JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.54.106

212.56.54.106 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Trenton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.54.106

Whois 212.56.54.106

IP Abuse Reports for 212.56.54.106:

This IP address has been reported a total of 24 times from 15 distinct sources. 212.56.54.106 was first reported on May 9th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-24 01:02:52 (1 month ago)	2026-04-24 03:02:52 ERROR util.AccessViolations - 212.56.54.106 report to fail2ban - action: block . ... show more 2026-04-24 03:02:52 ERROR util.AccessViolations - 212.56.54.106 report to fail2ban - action: block ... show less	Hacking Brute-Force Bad Web Bot
🇨🇿 lp	2026-04-03 01:50:45 (2 months ago)	Email account brute force: 4 attempts were recorded from 212.56.54.106 2026-04-03T02:39:34+02:00 war ... show more Email account brute force: 4 attempts were recorded from 212.56.54.106 2026-04-03T02:39:34+02:00 warning: unknown[212.56.54.106]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-04-03T02:39:34+02:00 warning: unknown[212.56.54.106]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-04-03T02:39:35+02:00 warning: unknown[212.56.54.106]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-04-03T02:39:35+02:00 warning: unknown[212.56.54.106]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
🇵🇱 IT RDC	2026-04-02 23:57:49 (2 months ago)	Apr 3 01:57:47 rdcmail postfix/submission/smtpd[1842266]: warning: unknown[212.56.54.106]: SASL PLA ... show more Apr 3 01:57:47 rdcmail postfix/submission/smtpd[1842266]: warning: unknown[212.56.54.106]: SASL PLAIN authentication failed: authentication failure, [email protected] Apr 3 01:57:48 rdcmail postfix/submission/smtpd[1842266]: warning: unknown[212.56.54.106]: SASL LOGIN authentication failed: authentication failure, [email protected] Apr 3 01:57:49 rdcmail postfix/smtps/smtpd[1842271]: warning: unknown[212.56.54.106]: SASL PLAIN authentication failed: authentication failure, [email protected] ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-01-30 04:59:04 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 23:58:57.817921 2026] [security2:error] [pid 30478:tid 30478] [client 212.56.54.106:26363] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|abbysue.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "abbysue.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXw6kXAwZB9A4ygjd2b0zgAAAAM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-29 23:42:45 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 18:42:40.551328 2026] [security2:error] [pid 15771:tid 15792] [client 212.56.54.106:6483] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|credit-card-cap.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "credit-card-cap.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXvwcPlgfW7wSxqI8lW7IAAAAFM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-29 20:58:45 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 15:58:40.687339 2026] [security2:error] [pid 1612:tid 1612] [client 212.56.54.106:9817] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|alan-ip.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "alan-ip.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXvKAMPJV8zBK8IorsoWpQAAAAc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-20 18:28:05 (6 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇺🇸 xmission.com	2025-11-07 10:42:54 (7 months ago)	212.56.54.106 - - [07/Nov/2025:03:42:53 -0700] "POST /wp-login.php HTTP/1.1" 200 2337 "-" "Mozilla/5 ... show more 212.56.54.106 - - [07/Nov/2025:03:42:53 -0700] "POST /wp-login.php HTTP/1.1" 200 2337 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" ... show less	Brute-Force
🇺🇸 xmission.com	2025-10-28 06:09:35 (7 months ago)	Blocked by UFW (TCP on 50220) Source port: 26633 TTL: 112 Packet length: 52 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 50220) Source port: 26633 TTL: 112 Packet length: 52 TOS: 0x08 This report (for 212.56.54.106) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2025-10-18 22:20:06 (8 months ago)	Blocked by UFW (TCP on 50220) Source port: 7726 TTL: 113 Packet length: 52 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 50220) Source port: 7726 TTL: 113 Packet length: 52 TOS: 0x08 This report (for 212.56.54.106) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2025-07-19 11:50:03 (11 months ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
Anonymous	2025-07-13 06:35:18 (11 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-07-10 06:35:12 (11 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇵🇱 sefinek.net	2025-07-06 20:04:03 (11 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 lostfailed	2025-07-01 17:10:53 (11 months ago)	TCP Watch Auto Report: Detected a ddos attack and suspicious activity from this IP, indicating a pot ... show more TCP Watch Auto Report: Detected a ddos attack and suspicious activity from this IP, indicating a potential attack show less	DDoS Attack Hacking IoT Targeted

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 47.245.137.15

🇨🇳 27.185.17.40

🇺🇸 205.210.31.37

🇸🇬 194.5.82.89

🇩🇪 185.242.3.195

🇩🇪 158.101.161.27

🇹🇼 128.14.229.76

🇯🇵 101.36.104.242

🇸🇪 81.237.155.113

🇵🇱 77.83.246.97

🇺🇸 66.132.172.145

🇺🇸 50.116.26.161

🇱🇹 45.227.254.170

🇺🇸 44.116.122.142

🇬🇧 35.203.210.53

🇺🇸 24.253.118.37

🇿🇦 16.28.82.171

🇨🇳 221.229.218.50

🇻🇳 183.91.27.6

🇦🇷 181.104.43.225