JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.54.174

212.56.54.174 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Trenton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.54.174

Whois 212.56.54.174

IP Abuse Reports for 212.56.54.174:

This IP address has been reported a total of 28 times from 16 distinct sources. 212.56.54.174 was first reported on May 31st 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-03-29 12:05:33 (2 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 bigscoots.com	2026-03-08 17:27:24 (3 months ago)	(smtpauth) Failed SMTP AUTH login from 212.56.54.174 (US/United States/-): 5 in the last 3600 secs; ... show more (smtpauth) Failed SMTP AUTH login from 212.56.54.174 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-03-08 12:47:58 dovecot_plain authenticator failed for H=([10.5.18.131]) [212.56.54.174]:64908: 535 Incorrect authentication data ([email protected]) 2026-03-08 12:48:04 dovecot_login authenticator failed for H=([10.5.18.131]) [212.56.54.174]:64908: 535 Incorrect authentication data ([email protected]) 2026-03-08 12:48:10 dovecot_plain authenticator failed for H=([10.5.18.131]) [212.56.54.174]:25832: 535 Incorrect authentication data ([email protected]) 2026-03-08 12:48:16 dovecot_login authenticator failed for H=([10.5.18.131]) [212.56.54.174]:25832: 535 Incorrect authentication data ([email protected]) 2026-03-08 13:27:21 dovecot_plain authenticator failed for H=([10.5.18.131]) [212.56.54.174]:19064: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
Anonymous	2026-03-08 17:20:38 (3 months ago)	Authentication failure	Brute-Force
🇬🇧 killian7603	2026-03-08 16:46:01 (3 months ago)	Logon Policy Violation	Email Spam Spoofing Brute-Force
🇮🇩 aaKenshin	2026-03-08 16:10:54 (3 months ago)	Suspicious activity detected from IP 212.56.54.174 based on mailserver logs. Sample logs: 2026-03-09 ... show more Suspicious activity detected from IP 212.56.54.174 based on mailserver logs. Sample logs: 2026-03-09 00:10:33,559 INFO [qtp2102534528-110136] [name=*@.id;ip=172.16.0.182;oip=212.56.54.174;oport=24982;oproto=smtp;port=34698;soapId=2e7946fa;] soap - AuthRequest elapsed=4 2026-03-09 00:10:45,216 INFO [qtp2102534528-110136] [name=*@.id;ip=172.16.0.182;oip=212.56.54.174;oport=57763;oproto=smtp;port=55944;soapId=2e7946fb;] SoapEngine - handler exception: authentication failed for [], LDAP error: - unable to ldap authenticate: invalid credentials 2026-03-09 00:10:45,216 INFO [qtp2102534528-110136] [name=@.id;ip=172.16.0.182;oip=212.56.54.174;oport=57763;oproto=smtp;port=55944;soapId=2e7946fb;] soap - AuthRequest elapsed=3 2026-03-09 00:10:45,732 INFO [qtp2102534528-110241] [name=@.id;ip=172.16.0.182;oip=212.56.54.174;oport=57763;oproto=smtp;port=55946;soapId=2e7946fc;] SoapEngine - handler exception: authentication failed for [**], LDAP error: - unable to ldap authenticate: show less	Brute-Force
🇫🇷 UM3	2026-03-08 16:02:52 (3 months ago)	Exim Auth Failed	Brute-Force
🇺🇸 bigscoots.com	2026-03-08 15:19:07 (3 months ago)	(smtpauth) Failed SMTP AUTH login from 212.56.54.174 (US/United States/-): 5 in the last 3600 secs; ... show more (smtpauth) Failed SMTP AUTH login from 212.56.54.174 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-03-08 11:18:38 dovecot_plain authenticator failed for H=([10.5.18.131]) [212.56.54.174]:5698: 535 Incorrect authentication data ([email protected]) 2026-03-08 11:18:44 dovecot_login authenticator failed for H=([10.5.18.131]) [212.56.54.174]:5698: 535 Incorrect authentication data ([email protected]) 2026-03-08 11:18:50 dovecot_plain authenticator failed for H=([10.5.18.131]) [212.56.54.174]:44502: 535 Incorrect authentication data ([email protected]) 2026-03-08 11:18:56 dovecot_login authenticator failed for H=([10.5.18.131]) [212.56.54.174]:44502: 535 Incorrect authentication data ([email protected]) 2026-03-08 11:19:04 dovecot_plain authenticator failed for H=([10.5.18.131]) [212.56.54.174]:40537: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
Anonymous	2026-03-08 15:13:01 (3 months ago)	...	Brute-Force
🇦🇺 MAGIC	2026-03-05 01:13:06 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-01 13:41:35 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.174 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 08:41:28.085193 2026] [security2:error] [pid 28846:tid 28846] [client 212.56.54.174:34139] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|digitaltom.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "digitaltom.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX9YCNcDQ2Byjxxq-9sOTgAAACE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 11:19:08 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.174 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:19:00.469417 2026] [security2:error] [pid 15980:tid 15980] [client 212.56.54.174:20439] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|taafe.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "taafe.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aX82pIEPNd6IfEZwmzXm6wAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 10:33:47 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.174 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 05:33:42.160149 2026] [security2:error] [pid 12948:tid 12965] [client 212.56.54.174:53055] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|meeker.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "meeker.us"] [uri "/wp-json/wp/v2/users"] [unique_id "aX8sBi0kIBP8_uUA_g2cHAAAAAk"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 NXTwoThou	2026-02-01 10:09:11 (4 months ago)	/%3Fauthor=1	Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 09:43:59 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.174 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 04:43:55.292250 2026] [security2:error] [pid 2474:tid 2474] [client 212.56.54.174:19511] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|joshuashands.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "joshuashands.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aX8gWyAYo5V2wAE5i2f0zQAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 09:11:54 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.174 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 04:11:50.503026 2026] [security2:error] [pid 241598:tid 241598] [client 212.56.54.174:55753] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|braddonengineering.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "braddonengineering.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX8Y1hqrb6I_1ST-hjH-NAAAABQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 181.214.99.186

🇮🇩 180.243.7.199

🇺🇸 103.234.62.96

🇷🇴 92.118.39.62

🇨🇦 85.217.149.60

🇨🇳 111.26.62.42

🇺🇸 43.135.135.17

🇬🇧 35.203.210.104

🇺🇸 216.180.246.234

🇺🇸 216.73.217.139

🇺🇸 192.227.229.38

🇨🇴 190.60.32.76

🇨🇳 182.119.229.168

🇺🇸 66.132.172.179

🇳🇱 45.148.10.147

🇸🇬 43.134.230.165

🇻🇪 38.150.88.251

🇸🇬 8.222.239.48

🇮🇳 154.84.242.115

🇺🇸 147.185.132.247