JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.30.36.97

212.30.36.97 was found in our database!

This IP was reported 387 times. Confidence of Abuse is 100%: ?

100%

ISP	M Nets SAL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	mnets.net
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.30.36.97

Whois 212.30.36.97

IP Abuse Reports for 212.30.36.97:

This IP address has been reported a total of 387 times from 147 distinct sources. 212.30.36.97 was first reported on March 24th 2022, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2024-04-29 10:09:26 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 212.30.36.97 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.36.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 29 06:09:19.325918 2024] [security2:error] [pid 3050] [client 212.30.36.97:38789] [client 212.30.36.97] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ferrarapanfitness.com"] [uri "/assets/js/wp-config.php"] [unique_id "Zi9xzz37P0B36UjlpaDdqgAAAA0"], referer: http://ferrarapanfitness.com/assets/js/wp-config.php show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 paulshipley.com.au	2024-04-29 03:08:33 (2 years ago)	ccideas.com.au:443 212.30.36.97 - - [29/Apr/2024:13:08:03 +1000] "GET /chosen.php HTTP/1.1" 404 8014 ... show more ccideas.com.au:443 212.30.36.97 - - [29/Apr/2024:13:08:03 +1000] "GET /chosen.php HTTP/1.1" 404 80140 "http://ccideas.com.au/chosen.php" "Go-http-client/1.1" ccideas.com.au:443 212.30.36.97 - - [29/Apr/2024:13:08:07 +1000] "GET /wp-includes/SimplePie/plugins.php HTTP/1.1" 404 76183 "http://ccideas.com.au/wp-includes/SimplePie/plugins.php" "Go-http-client/1.1" ccideas.com.au:443 212.30.36.97 - - [29/Apr/2024:13:08:11 +1000] "GET /cjfuns%20.php HTTP/1.1" 404 76122 "http://ccideas.com.au/cjfuns%20.php" "Go-http-client/1.1" ccideas.com.au:443 212.30.36.97 - - [29/Apr/2024:13:08:14 +1000] "GET /cjfuns.php HTTP/1.1" 404 76098 "http://ccideas.com.au/cjfuns.php" "Go-http-client/1.1" ccideas.com.au:443 212.30.36.97 - - [29/Apr/2024:13:08:17 +1000] "GET /_wel-known/pki-validation/883d551d-7523-4JUdGzvrMFDWrUUwY3toJATSeNwjn54LkCnKBPRzDuhzi5vSepHfUckJNxRL2gjkNrSqtCoRUrEDAgRwsQvVCjZbRyFTLRNyDmT1a1boZV HTTP/1.1" 404 76512 "http://ccideas.com.au/_wel-known/pki-validation/883d551d-7523-4JUdGzvrMFDWrUU ... show less	Web App Attack
🇦🇺 paulshipley.com.au	2024-04-29 01:21:31 (2 years ago)	paulshipley.com.au:443 212.30.36.97 - - [29/Apr/2024:11:21:07 +1000] "GET /sitemap.php HTTP/1.1" 404 ... show more paulshipley.com.au:443 212.30.36.97 - - [29/Apr/2024:11:21:07 +1000] "GET /sitemap.php HTTP/1.1" 404 85861 "http://brettkaye.com.au/sitemap.php" "Go-http-client/1.1" paulshipley.com.au:443 212.30.36.97 - - [29/Apr/2024:11:21:11 +1000] "GET /wp-includes/Xl2023.php HTTP/1.1" 404 82125 "http://brettkaye.com.au/wp-includes/Xl2023.php" "Go-http-client/1.1" paulshipley.com.au:443 212.30.36.97 - - [29/Apr/2024:11:21:13 +1000] "GET /pekok.php HTTP/1.1" 404 82106 "http://brettkaye.com.au/pekok.php" "Go-http-client/1.1" paulshipley.com.au:443 212.30.36.97 - - [29/Apr/2024:11:21:15 +1000] "GET /wp.php HTTP/1.1" 404 82108 "http://brettkaye.com.au/wp.php" "Go-http-client/1.1" paulshipley.com.au:443 212.30.36.97 - - [29/Apr/2024:11:21:17 +1000] "GET /users.php HTTP/1.1" 404 82106 "http://brettkaye.com.au/users.php" "Go-http-client/1.1" paulshipley.com.au:443 212.30.36.97 - - [29/Apr/2024:11:21:19 +1000] "GET /wp-admin/Xl2023.php HTTP/1.1" 404 82122 "http://brettkaye.com.au/wp-admin/Xl2023.php" "Go-h ... show less	Web App Attack
🇺🇸 mnsf	2024-04-28 12:02:08 (2 years ago)	Too many Status 40X (20) Scanning/Probing (49) Request Overload (618)	Brute-Force Web App Attack
Anonymous	2024-04-28 08:59:17 (2 years ago)	Fail2Ban apache-noscript	Bad Web Bot
🇦🇺 artful	2024-04-28 08:45:00 (2 years ago)	Admin Tools reports security exceptions on client sites. Also found 5 more for IPs in the same /24	Web App Attack
🇺🇸 mnsf	2024-04-27 11:05:15 (2 years ago)	Too many Status 40X (17)	Brute-Force Web App Attack
🇺🇸 nationaleventpros.com	2024-04-21 19:23:06 (2 years ago)	WordPress login attempt	Brute-Force
🇦🇺 MAGIC	2024-04-17 11:15:20 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2024-04-15 16:59:29 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 212.30.36.97 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 15 12:59:20.854003 2024] [security2:error] [pid 16139:tid 47868200494848] [client 212.30.36.97:46983] [client 212.30.36.97] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|peapage.productions\|F\|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "peapage.productions"] [uri "/wallet.dat"] [unique_id "Zh1c6LeYsVzdkqRyGniBEgAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2024-04-15 11:05:06 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2024-04-08 13:08:09 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇪🇸 10dencehispahard SL	2024-04-06 15:00:40 (2 years ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇩🇪 Ba-Yu	2024-03-18 11:40:17 (2 years ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
Anonymous	2024-03-18 07:16:34 (2 years ago)	[Mon Mar 18 08:08:51.013930 2024] [access_compat:error] [pid 12248] [client 212.30.36.97:13253] AH01 ... show more [Mon Mar 18 08:08:51.013930 2024] [access_compat:error] [pid 12248] [client 212.30.36.97:13253] AH01797: client denied by server configuration: /var/www/html/.DS_Store [Mon Mar 18 08:15:59.886196 2024] [access_compat:error] [pid 12248] [client 212.30.36.97:4133] AH01797: client denied by server configuration: /var/www/html/db [Mon Mar 18 08:16:32.986206 2024] [access_compat:error] [pid 3551] [client 212.30.36.97:53287] AH01797: client denied by server configuration: /var/www/html/credentials ... show less	Web App Attack

Showing 301 to 315 of 387 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.226

🇰🇷 20.196.203.243

🇰🇷 211.228.218.47

🇮🇳 203.145.143.163

🇺🇸 162.216.150.170

🇮🇩 103.146.202.84

🇷🇴 92.118.39.62

🇩🇪 213.209.159.225

🇵🇸 109.73.248.147

🇺🇸 108.181.63.2

🇳🇱 45.148.10.151

🇺🇸 20.38.46.40

🇩🇪 209.38.208.202

🇺🇸 172.234.218.210

🇩🇪 165.154.164.114

🇿🇦 105.233.67.36

🇷🇴 102.129.186.123

🇩🇪 84.233.216.239

🇩🇪 84.233.216.142

🇱🇹 45.227.254.170