JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.49.34

212.56.49.34 was found in our database!

This IP was reported 172 times. Confidence of Abuse is 1%: ?

ISP	VPN Consumer Montreal, Canada
Usage Type	Fixed Line ISP
ASN	AS3257
Domain Name	vpnconsumer.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.49.34

Whois 212.56.49.34

IP Abuse Reports for 212.56.49.34:

This IP address has been reported a total of 172 times from 98 distinct sources. 212.56.49.34 was first reported on August 14th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 bitblockit	2026-05-28 23:00:32 (3 weeks ago)	Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: P0f. Decoy ... show more Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: P0f. Decoy listen port: 52371/tcp. Observed event time: 2026-05-28 23:00:32 UTC. Report from passive honeypot only; no payload or credentials included. show less	Port Scan
🇺🇸 bitblockit	2026-05-23 07:21:00 (1 month ago)	Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. D ... show more Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. Decoy listen port: 52371/tcp. Observed event time: 2026-05-23 07:21:00 UTC. Report from passive honeypot only; no payload or credentials included. show less	Port Scan
🇺🇸 bitblockit	2026-05-23 07:19:57 (1 month ago)	Unsolicited malicious or automated access attempt observed on a honeypot sensor. Honeypot decoy type ... show more Unsolicited malicious or automated access attempt observed on a honeypot sensor. Honeypot decoy type: Honeytrap. Decoy listen port: 52371/tcp. Observed event time: 2026-05-23 07:19:57 UTC. Report from passive honeypot only; no payload or credentials included. show less	Hacking
🇮🇩 aaKenshin	2026-04-21 10:52:23 (2 months ago)	Suspicious activity detected from IP 212.56.49.34 based on mailserver logs. Sample logs: 2026-04-21 ... show more Suspicious activity detected from IP 212.56.49.34 based on mailserver logs. Sample logs: 2026-04-21 18:52:17,798 INFO [qtp1106043431-120068] [name=*@.id;ip=172.16.0.182;oip=212.56.49.34;oport=1543;oproto=smtp;port=33306;soapId=10c16c8a;] soap - AuthRequest elapsed=2 2026-04-21 18:52:17,833 INFO [qtp1106043431-120153] [name=*@.id;ip=172.16.0.182;oip=212.56.49.34;oport=59862;oproto=smtp;port=33316;soapId=10c16c8b;] SoapEngine - handler exception: authentication failed for [], LDAP error: - unable to ldap authenticate: invalid credentials 2026-04-21 18:52:17,833 INFO [qtp1106043431-120153] [name=@.id;ip=172.16.0.182;oip=212.56.49.34;oport=59862;oproto=smtp;port=33316;soapId=10c16c8b;] soap - AuthRequest elapsed=1 2026-04-21 18:52:17,848 INFO [qtp1106043431-120087] [name=@.id;ip=172.16.0.182;oip=212.56.49.34;oport=12684;oproto=smtp;port=33330;soapId=10c16c8c;] SoapEngine - handler exception: authentication failed for [**], LDAP error: - unable to ldap authenticate: invali show less	Brute-Force
Anonymous	2026-04-21 10:30:14 (2 months ago)	Authentication failure	Brute-Force
🇳🇱 Mangelot Hosting	2026-04-21 09:33:48 (2 months ago)	(smtpauth) Failed SMTP AUTH login from 212.56.49.34 (CA/Canada/-): 5 in the last 3600 secs; Ports: * ... show more (smtpauth) Failed SMTP AUTH login from 212.56.49.34 (CA/Canada/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: show less	Brute-Force
🇨🇦 zXero	2026-04-19 08:04:10 (2 months ago)	Fail2Ban automatic report - jail: dovecot-iptables	Brute-Force SSH DDoS Attack
🇬🇧 chrisw	2026-04-12 08:27:27 (2 months ago)	Apr 12 09:27:18 l03 postfix/smtpd[27522]: warning: unknown[212.56.49.34]: SASL PLAIN authentication ... show more Apr 12 09:27:18 l03 postfix/smtpd[27522]: warning: unknown[212.56.49.34]: SASL PLAIN authentication failed: authentication failure Apr 12 09:27:20 l03 postfix/smtpd[27522]: warning: unknown[212.56.49.34]: SASL LOGIN authentication failed: authentication failure Apr 12 09:27:23 l03 postfix/smtps/smtpd[27493]: warning: unknown[212.56.49.34]: SASL PLAIN authentication failed: authentication failure Apr 12 09:27:26 l03 postfix/smtps/smtpd[27493]: warning: unknown[212.56.49.34]: SASL LOGIN authentication failed: authentication failure ... show less	Web Spam Brute-Force Exploited Host
🇫🇷 SpaceHost-Server	2026-03-28 23:43:00 (2 months ago)		Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2026-03-27 20:12:18 (2 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇧🇷 hostseries	2026-03-27 18:34:36 (2 months ago)	Trigger: LF_SMTPAUTH	Brute-Force
🇧🇷 SvrAdmin	2026-03-27 17:31:35 (2 months ago)	[101] (smtpauth) Failed SMTP AUTH login from 212.56.49.34 (CA/Canada/-): 5 in the last 3600 secs; Po ... show more [101] (smtpauth) Failed SMTP AUTH login from 212.56.49.34 (CA/Canada/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2026-03-27 14:31:00 dovecot_plain authenticator failed for H=([10.25.18.182]) [212.56.49.34]:42487: 535 Incorrect authentication data ([email protected]) 2026-03-27 14:31:07 dovecot_login authenticator failed for H=([10.25.18.182]) [212.56.49.34]:42487: 535 Incorrect authentication data ([email protected]) 2026-03-27 14:31:14 dovecot_plain authenticator failed for H=([10.25.18.182]) [212.56.49.34]:25419: 535 Incorrect authentication data ([email protected]) 2026-03-27 14:31:16 dovecot_login authenticator failed for H=([10.25.18.182]) [212.56.49.34]:25419: 535 Incorrect authentication data ([email protected]) 2026-03-27 14:31:31 dovecot_plain authenticator failed for H=([10.25.18.182]) [212.56.49.34]:7989: 535 Incorrect authentication data ([email protected]) show less	Port Scan Hacking Brute-Force Exploited Host
🇫🇷 SpaceHost-Server	2026-03-26 23:46:57 (2 months ago)		Brute-Force Web App Attack
Anonymous	2026-03-24 05:17:43 (3 months ago)	Authentication failure	Brute-Force
🇧🇷 SvrAdmin	2026-03-24 04:04:23 (3 months ago)	[101] (smtpauth) Failed SMTP AUTH login from 212.56.49.34 (CA/Canada/-): 5 in the last 3600 secs; Po ... show more [101] (smtpauth) Failed SMTP AUTH login from 212.56.49.34 (CA/Canada/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2026-03-24 01:03:46 dovecot_plain authenticator failed for H=([10.25.18.121]) [212.56.49.34]:16343: 535 Incorrect authentication data ([email protected]) 2026-03-24 01:03:52 dovecot_login authenticator failed for H=([10.25.18.121]) [212.56.49.34]:16343: 535 Incorrect authentication data ([email protected]) 2026-03-24 01:04:00 dovecot_plain authenticator failed for H=([10.25.18.121]) [212.56.49.34]:47169: 535 Incorrect authentication data ([email protected]) 2026-03-24 01:04:02 dovecot_login authenticator failed for H=([10.25.18.121]) [212.56.49.34]:47169: 535 Incorrect authentication data ([email protected]) 2026-03-24 01:04:16 dovecot_plain authenticator failed for H=([10.25.18.121]) [212.56.49.34]:46067: 535 Incorrect authentication data ([email protected]) show less	Port Scan Hacking Brute-Force Exploited Host

Showing 1 to 15 of 172 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇾 81.30.98.142

🇮🇹 78.211.83.110

🇺🇸 34.222.188.102

🇪🇨 201.182.79.7

🇺🇸 195.184.76.150

🇺🇾 186.55.132.33

🇵🇪 154.201.0.66

🇺🇸 104.21.82.73

🇵🇰 103.191.123.131

🇻🇳 103.63.108.25

🇮🇹 94.163.31.193

🇺🇸 13.90.206.6

🇨🇳 222.174.184.86

🇬🇧 195.96.139.242

🇺🇾 167.61.9.150

🇺🇸 107.175.156.160

🇮🇳 92.4.76.12

🇫🇷 91.196.152.122

🇺🇸 72.241.54.202

🇺🇸 65.49.1.95