09/Jun/2026:22:01:26 +0100] "GET /wp-login.php HTTP/1.1" 404 2480 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" show less	Bad Web Bot
Anonymous	2026-06-09 20:41:15 (1 week ago)	212.56.48.135 - - [09/Jun/2026:22:41:14 +0200] "POST /xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 ... show more 212.56.48.135 - - [09/Jun/2026:22:41:14 +0200] "POST /xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/120.0.2210.91" 212.56.48.135 - - [09/Jun/2026:22:41:15 +0200] "POST /xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1" 212.56.48.135 - - [09/Jun/2026:22:41:15 +0200] "POST /xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇫🇷 ELYAZ	2026-06-09 15:56:05 (1 week ago)	(y4) Failed scan -byebye- from 212.56.48.135 (-): (CF_ENABLE)	Hacking
🇩🇪 reznekcs	2026-06-09 04:19:13 (1 week ago)	F2B wordpress ban. Logs: 212.56.48.135 - - [09/Jun/2026:06:19:11 +0200] "POST /xmlrpc.php HTTP/1.1" ... show more F2B wordpress ban. Logs: 212.56.48.135 - - [09/Jun/2026:06:19:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 458 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Mobile/15E148 Safari/604.1" 212.56.48.135 - - [09/Jun/2026:06:19:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 458 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Mobile/15E148 Safari/604.1" show less	Brute-Force Web App Attack
Anonymous	2026-06-09 03:43:22 (1 week ago)	212.56.48.135 - - [09/Jun/2026:11:43:21 +0800] "GET /xmlrpc.php HTTP/1.1" 200 30691 "http://www.aywe ... show more 212.56.48.135 - - [09/Jun/2026:11:43:21 +0800] "GET /xmlrpc.php HTTP/1.1" 200 30691 "http://www.aywealthhk.com/xmlrpc.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_2_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15" ... show less	Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-09 03:22:24 (1 week ago)	(PERMBLOCK) 212.56.48.135 (-) has had more than 4 temp blocks	Hacking
🇮🇹 VHosting	2026-06-09 02:30:03 (1 week ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
Anonymous	2026-06-09 01:45:36 (1 week ago)	[ns41.kdns.gr] httpd-xmlrpc-post: sites=medisto.gr; logs=/var/log/httpd/domains/medisto.gr.log; samp ... show more [ns41.kdns.gr] httpd-xmlrpc-post: sites=medisto.gr; logs=/var/log/httpd/domains/medisto.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-09 01:12:26 (1 week ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇮🇹 mgarofano80	2026-06-09 00:16:59 (1 week ago)		Brute-Force Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 203.150.107.244

🇳🇱 194.48.251.105

🇩🇪 167.94.146.68

🇳🇵 124.41.228.116

🇨🇳 114.227.55.135

🇯🇵 107.155.15.8

🇸🇬 101.47.18.200

🇷🇴 92.118.39.62

🇨🇦 85.217.149.60

🇷🇺 31.6.124.249

🇨🇳 14.22.82.116

🇦🇺 170.64.168.59

🇸🇬 129.226.221.96

🇯🇵 103.163.220.106

🇲🇦 102.54.246.130

🇷🇴 80.94.92.184

🇲🇾 49.124.153.36

🇺🇸 49.51.204.105

🇭🇰 47.239.23.179

🇸🇨 45.194.67.2