JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.54.158

212.56.54.158 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Trenton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.54.158

Whois 212.56.54.158

IP Abuse Reports for 212.56.54.158:

This IP address has been reported a total of 29 times from 21 distinct sources. 212.56.54.158 was first reported on June 17th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 JimArchon72	2026-05-11 00:25:01 (1 month ago)	2026/05/11 00:23:42 "GET /wp-login.php HTTP/1.1"	Web App Attack
🇩🇪 stinpriza	2026-03-14 01:28:46 (3 months ago)	Web App Attack	Web App Attack
Anonymous	2025-10-28 12:05:28 (7 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-10-22 16:53:00 (7 months ago)	IM360 WAF: Laravel .env file access	Port Scan
🇨🇭 ALPHANET	2025-10-22 08:14:42 (7 months ago)	web exploits	Hacking Exploited Host Web App Attack
🇫🇷 ingroscart.it	2025-10-22 08:02:07 (7 months ago)	(mod_security) mod_security triggered on hostname [redacted] 212.56.54.158 (US/United States/-)	SQL Injection
🇬🇧 gurnip	2025-10-22 07:39:04 (7 months ago)	Vulnerability probe of page /.env, not found on server.	Brute-Force Web App Attack
🇩🇪 Bedios GmbH	2025-10-22 07:33:44 (7 months ago)	Login credentials theft attempt	Hacking
🇧🇬 pa4080	2025-10-22 06:57:16 (7 months ago)	Detected by ModSecurity. Request URI: /.env	Web App Attack
🇬🇧 CrystalMaker	2025-10-21 20:44:01 (7 months ago)	Vulnerability scan - GET /.env	Hacking
🇺🇸 jcbriar	2025-10-21 19:22:45 (7 months ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇩🇪 XICTRON	2025-10-09 14:10:06 (8 months ago)	FTP brute-force attempt detected by Fail2Ban in ProFTPd jail	FTP Brute-Force
🇺🇸 TPI-Abuse	2025-10-09 02:45:15 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.158 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 08 22:45:07.846150 2025] [security2:error] [pid 28029:tid 28029] [client 212.56.54.158:23825] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.thewhitedfamily.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.thewhitedfamily.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aOchs2fzEu62UuJNpphKvwAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-09 02:10:39 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.158 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 08 22:10:30.746608 2025] [security2:error] [pid 8844:tid 8844] [client 212.56.54.158:29198] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.susanleeward.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.susanleeward.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aOcZlvHvCx3DP4PYpXpevgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-09 01:50:59 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.158 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 08 21:50:51.979371 2025] [security2:error] [pid 26094:tid 26094] [client 212.56.54.158:50137] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.sigridsnaturalfoods.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.sigridsnaturalfoods.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aOcU-3-_VCbMfjXIOig3bAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 185.98.168.14

🇺🇸 173.255.223.49

🇺🇸 172.202.104.166

🇪🇸 172.68.135.162

🇸🇪 158.174.211.17

🇺🇦 109.104.173.166

🇪🇸 80.24.1.119

🇪🇸 172.68.134.140

🇺🇸 162.216.150.248

🇸🇪 158.174.210.161

🇺🇸 157.230.167.185

🇺🇸 69.74.29.21

🇺🇸 66.132.195.118

🇸🇬 43.156.212.86

🇺🇸 40.124.80.250

🇨🇳 220.165.85.39

🇮🇷 176.65.166.13

🇮🇳 168.144.112.35

🇰🇷 101.36.114.222

🇨🇦 85.217.149.41