JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.30.33.250

212.30.33.250 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 81%: ?

81%

ISP	M Nets SAL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	mnets.net
Country	🇪🇸 Spain
City	Madrid, Madrid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.30.33.250

Whois 212.30.33.250

IP Abuse Reports for 212.30.33.250:

This IP address has been reported a total of 53 times from 38 distinct sources. 212.30.33.250 was first reported on March 29th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-15 09:35:53 (1 day ago)	Excessive multi-domain requests	Brute-Force
🇸🇬 securejdprop	2026-06-15 07:06:37 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing	Hacking Web App Attack
🇩🇪 todix	2026-06-15 05:22:25 (1 day ago)	Web App Attack Exploid from 212.30.33.250	Web App Attack
🇩🇪 Vegascosmetics	2026-06-14 21:51:17 (1 day ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after PHP/webshell probe. Vegas Security	DDoS Attack Hacking Exploited Host
Anonymous	2026-06-14 19:44:25 (2 days ago)	Multiple, malicious web requests detected	Port Scan Hacking
🇬🇧 consul.to	2026-06-14 15:22:16 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 dynamix	2026-06-11 23:11:05 (4 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇯🇵 demonsword	2026-06-07 13:00:02 (1 week ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: www.expressapisv2.net:443 show less	Open Proxy Port Scan
🇩🇪 ghostwarriors	2026-06-05 12:20:19 (1 week ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ParaBug	2026-06-05 04:01:28 (1 week ago)	212.30.33.250 - - [05/Jun/2026:06:01:27 +0200] "GET /wp-content/themes/twentytwentyfive/patterns/tem ... show more 212.30.33.250 - - [05/Jun/2026:06:01:27 +0200] "GET /wp-content/themes/twentytwentyfive/patterns/template-singl-portfolio.php HTTP/1.1" 301 597 "-" "Go-http-client/1.1" ... show less	Phishing Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-05 03:30:03 (1 week ago)	Excessive 404/403 errors	Brute-Force
🇺🇸 TPI-Abuse	2026-06-04 23:56:52 (1 week ago)	(mod_security) mod_security (id:234930) triggered by 212.30.33.250 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:234930) triggered by 212.30.33.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 19:56:47.295479 2026] [security2:error] [pid 23126:tid 23126] [client 212.30.33.250:34939] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6787"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|cthog.xyz\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "cthog.xyz"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "aiIQv3wYFdmkrfozE6l0cwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 21:09:32 (1 week ago)	(mod_security) mod_security (id:234930) triggered by 212.30.33.250 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:234930) triggered by 212.30.33.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 17:09:26.508225 2026] [security2:error] [pid 16453:tid 16453] [client 212.30.33.250:61029] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|escribaniasmith.com.ar\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "escribaniasmith.com.ar"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "aiHphm42WgTLDSmG1KShLgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-28 21:54:26 (2 weeks ago)	Credential Stuffing attacks against Microsoft 365	Brute-Force
🇳🇱 Site.eu	2026-05-13 15:31:11 (1 month ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 219.129.234.80

🇹🇼 198.235.24.41

🇳🇱 185.223.235.36

🇺🇸 172.70.131.105

🇸🇬 109.123.238.248

🇰🇷 106.246.224.218

🇱🇹 77.90.185.97

🇦🇹 67.159.17.162

🇳🇱 45.142.193.145

🇨🇳 42.51.32.228

🇳🇱 23.176.184.152

🇱🇹 195.12.191.130

🇮🇹 185.68.178.178

🇨🇳 182.46.218.149

🇷🇺 178.216.165.187

🇺🇸 162.243.138.30

🇧🇭 149.104.106.153

🇳🇱 146.70.175.94

🇳🇱 142.93.224.223

🇮🇳 122.176.20.134