JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.54.164

212.56.54.164 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Trenton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.54.164

Whois 212.56.54.164

IP Abuse Reports for 212.56.54.164:

This IP address has been reported a total of 16 times from 13 distinct sources. 212.56.54.164 was first reported on July 10th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-29 23:13:13 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.164 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 18:13:09.601662 2026] [security2:error] [pid 6338:tid 6338] [client 212.56.54.164:38550] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|luckydawgs.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "luckydawgs.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXvphbk8GfIKcGGtW59XQwAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇸🇬 Charles	2025-10-24 22:07:24 (7 months ago)	212.56.54.164 - - [25/Oct/2025:06:07:22 +0800] "GET /cms/.env HTTP/1.1" 404 360 "-" "Mozilla/5.0 (Wi ... show more 212.56.54.164 - - [25/Oct/2025:06:07:22 +0800] "GET /cms/.env HTTP/1.1" 404 360 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" ... show less	Web Spam Email Spam Brute-Force Bad Web Bot Web App Attack SSH
🇪🇸 netfactotum	2025-10-24 21:34:28 (7 months ago)		Hacking Web App Attack
Anonymous	2025-10-24 19:52:47 (7 months ago)	Aggressive web scan	Web App Attack
🇺🇸 Gabriel Camargo	2025-10-24 19:34:33 (7 months ago)	212.56.54.164 - - [24/Oct/2025:14:34:33 -0500] "GET /api/.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Wi ... show more 212.56.54.164 - - [24/Oct/2025:14:34:33 -0500] "GET /api/.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" 212.56.54.164 - - [24/Oct/2025:14:34:33 -0500] "GET /.aws/credentials HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" 212.56.54.164 - - [24/Oct/2025:14:34:33 -0500] "GET /backend/.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" ... show less	Brute-Force SSH
Anonymous	2025-10-24 18:49:32 (7 months ago)	212.56.54.164 - - [24/Oct/2025:18:49:32 +0000] "GET /.aws/credentials HTTP/1.1" 404 197 "-" "Mozilla ... show more 212.56.54.164 - - [24/Oct/2025:18:49:32 +0000] "GET /.aws/credentials HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" 212.56.54.164 - - [24/Oct/2025:18:49:32 +0000] "GET /app/.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" 212.56.54.164 - - [24/Oct/2025:18:49:32 +0000] "GET /backend/.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" 212.56.54.164 - - [24/Oct/2025:18:49:32 +0000] "GET /api/.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" 212.56.54.164 - - [24/Oct/2025:18:49:32 +0000] "GET /admin/.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" 212.56.54.164 - - [24/Oct/2025:18:49:32 +0000] "GET /.aws/config HTTP/1.1" 404 197 "-" "Mozilla/ ... show less	FTP Brute-Force Port Scan Hacking Brute-Force Bad Web Bot Web App Attack SSH
🇺🇸 mnsf	2025-10-24 17:05:17 (7 months ago)	Too many Status 50X (20)	Brute-Force Web App Attack
🇮🇹 mgarofano80	2025-10-24 14:38:40 (7 months ago)		Brute-Force Web App Attack
🇮🇪 AutosOnShow	2025-10-23 11:07:05 (7 months ago)	blocked for webapp attack \| path requested: /.env \| seen at 2025-10-23 11:06:04.401 \|	Web App Attack
Anonymous	2025-10-23 09:36:03 (7 months ago)	$f2bV_matches	Brute-Force
🇺🇸 ne1for23	2025-10-23 08:31:14 (7 months ago)	Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" ... show more Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" resources improperly exposed externally and "protected" only by a lack of external DNS resolution. 212.56.54.164 - - [23/Oct/2025:08:31:14 +0000] "GET /.env HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" "-" show less	Hacking
Anonymous	2025-10-23 06:46:35 (7 months ago)	212.56.54.164 - - [23/Oct/2025:06:46:32 +0000] "GET /server/.env HTTP/1.1" 400 68672 "-" "Mozilla/5 ... show more 212.56.54.164 - - [23/Oct/2025:06:46:32 +0000] "GET /server/.env HTTP/1.1" 400 68672 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" "-" "-" 212.56.54.164 - - [23/Oct/2025:06:46:35 +0000] "GET /laravel/.env HTTP/1.1" 400 68675 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" "-" "-" 212.56.54.164 - - [23/Oct/2025:06:46:35 +0000] "GET /erp/.env HTTP/1.1" 400 68639 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" "-" "-" 212.56.54.164 - - [23/Oct/2025:06:46:35 +0000] "GET /.env.local HTTP/1.1" 400 68661 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" "-" "-" 212.56.54.164 - - [23/Oct/2025:06:46:35 +0000] "GET /config/.env HTTP/1.1" 400 68672 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" "-" "-" 212.56.54.164 - - [23/Oct/2025:06:46:35 +00 ... show less	Brute-Force SSH
Anonymous	2025-10-23 05:37:44 (7 months ago)	Aggressive web scan	Web App Attack
🇮🇹 VHosting	2025-07-15 19:55:50 (11 months ago)	Detected attack by Imunify360	Brute-Force Web App Attack
🇫🇷 ᴀʀᴛ	2025-07-11 00:00:24 (11 months ago)	Triggered Cloudflare WAF (l7ddos) from US. ASN: 4213 (EVOCATIVE-GLOBAL) Protocol: HTTP/2 (GET method ... show more Triggered Cloudflare WAF (l7ddos) from US. ASN: 4213 (EVOCATIVE-GLOBAL) Protocol: HTTP/2 (GET method) UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	DDoS Attack Bad Web Bot

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 178.159.41.51

🇺🇸 162.216.149.11

🇬🇧 35.203.211.138

🇬🇧 193.163.125.252

🇮🇳 182.95.48.154

🇧🇷 177.174.0.3

🇳🇱 176.65.139.224

🇺🇸 165.154.172.10

🇺🇸 162.216.150.139

🇸🇬 118.139.164.171

🇺🇸 102.129.137.96

🇰🇿 95.59.209.241

🇹🇿 41.93.28.9

🇨🇳 14.22.89.30

🇺🇸 162.216.150.246

🇭🇰 154.221.28.214

🇨🇳 121.15.140.235

🇰🇷 110.10.176.24

🇸🇬 101.47.158.56

🇮🇹 57.131.49.91