JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.30.33.220

212.30.33.220 was found in our database!

This IP was reported 291 times. Confidence of Abuse is 26%: ?

26%

ISP	M Nets SAL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	mnets.net
Country	🇪🇸 Spain
City	Madrid, Madrid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.30.33.220

Whois 212.30.33.220

IP Abuse Reports for 212.30.33.220:

This IP address has been reported a total of 291 times from 101 distinct sources. 212.30.33.220 was first reported on May 22nd 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-09 08:29:45 (1 week ago)	(mod_security) mod_security (id:240000) triggered by 212.30.33.220 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240000) triggered by 212.30.33.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 04:29:39.126220 2026] [security2:error] [pid 26269:tid 26269] [client 212.30.33.220:42919] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|darlinghernandez.com.waggonerfinancial.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "darlinghernandez.com.waggonerfinancial.com"] [uri "/images/stories/themes.php"] [unique_id "aifO867hh4RjpWRxFBkSYwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Octopuce	2026-06-08 20:29:28 (1 week ago)	Aggressive web search of vulnerable pages: /.well-known/acme-challenge/admin.php /wp-includes/images ... show more Aggressive web search of vulnerable pages: /.well-known/acme-challenge/admin.php /wp-includes/images/autoload_classmap.php /wp-includes/ID3/wp- ... show less	Web App Attack
🇬🇧 consul.to	2026-05-12 22:11:36 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 IVski	2026-05-11 15:39:32 (1 month ago)	IVski WAF \| WordPress scanner detected - probing wp-content, xmlrpc or wp-login	Port Scan Brute-Force Web App Attack
🇫🇷 Octopuce	2026-05-09 18:18:35 (1 month ago)	Aggressive web search of vulnerable pages: /wp-includes/rest-api/about.php /css/css.php /init.php /w ... show more Aggressive web search of vulnerable pages: /wp-includes/rest-api/about.php /css/css.php /init.php /wp-admin/user/wp-login.php /autoload_classma ... show less	Web App Attack
🇬🇧 consul.to	2026-04-28 07:39:54 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-04-25 01:47:48 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇭🇺 btimon	2026-04-23 13:14:00 (1 month ago)	ALFA.TEaM.Web.Shell	Hacking
🇫🇷 dynamix	2026-04-17 10:20:04 (1 month ago)	Multiple WAF Violations	Web App Attack
🇲🇾 Rizzy	2026-04-15 23:03:44 (2 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-04-12 11:24:57 (2 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-04-03 03:37:14 (2 months ago)	(mod_security) mod_security (id:234930) triggered by 212.30.33.220 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:234930) triggered by 212.30.33.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 23:37:08.333042 2026] [security2:error] [pid 16964:tid 16964] [client 212.30.33.220:27407] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|martinez-morera.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "martinez-morera.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "ac815CGcWxqw_r2IhMt4YAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-03-20 13:45:35 (2 months ago)	(PERMBLOCK) 212.30.33.220 (ES/Spain/-) has had more than 4 temp blocks	Hacking
🇺🇸 integrantservices.com	2026-03-20 12:41:20 (2 months ago)	(wordpress) Failed wordpress login from 212.30.33.220 (ES/Spain/-)	Brute-Force
🇳🇱 Site.eu	2026-03-17 01:38:12 (2 months ago)	Excessive 404/403 errors	Brute-Force

Showing 1 to 15 of 291 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 164.92.211.104

🇮🇳 128.185.225.78

🇭🇰 118.193.39.103

🇳🇱 45.148.10.151

🇰🇼 37.34.237.45

🇮🇩 34.128.101.224

🇬🇧 34.39.25.155

🇮🇳 13.203.73.59

🇨🇳 223.73.141.83

🇳🇱 195.178.110.30

🇫🇷 176.177.9.11

🇺🇸 173.16.14.61

🇫🇷 172.71.122.198

🇮🇪 168.63.79.147

🇺🇸 119.12.205.204

🇺🇸 104.23.187.115

🇺🇸 98.159.37.107

🇺🇸 71.68.224.87

🇨🇱 66.249.85.12

🇦🇺 54.252.170.250