JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.54.42

212.56.54.42 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Trenton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.54.42

Whois 212.56.54.42

IP Abuse Reports for 212.56.54.42:

This IP address has been reported a total of 25 times from 9 distinct sources. 212.56.54.42 was first reported on June 25th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-03-27 16:30:41 (2 months ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
Anonymous	2026-02-21 14:40:02 (3 months ago)	...	Brute-Force
🇹🇷 rtbh.com.tr	2026-02-03 08:11:22 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇹🇷 rtbh.com.tr	2026-01-26 20:11:14 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 TPI-Abuse	2025-11-05 20:42:32 (7 months ago)	(mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 05 15:42:28.021739 2025] [security2:error] [pid 25490:tid 25490] [client 212.56.54.42:46097] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.beach98.com\|F\|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.beach98.com"] [uri "/robots.txt"] [unique_id "aQu2tLYFNgF4mvtJ3p4pNgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-05 14:34:39 (7 months ago)	(mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 05 09:34:33.706937 2025] [security2:error] [pid 2414:tid 2414] [client 212.56.54.42:40866] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.campnecon.com\|F\|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.campnecon.com"] [uri "/robots.txt"] [unique_id "aQtgeeKCnozpgsngqmLNOQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-05 13:29:49 (7 months ago)	(mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 05 08:29:44.954031 2025] [security2:error] [pid 6606:tid 6606] [client 212.56.54.42:20460] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.sutherlandyogastudio.com\|F\|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.sutherlandyogastudio.com"] [uri "/robots.txt"] [unique_id "aQtRSJhRKhi9dIAZdC5mBQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2025-11-05 13:21:19 (7 months ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 TPI-Abuse	2025-11-05 11:35:14 (7 months ago)	(mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 05 06:35:09.034515 2025] [security2:error] [pid 2550:tid 2550] [client 212.56.54.42:33244] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.visitcampbellford.com\|F\|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.visitcampbellford.com"] [uri "/robots.txt"] [unique_id "aQs2bQ2F2A1zaGnJyNyQVQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-05 11:35:11 (7 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2025-11-05 10:47:20 (7 months ago)	(mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 05 05:47:15.976044 2025] [security2:error] [pid 11519:tid 11519] [client 212.56.54.42:36572] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.sazisirel.com\|F\|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.sazisirel.com"] [uri "/robots.txt"] [unique_id "aQsrM90NHYaVMPB2ld4AwQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-05 07:24:28 (7 months ago)	(mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 05 02:24:23.193718 2025] [security2:error] [pid 9397:tid 9397] [client 212.56.54.42:49653] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.trispeccorp.com\|F\|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.trispeccorp.com"] [uri "/robots.txt"] [unique_id "aQr7p04CWt4VR36S7vhifwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-05 04:37:18 (7 months ago)	(mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 04 23:37:12.806442 2025] [security2:error] [pid 16609:tid 16609] [client 212.56.54.42:3970] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.drstiso.com\|F\|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.drstiso.com"] [uri "/robots.txt"] [unique_id "aQrUeM_GhMFKAJOKVSncPwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Apache	2025-11-05 04:06:14 (7 months ago)	(mod_security) mod_security (id:210831) triggered by 212.56.54.42 (US/United States/-): 5 in the las ... show more (mod_security) mod_security (id:210831) triggered by 212.56.54.42 (US/United States/-): 5 in the last 300 secs show less	Email Spam Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-05 02:07:19 (7 months ago)	(mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 212.56.54.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 04 21:07:15.001644 2025] [security2:error] [pid 583:tid 583] [client 212.56.54.42:12999] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.greatchristianadventure.com\|F\|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.greatchristianadventure.com"] [uri "/robots.txt"] [unique_id "aQqxUmvYrGeENt7B4vfNWQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 2400:cb00:1032:1000:8d8:c264:8c14:cdcb

🇲🇾 202.165.29.123

🇨🇳 175.2.34.46

🇺🇸 103.143.238.100

🇫🇷 80.15.223.148

🇺🇸 74.7.244.52

🇪🇸 149.91.97.132

🇺🇸 147.185.132.72

🇻🇳 118.69.226.76

🇰🇷 116.123.150.231

🇲🇦 105.154.187.179

🇺🇸 104.232.79.58

🇵🇪 38.25.65.200

🇷🇺 109.200.111.164

🇺🇸 45.130.83.241

🇻🇳 45.119.212.99

🇩🇪 3.75.135.91

🇺🇸 205.210.31.36

🇬🇧 193.176.29.8

🇮🇳 175.101.131.169