JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.54.101

212.56.54.101 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Trenton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.54.101

Whois 212.56.54.101

IP Abuse Reports for 212.56.54.101:

This IP address has been reported a total of 10 times from 9 distinct sources. 212.56.54.101 was first reported on July 15th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 agabeckov	2026-04-10 16:51:53 (2 months ago)	Fail2Ban detected brute-force attempt on Cisco Anyconnect	VPN IP Brute-Force
🇳🇱 rroethof	2026-03-16 06:34:39 (3 months ago)	(smtpauth) Failed SMTP AUTH login from 212.56.54.101 (US/United States/-): 5 in the last 3600 secs; ... show more (smtpauth) Failed SMTP AUTH login from 212.56.54.101 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SMTPAUTH; Logs: 2026-03-16 07:34:26 plain authenticator failed for H=([10.12.18.77]) [212.56.54.101]: 535 Incorrect authentication data ([email protected]) 2026-03-16 07:34:26 login authenticator failed for H=([10.12.18.77]) [212.56.54.101]: 535 Incorrect authentication data ([email protected]) 2026-03-16 07:34:27 plain authenticator failed for H=([10.12.18.77]) [212.56.54.101]: 535 Incorrect authentication data ([email protected]) 2026-03-16 07:34:27 login authenticator failed for H=([10.12.18.77]) [212.56.54.101]: 535 Incorrect authentication data ([email protected]) 2026-03-16 07:34:34 plain authenticator failed for H=([10.12.18.77]) [212.56.54.101]: 535 Incorrect authentication data ([email protected]) show less	Spoofing Brute-Force Bad Web Bot Web App Attack SSH
🇨🇦 Mediashaker	2026-02-23 10:36:13 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 212.56.54.101 (US/United States/-)	Brute-Force
🇨🇿 lp	2026-02-20 12:11:58 (4 months ago)	Email account brute force: 6 attempts were recorded from 212.56.54.101 2026-02-20T12:25:18+01:00 war ... show more Email account brute force: 6 attempts were recorded from 212.56.54.101 2026-02-20T12:25:18+01:00 warning: unknown[212.56.54.101]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-02-20T12:25:18+01:00 warning: unknown[212.56.54.101]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-02-20T12:25:19+01:00 warning: unknown[212.56.54.101]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-02-20T12:25:19+01:00 warning: unknown[212.56.54.101]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-02-20T12:25:27+01:00 warning: unknown[212.56.54.101]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-02-20T12:25:27+01:00 warning: unknown[212.56.54.101]: SASL LOGIN authentication failed: authen show less	Brute-Force
Anonymous	2026-02-20 11:27:04 (4 months ago)	Authentication failure	Brute-Force
🇺🇸 TPI-Abuse	2026-02-02 03:48:56 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.101 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 22:48:51.433273 2026] [security2:error] [pid 29580:tid 29580] [client 212.56.54.101:38142] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|andrsn.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "andrsn.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aYAeo4JeofksEybiMvNikQAAABg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 SilverZippo	2026-02-02 03:15:40 (4 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-02-02 02:33:28 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.101 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 21:33:23.051746 2026] [security2:error] [pid 22894:tid 22894] [client 212.56.54.101:12931] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|insidepublications.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "insidepublications.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aYAM86vZ-EyYLVVHUD4lQQAAAAY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-01-29 04:00:15 (4 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇺🇸 Rick Sutphin	2025-07-15 14:24:44 (11 months ago)	Jul 15 10:14:54 lxc01 sshd[1543901]: Invalid user OpenVASVT from 212.56.54.101 port 58635 Jul 15 10: ... show more Jul 15 10:14:54 lxc01 sshd[1543901]: Invalid user OpenVASVT from 212.56.54.101 port 58635 Jul 15 10:14:54 lxc01 sshd[1543901]: Disconnected from invalid user OpenVASVT 212.56.54.101 port 58635 [preauth] Jul 15 10:24:43 lxc01 sshd[1570921]: Connection closed by 212.56.54.101 port 33963 [preauth] ... show less	Brute-Force SSH

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.112.224.198

🇹🇼 211.20.14.156

🇵🇭 119.92.70.82

🇸🇬 101.47.14.46

🇺🇸 65.49.1.14

🇳🇱 45.148.10.157

🇺🇸 2602:80d:1007::23

🇧🇷 187.120.28.236

🇬🇧 185.216.145.184

🇧🇴 181.188.161.139

🇺🇸 162.216.150.60

🇺🇸 158.94.187.39

🇺🇸 147.185.132.21

🇨🇳 117.40.114.251

🇨🇳 112.103.74.38

🇳🇱 104.248.206.108

🇺🇸 74.82.47.15

🇺🇸 64.62.197.110

🇨🇳 8.129.29.97

🇧🇷 205.210.31.144