JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.54.159

212.56.54.159 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Trenton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.54.159

Whois 212.56.54.159

IP Abuse Reports for 212.56.54.159:

This IP address has been reported a total of 23 times from 13 distinct sources. 212.56.54.159 was first reported on July 4th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 big-cloud.nl	2026-05-14 04:23:38 (1 month ago)	Try to access /xmlrpc.php	Web App Attack
Anonymous	2026-02-10 19:18:55 (4 months ago)	wordpress-trap	Web App Attack
Anonymous	2026-01-28 16:30:59 (4 months ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇧🇪 cmbplf	2025-11-03 23:27:05 (7 months ago)	584 requests with user_agent.original Mozilla/5.0 (X11; U; Linux x86_64) AppleWebKit/537.36 (KHTML, ... show more 584 requests with user_agent.original Mozilla/5.0 (X11; U; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/115.0.5738.217 Chrome/115.0.5738.217 Safari/537.36 575 requests with user_agent.original Mozilla/5.0 (Linux; Android 13; SAMSUNG SM-T220) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/23.0 Chrome/115.0.0.0 Mobile Safari/537.36 571 requests with user_agent.original Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021208 Debian/1.2.1-2 546 requests with user_agent.original Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/102.0.5143.178 Chrome/102.0.5143.178 Safari/537.36 543 requests with user_agent.original Mozilla/5.0 (Linux; Android 13; SM-F711U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36 EdgA/114.0.1823.43 539 requests with user_agent.original Mozilla/5.0 (Linux; Android 6.0.1; SM-G532MT Build/MMB29T; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/99.0.4844.88 Mobile Safari show less	Brute-Force Bad Web Bot
🇫🇷 Faeeth	2025-09-26 17:54:54 (8 months ago)	Multiple hits on Honeypot UID:PTRW50NM46 Port:Http (80)	Brute-Force
🇩🇪 stinpriza	2025-07-15 08:14:16 (11 months ago)	Web App Attack	Web App Attack
🇺🇸 octageeks.com	2025-07-06 04:09:28 (11 months ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 BSG Webmaster	2025-07-05 07:35:19 (11 months ago)	Port scanning (Port 80)	Port Scan Hacking
🇺🇸 jkhorvath.com	2025-07-05 07:19:00 (11 months ago)	Request for URL /.env	Phishing Brute-Force Web App Attack
🇺🇸 MogBox	2025-07-05 05:35:00 (11 months ago)	(mod_security) mod_security (id:210492) triggered by 212.56.54.159 (US/United States/-): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 212.56.54.159 (US/United States/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Sat Jul 05 01:34:49.782434 2025] [security2:error] [pid 1105394:tid 1105442] [client 212.56.54.159:49642] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "209.59.154.179"] [uri "/.env"] [unique_id "aGi5eZhvd0jQEj3muWN-agAAAFA"] show less	Hacking
🇩🇪 KiekerJan	2025-07-05 04:38:24 (11 months ago)	212.56.54.159 - - [05/Jul/2025:06:38:22 +0200] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin. ... show more 212.56.54.159 - - [05/Jul/2025:06:38:22 +0200] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 301 162 "-" "python-requests/2.32.4" 212.56.54.159 - - [05/Jul/2025:06:38:23 +0200] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 118 "-" "python-requests/2.32.4" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2025-07-05 02:49:57 (11 months ago)	(mod_security) mod_security (id:210492) triggered by 212.56.54.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.56.54.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 04 22:49:52.883162 2025] [security2:error] [pid 1339:tid 1339] [client 212.56.54.159:58909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.244"] [uri "/.env"] [unique_id "aGiS0Axc-oHTJhlbl5TEQQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-05 01:45:40 (11 months ago)	(mod_security) mod_security (id:210492) triggered by 212.56.54.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.56.54.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 04 21:45:35.177263 2025] [security2:error] [pid 25551:tid 25551] [client 212.56.54.159:56926] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.19"] [uri "/.env"] [unique_id "aGiDv3ZGeJXeB1yiLRLkEwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-05 00:33:41 (11 months ago)	(mod_security) mod_security (id:210492) triggered by 212.56.54.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.56.54.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 04 20:33:36.727406 2025] [security2:error] [pid 31536:tid 31536] [client 212.56.54.159:57829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.238"] [uri "/.env"] [unique_id "aGhy4E-SdWH5A6S2GXR65gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-05 00:07:05 (11 months ago)	(mod_security) mod_security (id:210492) triggered by 212.56.54.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.56.54.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 04 20:06:58.994149 2025] [security2:error] [pid 31547:tid 31547] [client 212.56.54.159:57968] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.112"] [uri "/.env"] [unique_id "aGhsoqx8KLwFtbMbczIQNQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 43.166.242.189

🇮🇩 36.78.102.29

🇹🇭 159.192.144.204

🇫🇷 141.94.105.203

🇺🇸 104.248.50.150

🇭🇰 103.100.208.168

🇫🇷 90.110.220.85

🇮🇩 69.5.7.218

🇺🇸 66.132.172.126

🇲🇽 38.65.186.100

🇺🇸 34.11.24.202

🇨🇳 218.71.59.70

🇳🇱 176.65.139.234

🇺🇸 135.237.125.155

🇨🇳 125.124.175.173

🇲🇾 103.169.91.45

🇪🇸 78.136.109.70

🇧🇬 78.128.114.102

🇪🇬 45.246.53.174

🇸🇬 45.77.242.174