JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.54.155

212.56.54.155 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Trenton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.54.155

Whois 212.56.54.155

IP Abuse Reports for 212.56.54.155:

This IP address has been reported a total of 26 times from 12 distinct sources. 212.56.54.155 was first reported on June 9th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Jean Valjean	2026-02-13 13:17:36 (4 months ago)	Fail2ban Caboom : wp-login.php Bruteforce	Brute-Force Web App Attack
🇵🇦 iphezimbra	2026-01-29 04:14:41 (4 months ago)	Fail2Ban reported IP from jail zimbra-smtp on <hostname>	Brute-Force SSH
Anonymous	2025-09-23 06:55:27 (8 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-08-15 10:00:23 (10 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇺🇸 octageeks.com	2025-08-06 04:08:45 (10 months ago)	Wordpress malicious attack:[octawp]	Web App Attack
Anonymous	2025-07-28 10:15:16 (10 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇺🇸 xmission.com	2025-07-13 16:50:11 (11 months ago)	Blocked by UFW (TCP on 1) Source port: 64434 TTL: 114 Packet length: 52 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 1) Source port: 64434 TTL: 114 Packet length: 52 TOS: 0x08 This report (for 212.56.54.155) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 BSG Webmaster	2025-07-10 07:35:21 (11 months ago)	Port scanning (Port 80)	Port Scan Hacking
🇺🇸 TPI-Abuse	2025-07-10 03:25:30 (11 months ago)	(mod_security) mod_security (id:210492) triggered by 212.56.54.155 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.56.54.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 09 23:25:24.406040 2025] [security2:error] [pid 32070:tid 32070] [client 212.56.54.155:55279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.19"] [uri "/.env"] [unique_id "aG8ypL0foYGLo-zjDqgp9QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-10 03:03:19 (11 months ago)	(mod_security) mod_security (id:210492) triggered by 212.56.54.155 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.56.54.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 09 23:03:15.406810 2025] [security2:error] [pid 32534:tid 32534] [client 212.56.54.155:57647] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.237"] [uri "/.env"] [unique_id "aG8tc_fwaf07p7VY4dZZDAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-10 02:27:10 (11 months ago)	(mod_security) mod_security (id:210492) triggered by 212.56.54.155 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.56.54.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 09 22:27:02.593219 2025] [security2:error] [pid 10081:tid 10081] [client 212.56.54.155:64080] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.57"] [uri "/.env"] [unique_id "aG8k9s9LJL4q1pYGjlofMwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 RoboSOC	2025-07-10 01:55:56 (11 months ago)	phpunit Remote Code Execution Vulnerability, PTR: PTR record not found	Hacking
🇺🇸 TPI-Abuse	2025-07-10 01:46:00 (11 months ago)	(mod_security) mod_security (id:210492) triggered by 212.56.54.155 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.56.54.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 09 21:45:53.455268 2025] [security2:error] [pid 8231:tid 8231] [client 212.56.54.155:62015] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.194"] [uri "/.env"] [unique_id "aG8bUS8Q1X-cLAO3ryKlTgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Mr-Money	2025-07-10 01:42:49 (11 months ago)	212.56.54.155 - - [10/Jul/2025:03:42:48 +0200] "GET /.env HTTP/1.1" 404 492 "-" "Mozilla/5.0 (Linux; ... show more 212.56.54.155 - - [10/Jul/2025:03:42:48 +0200] "GET /.env HTTP/1.1" 404 492 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" ... show less	Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack
🇫🇷 Security_Whaller	2025-07-10 01:32:42 (11 months ago)	Malicious activity detected on Honeypot.	Hacking Brute-Force Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.101

🇫🇷 155.117.233.15

🇩🇪 151.243.11.35

🇵🇱 83.168.89.49

🇻🇳 14.225.7.70

🇺🇸 2604:a940:301:225:0:16::

🇺🇸 2601:443:c200:d7d0:ccae:113e:3856:f32a

🇸🇬 165.154.236.104

🇭🇰 149.88.86.99

🇧🇷 136.248.121.226

🇺🇸 107.151.233.216

🇮🇪 52.178.157.85

🇺🇸 3.83.245.221

🇺🇸 2604:a940:301:225:0:15::

🇺🇸 2604:a940:301:225:0:14::

🇧🇷 205.210.31.201

🇺🇸 148.72.22.85

🇫🇮 147.185.133.166

🇺🇸 147.185.132.23

🇨🇳 113.215.189.75