JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.30.33.191

212.30.33.191 was found in our database!

This IP was reported 189 times. Confidence of Abuse is 58%: ?

58%

ISP	M Nets SAL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	mnets.net
Country	🇪🇸 Spain
City	Madrid, Madrid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.30.33.191

Whois 212.30.33.191

IP Abuse Reports for 212.30.33.191:

This IP address has been reported a total of 189 times from 70 distinct sources. 212.30.33.191 was first reported on May 16th 2023, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-22 12:49:38 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 nyt	2026-06-22 07:40:10 (3 days ago)	404 flood (16/60s), 404 flood (17/60s)	Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-06-17 22:51:33 (1 week ago)	212.30.33.191 - - [18/Jun/2026:01:50:22 +0300] "GET /wp-includes/woocommerce-call.php HTTP/1.1" 404 ... show more 212.30.33.191 - - [18/Jun/2026:01:50:22 +0300] "GET /wp-includes/woocommerce-call.php HTTP/1.1" 404 251 "-" "Go-http-client/1.1" 212.30.33.191 - - [18/Jun/2026:01:51:30 +0300] "GET /wp-content/themes/builder-and-developer/inc/tgm/error.php HTTP/1.1" 404 251 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇫🇷 dynamix	2026-06-17 12:50:49 (1 week ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-17 04:02:11 (1 week ago)	Excessive 404/403 errors	Brute-Force
🇬🇧 consul.to	2026-06-13 19:11:04 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 17:52:18 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 212.30.33.191 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 13:52:13.316888 2026] [security2:error] [pid 7589:tid 7589] [client 212.30.33.191:26189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.passy.us"] [uri "/wp-includes/images/wp-config.php"] [unique_id "ai2YzYQ0Bri9ncfFJAO-NAAAABU"], referer: http://passy.us/wp-includes/images/wp-config.php show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-10 06:08:50 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-06-06 14:03:04 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 12:58:52 (2 weeks ago)	(mod_security) mod_security (id:240000) triggered by 212.30.33.191 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240000) triggered by 212.30.33.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 08:58:48.725133 2026] [security2:error] [pid 27740:tid 27740] [client 212.30.33.191:29057] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|mail.usedrouter.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "mail.usedrouter.com"] [uri "/images/stories/themes.php"] [unique_id "aiQZiK_LtDo5dbs5UQhFNQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Octopuce	2026-06-06 07:31:53 (2 weeks ago)	Aggressive web search of vulnerable pages: /bless.php /O-Simple.php /lock360.php /zwso.php /chosen.p ... show more Aggressive web search of vulnerable pages: /bless.php /O-Simple.php /lock360.php /zwso.php /chosen.php /about.php /admin.php /mah.php /.wp/wso. ... show less	Web App Attack
🇦🇺 aranguren.org	2026-06-04 06:59:06 (3 weeks ago)	212.30.33.191 - - [04/Jun/2026:16:59:04 +1000] "GET /cgi-bin/class.api.php HTTP/1.1" 404 16 "-" "Moz ... show more 212.30.33.191 - - [04/Jun/2026:16:59:04 +1000] "GET /cgi-bin/class.api.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 212.30.33.191 - - [04/Jun/2026:16:59:04 +1000] "GET /wp-content/cache/index.php HTTP/1.1" 404 984 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 212.30.33.191 - - [04/Jun/2026:16:59:05 +1000] "GET /wp-admin/css/colors/blue/file.php HTTP/1.1" 404 984 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 212.30.33.191 - - [04/Jun/2026:16:59:05 +1000] "GET /wp-includes/edit.php HTTP/1.1" 404 984 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 212.30.33.191 - - [04/Jun/2026:16:59:05 +1000] "GET /webdb.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Geck ... show less	Bad Web Bot
🇨🇦 Dolphi	2026-05-30 01:20:02 (3 weeks ago)	POST //xmlrpc.php	Brute-Force Web App Attack
🇬🇧 consul.to	2026-05-28 11:29:41 (3 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇿🇦 Tokolosh Hunters	2026-05-24 16:18:08 (1 month ago)	AutoBlockWindow-Known bad useragent query-2026-05-24 16:18:07	Bad Web Bot

Showing 1 to 15 of 189 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 172.253.237.155

🇮🇳 152.59.145.91

🇺🇸 147.185.132.127

🇺🇸 129.153.31.0

🇺🇸 2601:3c4:200:9bc0:e660:3a0e:9dfe:1e9a

🇬🇧 206.189.123.240

🇨🇴 201.184.50.251

🇻🇳 171.244.39.95

🇳🇱 134.122.59.185

🇮🇳 122.168.127.153

🇨🇳 117.33.158.163

🇨🇳 116.233.54.153

🇷🇺 95.167.183.100

🇳🇱 88.151.33.54

🇱🇻 81.30.98.62

🇺🇸 54.153.101.52

🇳🇱 45.153.34.112

🇺🇸 20.42.104.13

🇮🇳 2401:4900:1f35:cbf6:f098:9b79:202b:543d

🇺🇸 198.144.178.157