AbuseIPDB » 212.30.37.106

212.30.37.106 was found in our database!

This IP was reported 84 times. Confidence of Abuse is 44%: ?

44%

ISP	M Nets SAL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	mnets.net
Country	Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 212.30.37.106

Whois 212.30.37.106

IP Abuse Reports for 212.30.37.106:

This IP address has been reported a total of 84 times from 27 distinct sources. 212.30.37.106 was first reported on March 8th 2022, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
Anonymous	2025-06-16 17:20:01 (15 hours ago)	(wordpress) Failed wordpress login from 212.30.37.106 (NL/The Netherlands/-)	Brute-Force
cmbplf	2025-06-15 06:23:24 (2 days ago)	3.186 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
TPI-Abuse	2025-06-14 18:10:05 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 212.30.37.106 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 212.30.37.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 14 14:09:56.490952 2025] [security2:error] [pid 1462013:tid 1462013] [client 212.30.37.106:19061] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||tedmccachren.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "tedmccachren.com"] [uri "/labs/indexlabs.html/restore/wallet.dat"] [unique_id "aE269GLIH-MdiBqeVgKhZAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-10 11:52:31 (6 days ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Burayot	2025-06-10 05:39:15 (1 week ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 212.30.37.106 (NL/The Netherlands/- ... show moreLF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 212.30.37.106 (NL/The Netherlands/-): 1 in the last 3600 secs show less	Web App Attack
neckaralb-admin.de	2025-05-26 11:48:08 (3 weeks ago)	(wordpress) Failed login wp-login.php or xmlrpc.php	Web App Attack
Penny Packer	2025-05-20 07:19:19 (4 weeks ago)	Fail2Ban apache-tripwires	Web App Attack
Anonymous	2025-05-13 07:23:33 (1 month ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
rshict	2025-05-12 13:35:06 (1 month ago)	Hacking, Brute-Force, Web App Attack	Hacking Brute-Force Web App Attack
Cloudkul Cloudkul	2025-04-12 22:24:39 (2 months ago)	Attempted Not Found (404 status code) requests on our application, more than 30% of their total requ ... show moreAttempted Not Found (404 status code) requests on our application, more than 30% of their total requests. show less	Brute-Force Web App Attack
octageeks.com	2025-04-12 04:06:59 (2 months ago)	Wordpress malicious attack:[octawpauthor]	Web App Attack
TPI-Abuse	2025-04-08 16:00:49 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 212.30.37.106 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225170) triggered by 212.30.37.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 08 12:00:42.104645 2025] [security2:error] [pid 23243:tid 23243] [client 212.30.37.106:14927] [client 212.30.37.106] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||southernislands.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "southernislands.com"] [uri "/blog/wp-json/wp/v2/users/"] [unique_id "Z_VIKqeCg9mrsdTvWU7U7AAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
YF	2025-04-07 23:00:13 (2 months ago)	xmlrpc.php (Potential DDoS or brute force)	Brute-Force Web App Attack
10dencehispahard SL	2025-04-07 04:52:12 (2 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
TPI-Abuse	2025-03-19 11:13:26 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 212.30.37.106 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 212.30.37.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 19 07:13:18.552348 2025] [security2:error] [pid 11588:tid 11588] [client 212.30.37.106:4091] [client 212.30.37.106] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.dudleyanddudley.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.dudleyanddudley.com"] [uri "/old/sql.sql"] [unique_id "Z9qmzqNgTua2vBpE8ZGfdAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩