JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.30.36.100

212.30.36.100 was found in our database!

This IP was reported 318 times. Confidence of Abuse is 100%: ?

100%

ISP	M Nets SAL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	mnets.net
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.30.36.100

Whois 212.30.36.100

IP Abuse Reports for 212.30.36.100:

This IP address has been reported a total of 318 times from 146 distinct sources. 212.30.36.100 was first reported on February 24th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-02-05 05:02:43 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-04 20:26:04 (3 months ago)	(mod_security) mod_security (id:240000) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240000) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 04 15:25:56.387805 2026] [security2:error] [pid 5844:tid 5844] [client 212.30.36.100:31947] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|www.myhomeflyer.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.myhomeflyer.com"] [uri "/images/stories/themes.php"] [unique_id "aYOrVA-o9rTf1Fwi_nWCPAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-03 23:43:16 (4 months ago)	(mod_security) mod_security (id:240000) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240000) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 03 18:43:08.707046 2026] [security2:error] [pid 6766:tid 6766] [client 212.30.36.100:54689] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|www.thewaywework.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.thewaywework.com"] [uri "/images/stories/themes.php"] [unique_id "aYKIDJ67hMmkcTPdmxSt3gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-01 18:05:02 (4 months ago)	Too many Status 40X (12)	Brute-Force Web App Attack
🇫🇷 dynamix	2026-01-31 20:36:31 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-01-19 11:40:51 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 19 06:40:46.925677 2026] [security2:error] [pid 32193:tid 32193] [client 212.30.36.100:53823] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|microbooty.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "microbooty.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aW4YPsn7BsbAijLPASb7fgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-19 08:49:22 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 19 03:49:16.188774 2026] [security2:error] [pid 31525:tid 31525] [client 212.30.36.100:62119] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|seshetmusic.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "seshetmusic.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aW3wDIUHX2MDX7znyvl4SQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-19 08:04:17 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 19 03:04:10.528476 2026] [security2:error] [pid 11139:tid 11139] [client 212.30.36.100:32183] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bencramer.net\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bencramer.net"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aW3leltA_qNWgdasqEZvmQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Tripwire	2026-01-19 07:00:00 (4 months ago)	Scanning for exploits - /vendor/phpunit/phpunit/phpunit.xsd	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-01-19 06:25:13 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 19 01:25:04.538025 2026] [security2:error] [pid 30738:tid 30738] [client 212.30.36.100:30969] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|lipingdata.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lipingdata.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aW3OQBIWiJaxNbHETeRCAAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-19 05:19:13 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 19 00:19:09.145903 2026] [security2:error] [pid 5982:tid 5982] [client 212.30.36.100:50495] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.blacksheepoffroad.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.blacksheepoffroad.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aW2-zXPBJL-y85y7en3pqgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-01-15 18:20:06 (4 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 20-20.212.30.36.100.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 20-20.212.30.36.100.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 03:31:17 (5 months ago)	(mod_security) mod_security (id:240000) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240000) triggered by 212.30.36.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 22:31:09.820045 2025] [security2:error] [pid 916630:tid 916654] [client 212.30.36.100:64837] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|hotelpuertadelsolcr.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "hotelpuertadelsolcr.com"] [uri "/images/stories/themes.php"] [unique_id "aVCkferH8mb2Ivufr0r_OwAAAFI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2025-12-28 00:55:15 (5 months ago)	Multiple WAF Violations	Web App Attack
🇳🇿 Antinson	2025-12-27 10:35:53 (5 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot

Showing 61 to 75 of 318 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 221.120.73.24

🇦🇿 212.47.130.86

🇺🇸 208.84.100.197

🇮🇳 182.78.73.94

🇸🇬 114.119.159.20

🇨🇦 4.206.92.183

🇲🇽 189.217.130.86

🇧🇷 187.62.87.27

🇮🇳 182.95.233.154

🇧🇷 177.200.36.45

🇮🇳 152.52.196.18

🇮🇹 151.0.154.194

🇰🇷 119.196.213.196

🇹🇼 111.70.27.30

🇮🇳 103.240.234.125

🇫🇷 91.196.152.240

🇸🇬 47.84.160.141

🇩🇪 46.224.226.71

🇳🇱 45.148.10.157

🇨🇳 14.103.117.86