JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.30.36.56

212.30.36.56 was found in our database!

This IP was reported 383 times. Confidence of Abuse is 93%: ?

93%

ISP	M Nets SAL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	mnets.net
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.30.36.56

Whois 212.30.36.56

IP Abuse Reports for 212.30.36.56:

This IP address has been reported a total of 383 times from 144 distinct sources. 212.30.36.56 was first reported on March 21st 2022, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-10-24 16:10:36 (7 months ago)	Excessive crawling/scraping	Hacking Brute-Force
🇱🇻 garmtech.com	2025-10-19 03:39:12 (7 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 06-39.212.30.36.56.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 06-39.212.30.36.56.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 Penny Packer	2025-10-11 18:35:28 (7 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇱🇻 garmtech.com	2025-10-08 23:55:16 (7 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 02-55.212.30.36.56.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 02-55.212.30.36.56.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2025-10-08 20:08:50 (7 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-08.212.30.36.56.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-08.212.30.36.56.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇵🇱 sefinek.net	2025-10-07 08:22:58 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-10-07 07:51:49 (7 months ago)	CADANECOM WEBFORM SPAM 212.30.36.56 (212.30.36.56)	Web Spam
🇩🇪 Admins@FBN	2025-10-01 11:46:38 (8 months ago)	Threat Host blocked...	Web Spam Email Spam Hacking
🇱🇻 garmtech.com	2025-09-28 22:09:40 (8 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-09.212.30.36.56.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-09.212.30.36.56.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇵🇱 sefinek.net	2025-09-23 22:03:54 (8 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-09-16 19:21:01 (8 months ago)	sql injection	Web App Attack
🇺🇸 myagent.site	2025-09-16 17:27:44 (8 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-09-14 18:43:09 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 212.30.36.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.36.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 14:43:05.034755 2025] [security2:error] [pid 16406:tid 16406] [client 212.30.36.56:29469] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jsbarber.com"] [uri "/.env"] [unique_id "aMcMuTNYjWITQ-6Oa6z9jAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-14 18:22:13 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 212.30.36.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.36.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 14:22:09.762799 2025] [security2:error] [pid 8159:tid 8159] [client 212.30.36.56:30535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "greenmountainfeeds.com"] [uri "/.env"] [unique_id "aMcH0TYJFZogjO50hFf3egAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-06 19:38:14 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 212.30.36.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 15:38:06.890911 2025] [security2:error] [pid 7811:tid 7811] [client 212.30.36.56:22185] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|medicalexchangeasinc.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "medicalexchangeasinc.com"] [uri "/old/www.sql"] [unique_id "aLyNniOeG41E74X3eJcb7gAAACU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 136 to 150 of 383 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 110.36.86.83

🇹🇼 198.235.24.103

🇬🇧 193.163.125.157

🇸🇬 134.185.85.99

🇰🇷 118.45.63.114

🇸🇬 94.231.206.1

🇸🇬 47.237.167.49

🇷🇺 46.161.50.109

🇳🇱 45.198.224.5

🇭🇰 45.142.154.10

🇺🇸 212.85.28.210

🇷🇼 197.243.14.52

🇪🇬 196.148.37.229

🇲🇽 186.96.145.241

🇺🇸 172.239.62.109

🇯🇵 156.227.233.245

🇮🇳 106.198.1.211

🇫🇷 91.231.89.199

🇳🇱 45.148.10.151

🇺🇸 216.180.246.29