JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.56.49.20

212.56.49.20 was found in our database!

This IP was reported 65 times. Confidence of Abuse is 22%: ?

22%

ISP	VPN Consumer Montreal, Canada
Usage Type	Fixed Line ISP
ASN	AS3257
Domain Name	vpnconsumer.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.56.49.20

Whois 212.56.49.20

IP Abuse Reports for 212.56.49.20:

This IP address has been reported a total of 65 times from 35 distinct sources. 212.56.49.20 was first reported on July 31st 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 bigscoots.com	2026-04-23 21:56:00 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 212.56.49.20 (CA/Canada/-): 5 in the last 3600 secs; Ports: 2 ... show more (smtpauth) Failed SMTP AUTH login from 212.56.49.20 (CA/Canada/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-04-23 17:55:42 dovecot_plain authenticator failed for H=([10.11.157.139]) [212.56.49.20]:30764: 535 Incorrect authentication data ([email protected]) 2026-04-23 17:55:47 dovecot_plain authenticator failed for H=([10.11.157.139]) [212.56.49.20]:20394: 535 Incorrect authentication data ([email protected]) 2026-04-23 17:55:48 dovecot_login authenticator failed for H=([10.11.157.139]) [212.56.49.20]:30764: 535 Incorrect authentication data ([email protected]) 2026-04-23 17:55:53 dovecot_login authenticator failed for H=([10.11.157.139]) [212.56.49.20]:20394: 535 Incorrect authentication data ([email protected]) 2026-04-23 17:55:55 dovecot_plain authenticator failed for H=([10.11.157.139]) [212.56.49.20]:13361: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇮🇩 aaKenshin	2026-04-23 20:42:51 (1 month ago)	Suspicious activity detected from IP 212.56.49.20 based on mailserver logs. Sample logs: 2026-04-24 ... show more Suspicious activity detected from IP 212.56.49.20 based on mailserver logs. Sample logs: 2026-04-24 04:42:43,654 INFO [qtp1106043431-125777] [ip=172.16.0.182;oip=212.56.49.20;oport=59044;oproto=smtp;port=53162;soapId=10c172e8;] account - Error occurred during authentication: authentication failed for []. Reason: account not found. 2026-04-24 04:42:43,654 INFO [qtp1106043431-125777] [ip=172.16.0.182;oip=212.56.49.20;oport=59044;oproto=smtp;port=53162;soapId=10c172e8;] SoapEngine - handler exception: authentication failed for [], account not found 2026-04-24 04:42:43,654 INFO [qtp1106043431-125777] [ip=172.16.0.182;oip=212.56.49.20;oport=59044;oproto=smtp;port=53162;soapId=10c172e8;] soap - AuthRequest elapsed=0 2026-04-24 04:42:43,736 INFO [qtp1106043431-125777] [] misc - Access from IP 212.56.49.20 suspended, for repeated failed login. 2026-04-24 04:42:44,215 INFO [qtp1106043431-125954] [] misc - Access from IP 212.56.49.20 suspended, for repeated failed login. Reported automa show less	Brute-Force
🇫🇷 UM3	2026-04-23 20:42:02 (1 month ago)	Exim Auth Failed	Brute-Force
🇺🇸 bigscoots.com	2026-04-23 19:56:33 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 212.56.49.20 (CA/Canada/-): 5 in the last 3600 secs; Ports: 2 ... show more (smtpauth) Failed SMTP AUTH login from 212.56.49.20 (CA/Canada/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-04-23 15:56:16 dovecot_plain authenticator failed for H=([10.11.157.139]) [212.56.49.20]:38092: 535 Incorrect authentication data ([email protected]) 2026-04-23 15:56:21 dovecot_plain authenticator failed for H=([10.11.157.139]) [212.56.49.20]:33787: 535 Incorrect authentication data ([email protected]) 2026-04-23 15:56:22 dovecot_login authenticator failed for H=([10.11.157.139]) [212.56.49.20]:38092: 535 Incorrect authentication data ([email protected]) 2026-04-23 15:56:27 dovecot_login authenticator failed for H=([10.11.157.139]) [212.56.49.20]:33787: 535 Incorrect authentication data ([email protected]) 2026-04-23 15:56:29 dovecot_plain authenticator failed for H=([10.11.157.139]) [212.56.49.20]:15005: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇨🇿 Countryman	2026-04-23 19:02:33 (1 month ago)	2026-04-23T21:01:08.567812 orbis.img.cas.cz dovecot[1417]: auth: ldap(sladkova,212.56.49.20): Passwo ... show more 2026-04-23T21:01:08.567812 orbis.img.cas.cz dovecot[1417]: auth: ldap(sladkova,212.56.49.20): Password mismatch (for LDAP bind) 2026-04-23T21:01:14.865985 orbis.img.cas.cz dovecot[1417]: auth: ldap(sladkova,212.56.49.20): Password mismatch (for LDAP bind) 2026-04-23T21:01:22.093707 orbis.img.cas.cz dovecot[1417]: auth: ldap(sladkova,212.56.49.20): Password mismatch (for LDAP bind) 2026-04-23T21:01:24.295078 orbis.img.cas.cz dovecot[1417]: auth: ldap(sladkova,212.56.49.20): Password mismatch (for LDAP bind) 2026-04-23T21:02:19.794726 orbis.img.cas.cz dovecot[1417]: auth: ldap(sladkova,212.56.49.20): Password mismatch (for LDAP bind) 2026-04-23T21:02:25.535312 orbis.img.cas.cz dovecot[1417]: auth: ldap(sladkova,212.56.49.20): Password mismatch (for LDAP bind) 2026-04-23T21:02:33.220000 orbis.img.cas.cz dovecot[1417]: auth: ldap(sladkova,212.56.49.20): Password mismatch (for LDAP bind) ... show less	Brute-Force
🇩🇪 rh24	2026-04-23 17:18:14 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 212.56.49.20 (CA/Canada/-)	Brute-Force
🇩🇪 Hazzard	2026-04-23 17:06:53 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 212.56.49.20 (CA/Canada/Quebec/Montreal/-/[redacted])	Brute-Force
🇳🇱 WeCloudit-Anti-Abuse	2026-04-22 02:57:06 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 212.56.49.20 (CA/Canada/-): 15 in the last 200 secs; Ports: * ... show more (smtpauth) Failed SMTP AUTH login from 212.56.49.20 (CA/Canada/-): 15 in the last 200 secs; Ports: *; Direction: 0; Trigger: LF_SMTPAUTH - server02 show less	Brute-Force SSH
🇨🇿 lp	2026-04-22 01:50:10 (1 month ago)	Email account brute force: 6 attempts were recorded from 212.56.49.20 2026-04-22T02:09:43+02:00 warn ... show more Email account brute force: 6 attempts were recorded from 212.56.49.20 2026-04-22T02:09:43+02:00 warning: unknown[212.56.49.20]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-04-22T02:09:43+02:00 warning: unknown[212.56.49.20]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-04-22T02:09:44+02:00 warning: unknown[212.56.49.20]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-04-22T02:09:44+02:00 warning: unknown[212.56.49.20]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-04-22T02:09:54+02:00 warning: unknown[212.56.49.20]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-04-22T02:09:54+02:00 warning: unknown[212.56.49.20]: SASL LOGIN authentication failed: authenticatio show less	Brute-Force
Anonymous	2026-04-15 16:30:34 (1 month ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
Anonymous	2026-04-15 08:02:59 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 212.56.49.20 (CA/Canada/Quebec/Montreal/-/[redacted])	Brute-Force
Anonymous	2026-04-07 01:25:45 (2 months ago)	2026-04-07T03:25:29.509413+02:00 ns.almogavers.net auth[1605876]: pam_unix(dovecot:auth): authentica ... show more 2026-04-07T03:25:29.509413+02:00 ns.almogavers.net auth[1605876]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=webmaster rhost=212.56.49.20 2026-04-07T03:25:37.946153+02:00 ns.almogavers.net auth[1605876]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=webmaster rhost=212.56.49.20 ... show less	Web Spam Email Spam Port Scan Brute-Force
🇬🇧 consul.to	2026-04-03 14:28:11 (2 months ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 SpaceHost-Server	2026-03-28 23:43:00 (2 months ago)		Brute-Force Web App Attack
🇳🇱 e.fierstra	2026-03-28 01:59:07 (2 months ago)	Failed SMTP logins	Brute-Force

Showing 1 to 15 of 65 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 194.88.98.100

🇩🇪 8.211.45.218

🇷🇴 2.57.122.177

🇮🇹 213.137.60.238

🇺🇸 162.216.149.16

🇮🇳 159.89.172.177

🇺🇸 104.243.42.167

🇺🇸 64.227.14.170

🇱🇹 62.60.130.31

🇸🇬 47.82.13.193

🇩🇪 167.94.146.33

🇨🇳 122.224.227.102

🇺🇸 76.127.61.251

🇰🇷 20.214.145.16

🇳🇱 185.136.15.11

🇨🇳 124.234.157.18

🇩🇪 116.203.164.1

🇭🇰 47.86.11.158

🇬🇧 45.43.166.21

🇳🇱 34.13.156.222