JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.54.25

212.56.54.25 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Trenton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.54.25

Whois 212.56.54.25

IP Abuse Reports for 212.56.54.25:

This IP address has been reported a total of 16 times from 14 distinct sources. 212.56.54.25 was first reported on May 28th 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇿 lp	2026-03-12 03:07:47 (3 months ago)	Email account brute force: 4 attempts were recorded from 212.56.54.25 2026-03-12T03:49:59+01:00 warn ... show more Email account brute force: 4 attempts were recorded from 212.56.54.25 2026-03-12T03:49:59+01:00 warning: unknown[212.56.54.25]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-03-12T03:49:59+01:00 warning: unknown[212.56.54.25]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-03-12T03:50:00+01:00 warning: unknown[212.56.54.25]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-03-12T03:50:01+01:00 warning: unknown[212.56.54.25]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
🇺🇸 bigscoots.com	2026-03-12 01:53:16 (3 months ago)	(smtpauth) Failed SMTP AUTH login from 212.56.54.25 (US/United States/-): 5 in the last 3600 secs; P ... show more (smtpauth) Failed SMTP AUTH login from 212.56.54.25 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-03-11 21:52:22 dovecot_plain authenticator failed for H=([10.16.18.108]) [212.56.54.25]:8827: 535 Incorrect authentication data ([email protected]) 2026-03-11 21:52:28 dovecot_login authenticator failed for H=([10.16.18.108]) [212.56.54.25]:8827: 535 Incorrect authentication data ([email protected]) 2026-03-11 21:52:34 dovecot_plain authenticator failed for H=([10.16.18.108]) [212.56.54.25]:31590: 535 Incorrect authentication data ([email protected]) 2026-03-11 21:52:40 dovecot_login authenticator failed for H=([10.16.18.108]) [212.56.54.25]:31590: 535 Incorrect authentication data ([email protected]) 2026-03-11 21:53:12 dovecot_plain authenticator failed for H=([10.16.18.108]) [212.56.54.25]:9688: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
Anonymous	2026-03-12 00:43:15 (3 months ago)	Authentication failure	Brute-Force
Anonymous	2026-02-23 16:09:02 (4 months ago)	...	Brute-Force
Anonymous	2026-02-23 13:38:55 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 212.56.54.25 (US/United States/-)	Brute-Force
🇩🇪 triple-web.net	2026-02-23 13:34:28 (4 months ago)	$f2bV_matches	Brute-Force
Anonymous	2026-02-23 13:17:45 (4 months ago)	30x Postfix SASL LOGIN authentication failed	Brute-Force
Anonymous	2026-02-20 17:08:02 (4 months ago)	...	Brute-Force
🇺🇸 TSLAdmin	2026-02-18 23:57:13 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 212.56.54.25 (Unknown): 5 in the last 3600 secs; Ports: ; Di ... show more (smtpauth) Failed SMTP AUTH login from 212.56.54.25 (Unknown): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2026-02-18 16:57:00 plain authenticator failed for H=([10.16.18.59]) [212.56.54.25]: 535 Incorrect authentication data ([email protected]) 2026-02-18 16:57:00 login authenticator failed for H=([10.16.18.59]) [212.56.54.25]: 535 Incorrect authentication data ([email protected]) 2026-02-18 16:57:01 plain authenticator failed for H=([10.16.18.59]) [212.56.54.25]: 535 Incorrect authentication data ([email protected]) 2026-02-18 16:57:01 login authenticator failed for H=([10.16.18.59]) [212.56.54.25]: 535 Incorrect authentication data ([email protected]) 2026-02-18 16:57:09 plain authenticator failed for H=([10.16.18.59]) [212.56.54.25]: 535 Incorrect authentication data ([email protected]) show less	Port Scan
🇬🇧 Mendip_Defender	2026-01-25 15:17:17 (5 months ago)	Jan 25 15:17:16 jackstringer postfix/smtpd[1818257]: warning: unknown[212.56.54.25]: SASL CRAM-MD5 a ... show more Jan 25 15:17:16 jackstringer postfix/smtpd[1818257]: warning: unknown[212.56.54.25]: SASL CRAM-MD5 authentication failed: authentication failure, [email protected] Jan 25 15:17:16 jackstringer postfix/smtpd[1818257]: warning: unknown[212.56.54.25]: SASL PLAIN authentication failed: authentication failure, [email protected] ... show less	Brute-Force
🇦🇺 screwlooseit.com.au	2025-11-27 21:37:54 (6 months ago)	Blocked by CSF 13 firewall - Rule: mysaslmatch GB/United Kingdom/-	Web App Attack
Anonymous	2025-11-21 14:25:12 (7 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-11-13 01:05:12 (7 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇺🇸 TPI-Abuse	2025-11-04 06:38:07 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.25 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 04 01:38:03.004896 2025] [security2:error] [pid 29557:tid 29557] [client 212.56.54.25:59429] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|arriagarealestate.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "arriagarealestate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQmfS2LMizeWGn2k0isfzwAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-10-01 08:35:09 (8 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇦 175.110.254.8

🇹🇭 203.154.158.195

🇧🇷 200.52.228.84

🇧🇷 200.24.93.1

🇮🇳 182.95.123.50

🇸🇪 171.25.193.132

🇪🇨 157.100.135.7

🇵🇰 110.93.224.226

🇧🇩 103.153.48.28

🇺🇦 46.175.248.207

🇺🇸 193.37.33.188

🇦🇺 158.178.141.16

🇱🇻 81.30.98.49

🇮🇱 79.177.139.121

🇧🇷 45.229.91.34

🇻🇪 190.89.29.37

🇸🇬 172.188.89.41

🇺🇸 138.94.219.139

🇸🇬 114.119.143.177

🇮🇳 106.200.25.165