JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.49.111

212.56.49.111 was found in our database!

This IP was reported 62 times. Confidence of Abuse is 19%: ?

19%

ISP	VPN Consumer Montreal, Canada
Usage Type	Fixed Line ISP
ASN	AS3257
Domain Name	vpnconsumer.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.49.111

Whois 212.56.49.111

IP Abuse Reports for 212.56.49.111:

This IP address has been reported a total of 62 times from 39 distinct sources. 212.56.49.111 was first reported on July 27th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 ICS Labs	2026-05-27 19:27:48 (3 weeks ago)	ICS Labs identified 212.56.49.111 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Exploited Host
🇺🇸 bigscoots.com	2026-04-24 10:21:02 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 212.56.49.111 (CA/Canada/-): 5 in the last 3600 secs; Ports: ... show more (smtpauth) Failed SMTP AUTH login from 212.56.49.111 (CA/Canada/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-04-24 06:20:36 dovecot_plain authenticator failed for H=([10.12.177.78]) [212.56.49.111]:42532: 535 Incorrect authentication data ([email protected]) 2026-04-24 06:20:42 dovecot_login authenticator failed for H=([10.12.177.78]) [212.56.49.111]:42532: 535 Incorrect authentication data ([email protected]) 2026-04-24 06:20:50 dovecot_plain authenticator failed for H=([10.12.177.78]) [212.56.49.111]:32274: 535 Incorrect authentication data ([email protected]) 2026-04-24 06:20:52 dovecot_login authenticator failed for H=([10.12.177.78]) [212.56.49.111]:32274: 535 Incorrect authentication data ([email protected]) 2026-04-24 06:21:01 dovecot_plain authenticator failed for H=([10.12.177.78]) [212.56.49.111]:39166: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
Anonymous	2026-04-24 08:28:20 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 212.56.49.111 (CA/Canada/Quebec/Montreal/-/[redacted])	Brute-Force
🇺🇸 bigscoots.com	2026-04-24 07:29:17 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 212.56.49.111 (CA/Canada/-): 5 in the last 3600 secs; Ports: ... show more (smtpauth) Failed SMTP AUTH login from 212.56.49.111 (CA/Canada/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-04-24 03:28:37 dovecot_plain authenticator failed for H=([10.12.205.156]) [212.56.49.111]:58339: 535 Incorrect authentication data ([email protected]) 2026-04-24 03:28:43 dovecot_login authenticator failed for H=([10.12.205.156]) [212.56.49.111]:58339: 535 Incorrect authentication data ([email protected]) 2026-04-24 03:28:50 dovecot_plain authenticator failed for H=([10.12.205.156]) [212.56.49.111]:29728: 535 Incorrect authentication data ([email protected]) 2026-04-24 03:28:52 dovecot_login authenticator failed for H=([10.12.205.156]) [212.56.49.111]:29728: 535 Incorrect authentication data ([email protected]) 2026-04-24 03:29:13 dovecot_plain authenticator failed for H=([10.12.205.156]) [212.56.49.111]:39468: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇩🇪 marcel-knorr.de	2026-04-24 07:16:14 (1 month ago)	[MK-VM1] Blocked by UFW	Brute-Force Port Scan
Anonymous	2026-04-23 05:32:19 (1 month ago)	Port scanning: unknown[212.56.49.111] unknown[212.56.49.111] unknown[212.56.49.111]	Brute-Force
🇳🇱 Sonar	2026-04-23 05:30:15 (1 month ago)	Bad_host	Brute-Force
🇬🇧 consul.to	2026-04-16 16:37:41 (2 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 Ghost Rider	2026-04-11 12:32:16 (2 months ago)	RdpGuard detected brute-force attempt on SMTP	Brute-Force
🇹🇷 rtbh.com.tr	2026-03-29 20:12:19 (2 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Anonymous	2026-03-28 06:10:09 (2 months ago)	2026-03-28T07:10:07+01:00 mailin-2 postfix/client/smtpd[1137713]: warning: unknown[212.56.49.111]: S ... show more 2026-03-28T07:10:07+01:00 mailin-2 postfix/client/smtpd[1137713]: warning: unknown[212.56.49.111]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-03-28T07:10:07+01:00 mailin-2 postfix/client/smtpd[1137713]: warning: unknown[212.56.49.111]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-03-28T07:10:08+01:00 mailin-2 postfix/client/smtpd[1134986]: warning: unknown[212.56.49.111]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-03-28T07:10:08+01:00 mailin-2 postfix/client/smtpd[1134986]: warning: unknown[212.56.49.111]: SASL LOGIN authentication failed: authentication failure, [email protected] ... show less	Brute-Force
🇵🇱 IT RDC	2026-03-28 06:04:23 (2 months ago)	Mar 28 07:04:19 rdcmail postfix/submission/smtpd[3284872]: warning: unknown[212.56.49.111]: SASL PLA ... show more Mar 28 07:04:19 rdcmail postfix/submission/smtpd[3284872]: warning: unknown[212.56.49.111]: SASL PLAIN authentication failed: authentication failure, [email protected] Mar 28 07:04:19 rdcmail postfix/submission/smtpd[3284872]: warning: unknown[212.56.49.111]: SASL LOGIN authentication failed: authentication failure, [email protected] Mar 28 07:04:23 rdcmail postfix/smtps/smtpd[3284883]: warning: unknown[212.56.49.111]: SASL PLAIN authentication failed: authentication failure, [email protected] ... show less	Brute-Force
🇩🇪 itsolon	2026-03-28 05:48:12 (2 months ago)	Mar 28 06:48:00 srv7 postfix/smtpd[4053032]: warning: unknown[212.56.49.111]: SASL CRAM-MD5 authenti ... show more Mar 28 06:48:00 srv7 postfix/smtpd[4053032]: warning: unknown[212.56.49.111]: SASL CRAM-MD5 authentication failed: authentication failure, [email protected] Mar 28 06:48:00 srv7 postfix/smtpd[4053032]: warning: unknown[212.56.49.111]: SASL PLAIN authentication failed: authentication failure, [email protected] Mar 28 06:48:00 srv7 postfix/smtpd[4053032]: warning: unknown[212.56.49.111]: SASL LOGIN authentication failed: authentication failure, [email protected] Mar 28 06:48:12 srv7 postfix/smtpd[4053028]: warning: unknown[212.56.49.111]: SASL CRAM-MD5 authentication failed: authentication failure, [email protected] Mar 28 06:48:12 srv7 postfix/smtpd[4053028]: warning: unknown[212.56.49.111]: SASL PLAIN authentication failed: authentication failure, [email protected] ... show less	Hacking Brute-Force
Anonymous	2026-03-28 05:15:46 (2 months ago)	2026-03-28T06:15:36.639387+01:00 gollum postfix/submission/smtpd[3191797]: lost connection after CON ... show more 2026-03-28T06:15:36.639387+01:00 gollum postfix/submission/smtpd[3191797]: lost connection after CONNECT from unknown[212.56.49.111] 2026-03-28T06:15:39.345309+01:00 gollum postfix/submission/smtpd[3191799]: warning: unknown[212.56.49.111]: SASL PLAIN authentication failed: (reason unavailable), [email protected] 2026-03-28T06:15:45.043836+01:00 gollum postfix/submission/smtpd[3191799]: warning: unknown[212.56.49.111]: SASL LOGIN authentication failed: (reason unavailable), [email protected] ... show less	DDoS Attack Brute-Force
🇹🇷 rtbh.com.tr	2026-03-27 20:12:18 (2 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force

Showing 1 to 15 of 62 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 43.130.131.18

🇭🇰 23.141.12.180

🇳🇱 213.177.179.80

🇬🇧 195.206.182.206

🇬🇧 193.163.125.234

🇳🇬 165.154.176.251

🇮🇳 103.133.64.121

🇱🇹 81.30.98.49

🇺🇸 64.62.156.206

🇮🇩 49.0.24.107

🇨🇳 2409:876c:2b34::59

🇰🇷 211.178.165.251

🇨🇳 112.82.200.126

🇨🇳 111.26.63.85

🇧🇩 103.179.198.19

🇺🇸 20.118.209.103

🇨🇳 222.185.255.227

🇩🇪 217.160.11.17

🇧🇪 194.32.155.113

🇧🇷 186.248.197.77