JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.30.37.97

212.30.37.97 was found in our database!

This IP was reported 176 times. Confidence of Abuse is 29%: ?

29%

ISP	M Nets SAL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	mnets.net
Country	🇳🇱 Netherlands
City	Rotterdam, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.30.37.97

Whois 212.30.37.97

IP Abuse Reports for 212.30.37.97:

This IP address has been reported a total of 176 times from 67 distinct sources. 212.30.37.97 was first reported on May 21st 2022, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 00:07:08 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 212.30.37.97 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.37.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 20:07:01.798850 2026] [security2:error] [pid 21561:tid 21561] [client 212.30.37.97:62435] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clearlakelots.com"] [uri "/.git/HEAD"] [unique_id "aiDBpTEWREwNEb9l5iKz4gAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 23:51:07 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 212.30.37.97 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.37.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 19:51:01.987665 2026] [security2:error] [pid 9618:tid 9618] [client 212.30.37.97:61351] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thelowensteinfamily.com"] [uri "/.git/HEAD"] [unique_id "aiC95XK0hv92wVT3DP6dbwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 23:13:17 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 212.30.37.97 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.37.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 19:13:11.496622 2026] [security2:error] [pid 23696:tid 23696] [client 212.30.37.97:24157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jeffr.com"] [uri "/.git/HEAD"] [unique_id "aiC1B2GsQgA6EGOC8p0p-wAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-05-26 19:40:03 (3 weeks ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇺🇸 Rayulcifer	2026-05-19 22:32:29 (1 month ago)	212.30.37.97 - - [19/May/2026:17:31:55 -0500] "GET //administrator/index.php HTTP/1.1" 301 471 "-" " ... show more 212.30.37.97 - - [19/May/2026:17:31:55 -0500] "GET //administrator/index.php HTTP/1.1" 301 471 "-" "Go-http-client/1.1" 212.30.37.97 - - [19/May/2026:17:32:26 -0500] "GET //templates/madeyourweb/index.php HTTP/1.1" 301 487 "-" "Go-http-client/1.1" 212.30.37.97 - - [19/May/2026:17:32:27 -0500] "GET //modules/mod_rebug/library/index2.php HTTP/1.1" 301 497 "-" "Go-http-client/1.1" 212.30.37.97 - - [19/May/2026:17:32:28 -0500] "GET //admin/resources/dummy/log.php HTTP/1.1" 301 483 "-" "Go-http-client/1.1" 212.30.37.97 - - [19/May/2026:17:32:28 -0500] "GET //vendor/composer/about.php HTTP/1.1" 301 475 "-" "Go-http-client/1.1" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇫🇷 dynamix	2026-05-12 00:16:29 (1 month ago)	Multiple WAF Violations	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-11 23:23:59 (1 month ago)	212.30.37.97 - - [12/May/2026:02:23:59 +0300] "GET /wp-content/themes/twentytwentytwo/parts/index.ph ... show more 212.30.37.97 - - [12/May/2026:02:23:59 +0300] "GET /wp-content/themes/twentytwentytwo/parts/index.php HTTP/1.1" 404 717 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-11 16:42:04 (1 month ago)	212.30.37.97 - - [11/May/2026:19:42:03 +0300] "GET /wp-content/themes/bltm/wp-login.php HTTP/1.1" 40 ... show more 212.30.37.97 - - [11/May/2026:19:42:03 +0300] "GET /wp-content/themes/bltm/wp-login.php HTTP/1.1" 404 3290 "http://vakp.nlu.edu.ua/wp-content/themes/bltm/wp-login.php" "Go-http-client/1.1" 212.30.37.97 - - [11/May/2026:19:42:04 +0300] "GET /wp-content/themes/twentytwentyfour/patterns/template-singl-portfolio.php HTTP/1.1" 404 729 "http://vakp.nlu.edu.ua/wp-content/themes/twentytwentyfour/patterns/template-singl-portfolio.php" "Go-http-client/1.1" ... show less	Web App Attack
🇫🇷 Octopuce	2026-05-05 17:12:15 (1 month ago)	Aggressive web search of vulnerable pages: /wp-content/plugins/schema/geckos.php /5PJcpMFsD8B.php /w ... show more Aggressive web search of vulnerable pages: /wp-content/plugins/schema/geckos.php /5PJcpMFsD8B.php /wp-content/themes/bltm/wp-login.php /wp-cont ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-02 14:49:17 (1 month ago)	212.30.37.97 - - [02/May/2026:17:49:16 +0300] "GET /wp-content/plugins/so-pinyin-slugs/inc/js-inc.ph ... show more 212.30.37.97 - - [02/May/2026:17:49:16 +0300] "GET /wp-content/plugins/so-pinyin-slugs/inc/js-inc.php HTTP/1.1" 404 716 "-" "Go-http-client/1.1" 212.30.37.97 - - [02/May/2026:17:49:17 +0300] "GET /wp-content/plugins/wpcall-button/button-image.php HTTP/1.1" 404 716 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇫🇷 dynamix	2026-04-29 16:38:40 (1 month ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-04-29 09:42:54 (1 month ago)	212.30.37.97 - - [29/Apr/2026:11:41:16 +0200] "GET /bless.php HTTP/1.1" 404 490 "-" "Mozilla/5.0 (X1 ... show more 212.30.37.97 - - [29/Apr/2026:11:41:16 +0200] "GET /bless.php HTTP/1.1" 404 490 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 212.30.37.97 - - [29/Apr/2026:11:41:19 +0200] "GET /O-Simple.php HTTP/1.1" 404 490 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 212.30.37.97 - - [29/Apr/2026:11:41:21 +0200] "GET /lock360.php HTTP/1.1" 404 490 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 212.30.37.97 - - [29/Apr/2026:11:41:26 +0200] "GET /zwso.php HTTP/1.1" 404 490 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 212.30.37.97 - - [29/Apr/2026:11:41:31 +0200] "GET /chosen.php HTTP/1.1" 404 490 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81. ... show less	DDoS Attack
🇳🇱 Site.eu	2026-04-26 06:03:51 (1 month ago)	Excessive multi-domain requests	Brute-Force
🇫🇮 YF	2026-04-26 02:01:44 (1 month ago)	Attaque distribuée subnet	DDoS Attack Web App Attack
🇩🇪 london2038.com	2026-04-25 05:24:37 (1 month ago)	Probing for exploits 212.30.37.97 - - [25/Apr/2026:07:24:29 +0200] "GET /wp-content/plugins/index.ph ... show more Probing for exploits 212.30.37.97 - - [25/Apr/2026:07:24:29 +0200] "GET /wp-content/plugins/index.php HTTP/1.1" 301 169 "-" "Go-http-client/1.1" 212.30.37.97 - - [25/Apr/2026:07:24:34 +0200] "GET /wp-content/themes/about.php HTTP/1.1" 301 169 "-" "Go-http-client/1.1" show less	Hacking Web App Attack

Showing 1 to 15 of 176 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.73.160.81

🇹🇷 89.252.157.42

🇧🇪 35.210.58.81

🇸🇬 20.153.140.50

🇰🇷 14.63.217.28

🇺🇸 216.73.160.101

🇺🇸 216.73.160.96

🇺🇸 216.73.160.80

🇩🇪 213.202.223.233

🇦🇿 212.47.136.130

🇰🇿 178.91.16.172

🇭🇰 165.154.41.50

🇸🇬 165.22.61.53

🇻🇳 160.191.242.222

🇮🇷 93.126.59.113

🇺🇸 64.62.156.164

🇨🇳 60.16.220.61

🇺🇸 49.51.72.236

🇨🇳 39.70.4.197

🇵🇰 37.111.145.115