JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.54.215

212.56.54.215 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Trenton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.54.215

Whois 212.56.54.215

IP Abuse Reports for 212.56.54.215:

This IP address has been reported a total of 24 times from 21 distinct sources. 212.56.54.215 was first reported on June 16th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 QT	2026-03-27 18:46:00 (2 months ago)	Unauthorised WordPress admin login attempted at 2026-03-28 04:45:58 +1000	Web App Attack
Anonymous	2026-03-27 18:45:04 (2 months ago)	[redacted] 212.56.54.215 - - [27/Mar/2026:19:45:02 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "M ... show more [redacted] 212.56.54.215 - - [27/Mar/2026:19:45:02 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 212.56.54.215 - - [27/Mar/2026:19:45:02 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 212.56.54.215 - - [27/Mar/2026:19:45:02 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 212.56.54.215 - - [27/Mar/2026:19:45:02 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 212.56.54.215 - - [27/Mar/2026:19:45: ... show less	Hacking Web App Attack
Anonymous	2026-03-27 18:40:03 (2 months ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇧🇪 cmbplf	2026-03-27 18:34:38 (2 months ago)	30.018 POST requests with url.path /wp-login.php 22.249 requests with url.path /xmlrpc.php	Brute-Force Bad Web Bot
🇨🇭 backslash	2026-03-27 18:33:00 (2 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇩🇪 konseptit	2026-03-27 18:23:39 (2 months ago)	(wordpress) Failed wordpress login from 212.56.54.215 (US/United States/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-03-27 18:18:14 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 212.56.54.215 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 212.56.54.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 27 14:18:08.806155 2026] [security2:error] [pid 24685:tid 24685] [client 212.56.54.215:54867] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 212.56.54.215 (+1 hits since last alert)\|arsenalfordemocracy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "arsenalfordemocracy.com"] [uri "/xmlrpc.php"] [unique_id "acbJ4NFZDl_fbUmrEpzsKwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-03-27 17:55:13 (2 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 25	Exploited Host Web App Attack
Anonymous	2026-03-27 17:54:42 (2 months ago)	[redacted] 212.56.54.215 - - [27/Mar/2026:18:54:40 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "M ... show more [redacted] 212.56.54.215 - - [27/Mar/2026:18:54:40 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 212.56.54.215 - - [27/Mar/2026:18:54:40 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 212.56.54.215 - - [27/Mar/2026:18:54:40 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 212.56.54.215 - - [27/Mar/2026:18:54:40 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 212.56.54.215 - - [27/Mar/2026:18:54:40 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozi ... show less	Hacking Web App Attack
Anonymous	2026-03-27 17:38:57 (2 months ago)	[redacted] 212.56.54.215 - - [27/Mar/2026:18:38:47 +0100] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "M ... show more [redacted] 212.56.54.215 - - [27/Mar/2026:18:38:47 +0100] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 212.56.54.215 - - [27/Mar/2026:18:38:47 +0100] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 212.56.54.215 - - [27/Mar/2026:18:38:47 +0100] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 212.56.54.215 - - [27/Mar/2026:18:38:47 +0100] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 212.56.54.215 - - [27/Mar/2026:18:38:47 +0100] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Ap ... show less	Hacking Web App Attack
🇩🇪 tinect	2026-02-22 07:26:46 (3 months ago)	Gets ban for 4h for triggering crowdsecurity/dovecot-spam at root1.	Web App Attack
🇨🇿 lp	2026-02-22 03:05:47 (3 months ago)	Email account brute force: 4 attempts were recorded from 212.56.54.215 2026-02-22T03:01:29+01:00 war ... show more Email account brute force: 4 attempts were recorded from 212.56.54.215 2026-02-22T03:01:29+01:00 warning: unknown[212.56.54.215]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-02-22T03:01:30+01:00 warning: unknown[212.56.54.215]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-02-22T03:01:31+01:00 warning: unknown[212.56.54.215]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-02-22T03:01:31+01:00 warning: unknown[212.56.54.215]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
🇨🇳 ThreatBook.io	2026-02-14 22:09:48 (4 months ago)	ThreatBook Intelligence: vpn_proxy,Dynamic IP more details on https://threatbook.io/ip/212.56.54.215 ... show more ThreatBook Intelligence: vpn_proxy,Dynamic IP more details on https://threatbook.io/ip/212.56.54.215 2026-02-14 15:08:31 / 2026-02-14 14:28:47 / show less	Web App Attack
Anonymous	2026-02-14 15:30:09 (4 months ago)		Hacking
🇺🇸 gumbysoft	2026-02-13 22:24:08 (4 months ago)	Invalid Host header in HTTP request	Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 185.226.196.20

🇳🇱 176.65.139.66

🇮🇳 152.58.157.37

🇭🇰 119.236.124.194

🇭🇰 101.36.110.164

🇦🇹 68.210.120.110

🇺🇸 2a01:f2c5:cacd:a587:92c6:b8d9:56f1:5a80

🇺🇸 185.226.196.18

🇭🇰 118.193.32.119

🇮🇳 103.187.78.189

🇸🇬 68.183.191.143

🇺🇸 66.132.172.222

🇳🇱 45.156.87.34

🇳🇱 45.148.10.152

🇺🇸 216.218.206.97

🇸🇬 43.156.24.132

🇨🇳 42.52.16.9

🇹🇷 31.145.131.202

🇳🇱 206.189.109.91

🇸🇬 194.5.82.117