JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.54.66

212.56.54.66 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 14%: ?

14%

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4213
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Trenton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.54.66

Whois 212.56.54.66

IP Abuse Reports for 212.56.54.66:

This IP address has been reported a total of 14 times from 10 distinct sources. 212.56.54.66 was first reported on July 10th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 SSH-Admin	2026-06-15 04:00:04 (3 days ago)	Probing for Exploits on ns200	Exploited Host Web App Attack
🇫🇷 matthieul.dev	2026-06-13 16:00:34 (5 days ago)	Blocked by os-abuseipdb; 11 hits, proto=tcp,udp, ports=7158	Port Scan Brute-Force
Anonymous	2026-03-16 07:32:08 (3 months ago)	(smtpauth) Failed SMTP AUTH login from 212.56.54.66 (US/United States/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-01-29 19:15:05 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.66 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 14:15:01.167487 2026] [security2:error] [pid 10959:tid 10959] [client 212.56.54.66:49193] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|osbyink.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "osbyink.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXuxtcWER6G5M_x6AoU7KQAAABU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-29 18:48:58 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.66 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 13:48:50.899302 2026] [security2:error] [pid 32072:tid 32072] [client 212.56.54.66:60850] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|marionenv.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "marionenv.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXurkoz8lzQOOsM54GJgdAAAABo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-29 18:26:58 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.66 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 13:26:53.636423 2026] [security2:error] [pid 27220:tid 27220] [client 212.56.54.66:17488] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|chameleonpcs.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "chameleonpcs.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXumbQyQ0Rnk3er4LqYgIQAAAAM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-29 17:17:58 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.66 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 12:17:52.262051 2026] [security2:error] [pid 4794:tid 4794] [client 212.56.54.66:18015] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|phlippo.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "phlippo.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXuWQNKklXmtEcCrzyJ5FgAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-29 16:09:38 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.56.54.66 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 212.56.54.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 11:09:35.323621 2026] [security2:error] [pid 3434196:tid 3434232] [client 212.56.54.66:60954] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|pershia.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pershia.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aXuGP-6Dvwg6ijNgcLJY9wAAAJc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 GabrielJST	2026-01-25 22:28:15 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 212.56.54.66 (US/United States/-)	Brute-Force
🇮🇹 Progetto1	2025-12-17 08:53:02 (6 months ago)	Mail - Multiple failed login attempts	Brute-Force Exploited Host
🇮🇹 VHosting	2025-12-17 08:52:39 (6 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇩🇪 marzzzello	2025-08-01 02:27:55 (10 months ago)	Ports: 25x 44158	Port Scan
🇺🇸 xmission.com	2025-07-21 08:54:31 (10 months ago)	Blocked by UFW (TCP on 6881) Source port: 46259 TTL: 50 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 6881) Source port: 46259 TTL: 50 Packet length: 60 TOS: 0x08 This report (for 212.56.54.66) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2025-07-10 16:10:04 (11 months ago)	Port scan detected via nftables - 46847 - (no PTR record)	Hacking

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.242

🇺🇸 104.28.152.173

🇭🇰 46.247.61.189

🇳🇱 45.148.10.152

🇮🇳 122.187.227.144

🇨🇳 106.75.227.248

🇺🇸 64.62.156.184

🇷🇺 46.163.134.250

🇺🇸 43.153.49.151

🇸🇪 31.13.191.87

🇭🇰 47.239.170.243

🇸🇬 43.128.122.242

🇬🇧 2a06:4880:2000::2d

🇸🇪 213.66.196.11

🇵🇪 181.176.102.115

🇲🇦 154.144.225.226

🇭🇰 144.48.241.162

🇮🇳 117.247.23.131

🇧🇩 103.183.62.2

🇿🇲 102.23.122.235