JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.49.69

212.56.49.69 was found in our database!

This IP was reported 85 times. Confidence of Abuse is 14%: ?

14%

ISP	VPN Consumer Montreal, Canada
Usage Type	Fixed Line ISP
ASN	AS3257
Domain Name	vpnconsumer.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.49.69

Whois 212.56.49.69

IP Abuse Reports for 212.56.49.69:

This IP address has been reported a total of 85 times from 48 distinct sources. 212.56.49.69 was first reported on July 9th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-05-08 12:29:52 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇱🇻 garmtech.com	2026-04-25 09:27:49 (1 month ago)	Multiple SASL authentication failures.	Brute-Force
🇧🇷 hostseries	2026-04-16 23:03:59 (1 month ago)	Trigger: LF_SMTPAUTH	Brute-Force
🇮🇩 aaKenshin	2026-04-16 22:46:48 (1 month ago)	Suspicious activity detected from IP 212.56.49.69 based on mailserver logs. Sample logs: 2026-04-17 ... show more Suspicious activity detected from IP 212.56.49.69 based on mailserver logs. Sample logs: 2026-04-17 06:46:42,107 INFO [qtp1106043431-107328] [name=*@.id;ip=172.16.0.182;oip=212.56.49.69;oport=61837;oproto=smtp;port=33856;soapId=10c16138;] soap - AuthRequest elapsed=2 2026-04-17 06:46:42,395 INFO [qtp1106043431-107316] [name=*@.id;ip=172.16.0.182;oip=212.56.49.69;oport=63937;oproto=smtp;port=33864;soapId=10c16139;] SoapEngine - handler exception: authentication failed for [], LDAP error: - unable to ldap authenticate: invalid credentials 2026-04-17 06:46:42,395 INFO [qtp1106043431-107316] [name=@.id;ip=172.16.0.182;oip=212.56.49.69;oport=63937;oproto=smtp;port=33864;soapId=10c16139;] soap - AuthRequest elapsed=2 2026-04-17 06:46:42,763 INFO [qtp1106043431-107327] [name=@.id;ip=172.16.0.182;oip=212.56.49.69;oport=32237;oproto=smtp;port=33876;soapId=10c1613a;] SoapEngine - handler exception: authentication failed for [**], LDAP error: - unable to ldap authenticate: inval show less	Brute-Force
🇫🇷 basing	2026-04-16 02:52:47 (2 months ago)	2026-04-16 03:52:47 pzb SASL PLAIN auth failed: rhost=212.56.49.69...	Brute-Force
🇹🇭 thaizone.com	2026-04-16 02:44:44 (2 months ago)	Mail credential brute-force attack (SM6) #1	Email Spam Brute-Force
Anonymous	2026-04-11 01:36:02 (2 months ago)	2026-04-10T18:35:51.340318-07:00 gremlin auth: pam_unix(dovecot:auth): authentication failure; logna ... show more 2026-04-10T18:35:51.340318-07:00 gremlin auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=kirak7 rhost=212.56.49.69 2026-04-10T18:36:01.926102-07:00 gremlin auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=kirak7 rhost=212.56.49.69 ... show less	Brute-Force SSH
🇩🇪 filstal.org	2026-04-02 22:14:55 (2 months ago)	CrowdSec-Report: crowdsecurity/postfix-spam	Email Spam Brute-Force
🇺🇸 ras07	2026-03-13 21:10:30 (3 months ago)	Brute force SMTP/IMAP login attempts.	Brute-Force
🇫🇷 Dampen59	2026-03-08 16:14:30 (3 months ago)	(smtpauth) Failed SMTP AUTH login from 212.56.49.69 (CA/Canada/-): 5 in the last 3600 secs; Ports: * ... show more (smtpauth) Failed SMTP AUTH login from 212.56.49.69 (CA/Canada/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2026-03-08 17:14:00 dovecot_plain authenticator failed for H=([10.30.18.142]) [212.56.49.69]:8163: 535 Incorrect authentication data ([email protected]) 2026-03-08 17:14:06 dovecot_login authenticator failed for H=([10.30.18.142]) [212.56.49.69]:8163: 535 Incorrect authentication data ([email protected]) 2026-03-08 17:14:13 dovecot_plain authenticator failed for H=([10.30.18.142]) [212.56.49.69]:13611: 535 Incorrect authentication data ([email protected]) 2026-03-08 17:14:15 dovecot_login authenticator failed for H=([10.30.18.142]) [212.56.49.69]:13611: 535 Incorrect authentication data ([email protected]) 2026-03-08 17:14:27 dovecot_plain authenticator failed for H=([10.30.18.142]) [212.56.49.69]:47350: 535 Incorrect authentication data ([email protected]) show less	Port Scan
Anonymous	2026-03-03 12:08:50 (3 months ago)	Authentication failure	Brute-Force
🇹🇷 rtbh.com.tr	2026-03-01 20:11:49 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇹🇷 rtbh.com.tr	2026-02-28 20:11:48 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 Ghost Rider	2026-02-28 02:25:06 (3 months ago)	RdpGuard detected brute-force attempt on SMTP	Brute-Force
🇫🇷 SpaceHost-Server	2026-02-24 12:30:55 (3 months ago)	Feb 24 13:30:54 pegasus postfix/smtpd[1059866]: warning: unknown[212.56.49.69]: SASL CRAM-MD5 authen ... show more Feb 24 13:30:54 pegasus postfix/smtpd[1059866]: warning: unknown[212.56.49.69]: SASL CRAM-MD5 authentication failed: authentication failure, [email protected] Feb 24 13:30:54 pegasus postfix/smtpd[1059866]: warning: unknown[212.56.49.69]: SASL PLAIN authentication failed: authentication failure, [email protected] Feb 24 13:30:54 pegasus postfix/smtpd[1059866]: warning: unknown[212.56.49.69]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Hacking Brute-Force

Showing 1 to 15 of 85 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 34.136.2.96

🇧🇪 34.53.162.228

🇺🇸 23.245.137.4

🇹🇼 198.235.24.46

🇰🇷 183.103.201.58

🇭🇰 165.154.41.6

🇺🇸 147.185.132.152

🇨🇳 139.9.191.197

🇺🇸 136.115.122.249

🇮🇳 103.54.101.248

🇺🇸 66.132.224.25

🇮🇩 34.101.220.221

🇫🇷 31.36.163.95

🇷🇴 2.57.122.177

🇺🇸 2a13:dcc7:8d16:f66:d676:840e:d3c4:484

🇺🇸 148.153.139.126

🇺🇸 91.230.168.237

🇵🇱 79.137.71.56

🇺🇸 66.132.186.128

🇳🇱 45.148.10.15