JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.54.211

212.56.54.211 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Trenton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.54.211

Whois 212.56.54.211

IP Abuse Reports for 212.56.54.211:

This IP address has been reported a total of 29 times from 22 distinct sources. 212.56.54.211 was first reported on June 19th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 bigscoots.com	2026-01-24 16:33:28 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 212.56.54.211 (US/United States/-): 5 in the last 3600 secs; ... show more (smtpauth) Failed SMTP AUTH login from 212.56.54.211 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-01-24 11:33:00 dovecot_plain authenticator failed for H=([10.2.18.120]) [212.56.54.211]:27127: 535 Incorrect authentication data ([email protected]) 2026-01-24 11:33:06 dovecot_login authenticator failed for H=([10.2.18.120]) [212.56.54.211]:27127: 535 Incorrect authentication data ([email protected]) 2026-01-24 11:33:12 dovecot_plain authenticator failed for H=([10.2.18.120]) [212.56.54.211]:19174: 535 Incorrect authentication data ([email protected]) 2026-01-24 11:33:18 dovecot_login authenticator failed for H=([10.2.18.120]) [212.56.54.211]:19174: 535 Incorrect authentication data ([email protected]) 2026-01-24 11:33:28 dovecot_plain authenticator failed for H=([10.2.18.120]) [212.56.54.211]:38259: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇲🇾 syokadmin	2025-09-05 09:38:19 (9 months ago)	(cpanel) Failed cPanel login from 212.56.54.211 (US/United States/-): 1 in the last 3600 secs	Brute-Force Web App Attack
Anonymous	2025-07-29 16:31:30 (10 months ago)	Failed login attempt detected by Fail2Ban in recidive jail	Brute-Force
🇨🇳 ThreatBook.io	2025-07-28 22:07:52 (10 months ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/212.56.54.211 202 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/212.56.54.211 2025-07-28 12:25:13 /.env show less	Web App Attack
🇪🇸 tutaim.com	2025-07-28 22:00:03 (10 months ago)	⛔ [29/07/25] This IP has been detected performing multiple attacks on websites (3 attempts blocked). ... show more ⛔ [29/07/25] This IP has been detected performing multiple attacks on websites (3 attempts blocked). Potential malicious activity. show less	FTP Brute-Force Brute-Force Web App Attack SSH
🇺🇸 rdpguard.com	2025-07-28 21:21:07 (10 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇫🇷 LRNP	2025-07-28 20:21:21 (10 months ago)	_:80 212.56.54.211 - - [28/Jul/2025:20:21:21 +0000] "GET /.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 (M ... show more _:80 212.56.54.211 - - [28/Jul/2025:20:21:21 +0000] "GET /.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" ... show less	Bad Web Bot Web App Attack
🇪🇸 tutaim.com	2025-07-28 20:00:02 (10 months ago)	⛔ [28/07/25] This IP has been detected performing multiple attacks on websites (3 attempts blocked). ... show more ⛔ [28/07/25] This IP has been detected performing multiple attacks on websites (3 attempts blocked). Potential malicious activity. show less	FTP Brute-Force Brute-Force Web App Attack SSH
🇩🇪 0x44	2025-07-28 19:20:04 (10 months ago)	[28/Jul/2025] - Spam host detected, probing for vulnerabilities	Web Spam Exploited Host Web App Attack
🇵🇱 dzpk	2025-07-28 17:41:15 (10 months ago)	[28/Jul/2025:19:41:02 +0200] 175372446293.181828 212.56.54.211 53321 HOST 80 [28/Jul/2025:19:41:03 + ... show more [28/Jul/2025:19:41:02 +0200] 175372446293.181828 212.56.54.211 53321 HOST 80 [28/Jul/2025:19:41:03 +0200] 175372446334.201612 212.56.54.211 53347 HOST 443 [28/Jul/2025:19:41:14 +0200] 17537244748.620314 212.56.54.211 54305 HOST 80 show less	Web App Attack
🇺🇸 TPI-Abuse	2025-07-28 17:29:39 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 212.56.54.211 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.56.54.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 28 13:29:35.801808 2025] [security2:error] [pid 2700615:tid 2700638] [client 212.56.54.211:58504] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mecconsultant.com"] [uri "/.env"] [unique_id "aIezf9fkvJ0VO4DBd2MAZAAAAdI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-28 17:14:04 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 212.56.54.211 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.56.54.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 28 13:13:56.262230 2025] [security2:error] [pid 2529:tid 2529] [client 212.56.54.211:50849] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.clintcurrin.com"] [uri "/.env"] [unique_id "aIev1J6Z5ZT7hN6GcG1qHQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-07-28 16:53:47 (10 months ago)	212.56.54.211 - - [28/Jul/2025:16:53:46 +0000] "GET /.env HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Macint ... show more 212.56.54.211 - - [28/Jul/2025:16:53:46 +0000] "GET /.env HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" ... show less	Hacking Web App Attack
🇬🇧 Aetherweb Ark	2025-07-28 16:49:12 (10 months ago)	(mod_security) mod_security (id:949110) triggered by 212.56.54.211 (US/United States/-): N in the la ... show more (mod_security) mod_security (id:949110) triggered by 212.56.54.211 (US/United States/-): N in the last X secs show less	Web App Attack
🇮🇹 VHosting	2025-07-28 16:30:26 (10 months ago)	Detected attack by Imunify360	Brute-Force Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.223.107.86

🇧🇷 205.210.31.139

🇺🇸 150.107.38.188

🇺🇸 147.185.132.210

🇺🇸 147.185.132.100

🇷🇴 143.20.185.242

🇺🇸 107.77.201.34

🇩🇪 81.28.6.82

🇺🇸 66.132.195.62

🇸🇨 45.194.67.147

🇩🇪 5.253.246.137

🇺🇸 4.227.177.11

🇧🇷 2.27.83.29

🇩🇪 209.50.185.173

🇻🇳 103.77.175.15

🇺🇸 64.225.17.153

🇮🇩 36.92.84.130

🇨🇳 8.152.103.191

🇺🇸 174.75.211.195

🇩🇪 167.94.145.27