JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.30.36.78

212.30.36.78 was found in our database!

This IP was reported 352 times. Confidence of Abuse is 90%: ?

90%

ISP	M Nets SAL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	mnets.net
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.30.36.78

Whois 212.30.36.78

IP Abuse Reports for 212.30.36.78:

This IP address has been reported a total of 352 times from 140 distinct sources. 212.30.36.78 was first reported on April 27th 2022, and the most recent report was 23 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2025-12-03 05:44:54 (6 months ago)	Multiple WAF Violations	Web App Attack
Anonymous	2025-12-03 03:37:54 (6 months ago)	wordpress-trap	Web App Attack
🇫🇷 dynamix	2025-11-24 16:20:00 (6 months ago)	Multiple WAF Violations	Web App Attack
🇫🇷 uhlhosting	2025-11-18 04:53:28 (6 months ago)	dubfromtheground.com 212.30.36.78 - - [18/Nov/2025:05:53:19.466817 +0100] "GET /wp-includes/customiz ... show more dubfromtheground.com 212.30.36.78 - - [18/Nov/2025:05:53:19.466817 +0100] "GET /wp-includes/customize/index.php HTTP/1.1" 403 199 "-" "-" aRv7v0pfWSfCAHOiTh9vIwAAAMU "-" /apache/20251118/20251118-0553/20251118-055319-aRv7v0pfWSfCAHOiTh9vIwAAAMU 0 1107 md5:eeb8f86131334c7273cf2a272f70e7c6 dubfromtheground.com 212.30.36.78 - - [18/Nov/2025:05:53:20.547751 +0100] "GET /wp-includes/themes.php HTTP/1.1" 403 199 "-" "-" aRv7wEpfWSfCAHOiTh9vJwAAAM4 "-" /apache/20251118/20251118-0553/20251118-055320-aRv7wEpfWSfCAHOiTh9vJwAAAM4 0 1088 md5:d8a3bcf5858dc913a9b384ab59a20ae6 dubfromtheground.com 212.30.36.78 - - [18/Nov/2025:05:53:23.802854 +0100] "GET /wp-includes/wp-includes_function.php HTTP/1.1" 403 199 "-" "-" aRv7w0pfWSfCAHOiTh9vMAAAAMA "-" /apache/20251118/20251118-0553/20251118-055323-aRv7w0pfWSfCAHOiTh9vMAAAAMA 0 1075 md5:9b448bf1808465ab2f62891ffc651ef4 dubfromtheground.com 212.30.36.78 - - [18/Nov/2025:05:53:25.336246 +0100] "GET /wp-includes/images/about.php HTTP/1.1" 403 199 "-" "-" ... show less	DDoS Attack Brute-Force
🇫🇷 dynamix	2025-11-18 04:41:52 (6 months ago)	Multiple WAF Violations	Web App Attack
🇦🇺 AWW-Admin	2025-11-18 00:25:25 (6 months ago)	(wordpress) Failed wordpress login from 212.30.36.78 (DE/Germany/-)	Brute-Force
🇲🇾 Rizzy	2025-11-17 23:23:22 (6 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇱🇻 garmtech.com	2025-11-17 14:23:03 (6 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 16-23.212.30.36.78.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 16-23.212.30.36.78.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-01 10:51:11 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 212.30.36.78 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.36.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 01 06:51:05.978153 2025] [security2:error] [pid 16972:tid 16972] [client 212.30.36.78:62781] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.bobbyunser.com"] [uri "/.env"] [unique_id "aQXmGY1Z6Sfo_TvTKnRxOQAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-10-19 03:39:22 (7 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 06-39.212.30.36.78.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 06-39.212.30.36.78.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2025-10-08 19:38:01 (7 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 22-38.212.30.36.78.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 22-38.212.30.36.78.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-09-30 00:13:03 (8 months ago)	(mod_security) mod_security (id:210831) triggered by 212.30.36.78 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 212.30.36.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 29 20:12:56.511973 2025] [security2:error] [pid 795:tid 795] [client 212.30.36.78:21425] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|backstore.com\|F\|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "backstore.com"] [uri "/webalizer/usage_201711.html"] [unique_id "aNsgiP1qMQTUxplcHM87KwAAAAY"], referer: http://backstore.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2025-09-29 11:09:37 (8 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 Penny Packer	2025-09-18 03:24:14 (8 months ago)	Fail2Ban apache-tripwires	Web App Attack
Anonymous	2025-09-16 14:43:03 (8 months ago)	sql injection	Web App Attack

Showing 121 to 135 of 352 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇦 193.176.251.229

🇵🇦 190.32.246.14

🇨🇦 142.163.18.204

🇬🇧 139.28.176.134

🇸🇬 129.226.84.150

🇹🇭 124.109.2.211

🇳🇱 68.183.14.55

🇮🇪 54.216.191.223

🇱🇹 45.227.254.170

🇳🇱 45.153.34.43

🇳🇱 45.148.10.147

🇨🇳 1.28.54.212

🇧🇪 198.235.24.215

🇵🇪 190.223.60.209

🇺🇸 185.149.26.71

🇳🇱 136.144.199.172

🇨🇳 113.83.195.236

🇺🇸 45.79.110.218

🇬🇧 35.203.210.185

🇺🇸 32.199.250.96