JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 81.17.96.30

81.17.96.30 was found in our database!

This IP was reported 69 times. Confidence of Abuse is 0%: ?

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi3159865.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 81.17.96.30

Whois 81.17.96.30

IP Abuse Reports for 81.17.96.30:

This IP address has been reported a total of 69 times from 42 distinct sources. 81.17.96.30 was first reported on November 16th 2025, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 Parth Maniar	2025-11-21 10:29:46 (6 months ago)	This IP address carried out 20 port scanning attempts on 20-11-2025. For more information or to repo ... show more This IP address carried out 20 port scanning attempts on 20-11-2025. For more information or to report interesting / incorrect findings, give me a shoutout @parthmaniar on Twitter. show less	Port Scan SSH
🇺🇸 drodrig	2025-11-20 08:34:02 (6 months ago)	CrowdSec triggered: %!s(*string=0xc0111d9680) (0 events)	Brute-Force
Anonymous	2025-11-20 06:38:48 (6 months ago)	sshd	Brute-Force SSH
🇫🇷 mouafiq	2025-11-20 06:32:05 (6 months ago)	2025-11-20 06:32:04,972 26205 INFO ? werkzeug: 81.17.96.30 - - [20/Nov/2025 06:32:04] "POST /hello.w ... show more 2025-11-20 06:32:04,972 26205 INFO ? werkzeug: 81.17.96.30 - - [20/Nov/2025 06:32:04] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.0" 404 - 1 0.002 0.008 2025-11-20 06:32:05,063 26205 INFO ? werkzeug: 81.17.96.30 - - [20/Nov/2025 06:32:05] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.0" 404 - 1 0.002 0.007 2025-11-20 06:32:05,122 26205 INFO ? werkzeug: 81.17.96.30 - - [20/Nov/2025 06:32:05] "GET /vendor/phpunit/phpunit/Util/PHP/eval-stdin.php HTTP/1.0" 404 - 1 0.002 0.006 2025-11-20 06:32:05,180 26205 INFO ? werkzeug: 81.17.96.30 - - [20/Nov/2025 06:32:05] "GET /vendor/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.0" 404 - 1 0.002 0.006 2025-11-20 06:32:05,226 26205 INFO ? werkzeug: 81.17.96.30 - - [20/Nov/2025 06:32:05] "GET /vendor/phpunit/Util/PHP/eval-stdin.php HTTP/1.0" 404 - 1 0.002 0.007 show less	Brute-Force SSH
🇺🇸 bigscoots.com	2025-11-20 06:25:06 (6 months ago)	81.17.96.30 (DE/Germany/mail.websitevoorondernemers.be), 5 distributed sshd attacks on account [root ... show more 81.17.96.30 (DE/Germany/mail.websitevoorondernemers.be), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Nov 20 00:24:58 16762 sshd[19789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.17.96.30 user=root Nov 20 00:13:33 16762 sshd[18614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.47.121.33 user=root Nov 20 00:13:35 16762 sshd[18614]: Failed password for root from 151.47.121.33 port 57387 ssh2 Nov 20 00:06:12 16762 sshd[18086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.39.148.7 user=root Nov 20 00:18:07 16762 sshd[18958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.47.121.33 user=root IP Addresses Blocked: show less	Brute-Force SSH
🇺🇸 bigscoots.com	2025-11-20 05:55:09 (6 months ago)	(sshd) Failed SSH login from 81.17.96.30 (DE/Germany/mail.websitevoorondernemers.be): 5 in the last ... show more (sshd) Failed SSH login from 81.17.96.30 (DE/Germany/mail.websitevoorondernemers.be): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SSHD; Logs: Nov 19 23:54:41 14113 sshd[2709]: Invalid user admin from 81.17.96.30 port 39678 Nov 19 23:54:43 14113 sshd[2709]: Failed password for invalid user admin from 81.17.96.30 port 39678 ssh2 Nov 19 23:54:44 14113 sshd[2711]: Invalid user orangepi from 81.17.96.30 port 39684 Nov 19 23:54:46 14113 sshd[2711]: Failed password for invalid user orangepi from 81.17.96.30 port 39684 ssh2 Nov 19 23:54:47 14113 sshd[2713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.17.96.30 user=root show less	Brute-Force SSH
Anonymous	2025-11-20 04:55:52 (6 months ago)	Multiple web server 400 error codes from same source ip	Web App Attack
Anonymous	2025-11-20 04:54:15 (6 months ago)	Reported from Nginx log analysis 19. Log: 81.17.96.30 - - [20/Nov/2025:xx:xx:xx 0100] "POST /cgi-bi ... show more Reported from Nginx log analysis 19. Log: 81.17.96.30 - - [20/Nov/2025:xx:xx:xx 0100] "POST /cgi-bin/../../../../../../../../../../bin/sh HTTP/1.1" xxx xxx "-" "-" "-" "FR France Lauterbourg" "AS51167" "Contabo GmbH" show less	Port Scan Brute-Force SSH
🇩🇪 Richie	2025-11-20 04:51:58 (6 months ago)	[HOST1] FTP Brute Force attempt	FTP Brute-Force
🇺🇸 MPL	2025-11-20 04:44:55 (6 months ago)	tcp/2375 (4 or more attempts)	Port Scan
🇺🇸 MPL	2025-11-20 04:44:55 (6 months ago)	tcp/2375 (2 or more attempts)	Port Scan
🇩🇪 Kamal Khalilov	2025-11-20 04:44:18 (6 months ago)	81.17.96.30 - - [20/Nov/2025:08:44:15 +0400] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto ... show more 81.17.96.30 - - [20/Nov/2025:08:44:15 +0400] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 403 146 "-" "libredtail-http" 81.17.96.30 - - [20/Nov/2025:08:44:15 +0400] "POST /?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 403 146 "-" "libredtail-http" 81.17.96.30 - - [20/Nov/2025:08:44:15 +0400] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 146 "-" "libredtail-http" 81.17.96.30 - - [20/Nov/2025:08:44:15 +0400] "GET /vendor/phpunit/phpunit/Util/PHP/eval-stdin.php HTTP/1.1" 403 146 "-" "libredtail-http" 81.17.96.30 - - [20/Nov/2025:08:44:15 +0400] "GET /vendor/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 146 "-" "libredtail-http" ... show less	Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2025-11-20 04:10:01 (6 months ago)	list.rtbh.com.tr report: tcp/23	Brute-Force
🇺🇸 bigscoots.com	2025-11-20 04:05:25 (6 months ago)	(sshd) Failed SSH login from 81.17.96.30 (DE/Germany/mail.websitevoorondernemers.be): 5 in the last ... show more (sshd) Failed SSH login from 81.17.96.30 (DE/Germany/mail.websitevoorondernemers.be): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SSHD; Logs: Nov 19 22:05:09 12983 sshd[6311]: Invalid user admin from 81.17.96.30 port 53230 Nov 19 22:05:11 12983 sshd[6311]: Failed password for invalid user admin from 81.17.96.30 port 53230 ssh2 Nov 19 22:05:12 12983 sshd[6316]: Invalid user orangepi from 81.17.96.30 port 53236 Nov 19 22:05:14 12983 sshd[6316]: Failed password for invalid user orangepi from 81.17.96.30 port 53236 ssh2 Nov 19 22:05:15 12983 sshd[6321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.17.96.30 user=root show less	Brute-Force SSH
🇺🇸 antlac1	2025-11-20 03:42:54 (6 months ago)	crowdsecurity/http-cve-2021-41773	Brute-Force Web App Attack

Showing 1 to 15 of 69 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 161.97.120.255

🇨🇳 61.129.70.208

🇳🇱 45.153.34.235

🇺🇸 20.169.106.223

🇺🇸 162.216.150.241

🇺🇸 138.113.23.170

🇻🇳 103.118.29.7

🇮🇳 103.25.47.94

🇬🇧 86.165.43.140

🇭🇷 82.23.221.160

🇱🇹 77.90.185.79

🇨🇳 58.19.82.222

🇸🇬 47.79.206.149

🇳🇱 45.148.10.183

🇲🇦 41.143.33.86

🇺🇸 23.238.80.101

🇷🇴 2.57.122.177

🇬🇧 188.240.59.16

🇲🇽 187.214.171.154

🇭🇰 165.154.41.182