JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.30.33.89

212.30.33.89 was found in our database!

This IP was reported 204 times. Confidence of Abuse is 39%: ?

39%

ISP	M Nets SAL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	mnets.net
Country	🇪🇸 Spain
City	Madrid, Madrid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.30.33.89

Whois 212.30.33.89

IP Abuse Reports for 212.30.33.89:

This IP address has been reported a total of 204 times from 82 distinct sources. 212.30.33.89 was first reported on June 20th 2022, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-13 06:49:39 (16 hours ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-09 09:04:59 (4 days ago)	Aggressive web scan	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-09 02:32:13 (4 days ago)	212.30.33.89 - - [09/Jun/2026:05:32:12 +0300] "GET /wp-admin/css/colors/midnight/install.php HTTP/1. ... show more 212.30.33.89 - - [09/Jun/2026:05:32:12 +0300] "GET /wp-admin/css/colors/midnight/install.php HTTP/1.1" 404 492 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 212.30.33.89 - - [09/Jun/2026:05:32:13 +0300] "GET /wp-includes/style-engine/bypass.php HTTP/1.1" 404 492 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" ... show less	Web App Attack
🇷🇺 sms.ru	2026-06-08 23:30:45 (4 days ago)	/wp-admin/maint/index.php	Web App Attack
🇫🇷 Octopuce	2026-06-08 21:42:51 (5 days ago)	Aggressive web search of vulnerable pages: /wp-content/plugins/content-management/ /wp-content/theme ... show more Aggressive web search of vulnerable pages: /wp-content/plugins/content-management/ /wp-content/themes/Avada/licensing/ /Requests/Utility/ /them ... show less	Web App Attack
🇬🇧 poundawebsiteltd	2026-05-06 13:42:25 (1 month ago)	Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 212.30.33.89 - - [06/May/2026:14:42:23 + ... show more Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 212.30.33.89 - - [06/May/2026:14:42:23 +0100] GET /wp-admin/classwithtostring.php HTTP/1.1 403 158 - Go-http-client/1.1 show less	Web App Attack
🇫🇷 Octopuce	2026-05-06 12:54:18 (1 month ago)	Aggressive web search of vulnerable pages: /wp-content/plugins/all-in-one-wp-security-and-firewall/t ... show more Aggressive web search of vulnerable pages: /wp-content/plugins/all-in-one-wp-security-and-firewall/templates/wp-admin/security.php /wp-content/ ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-04-23 09:35:35 (1 month ago)	212.30.33.89 - - [23/Apr/2026:12:35:34 +0300] "GET /wp-includes/ID3/index.php HTTP/1.1" 404 718 "-" ... show more 212.30.33.89 - - [23/Apr/2026:12:35:34 +0300] "GET /wp-includes/ID3/index.php HTTP/1.1" 404 718 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-04-23 03:12:30 (1 month ago)	212.30.33.89 - - [23/Apr/2026:06:12:29 +0300] "GET /wp-content/plugins/hello.php HTTP/1.1" 404 709 " ... show more 212.30.33.89 - - [23/Apr/2026:06:12:29 +0300] "GET /wp-content/plugins/hello.php HTTP/1.1" 404 709 "-" "Go-http-client/1.1" 212.30.33.89 - - [23/Apr/2026:06:12:29 +0300] "GET /wp-content/plugins/index.php HTTP/1.1" 404 709 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇦🇺 afleventoffice.com.au	2026-04-22 13:26:42 (1 month ago)	GET /gel4y.php HTTP/1.1	Web App Attack
🇫🇷 dynamix	2026-04-18 19:22:36 (1 month ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-04-18 18:06:47 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 212.30.33.89 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 14:06:39.342712 2026] [security2:error] [pid 2226401:tid 2226401] [client 212.30.33.89:20743] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.chandlerowen.com"] [uri "/.git/execute.php"] [unique_id "aePIL7qqU4HaqGhpOp-s2AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-04-01 20:47:35 (2 months ago)	Excessive 404/403 errors	Brute-Force
🇬🇧 consul.to	2026-04-01 16:04:13 (2 months ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇭 teamsecure	2026-03-23 00:58:42 (2 months ago)	Banned for trying to access xmlrpc	Web App Attack

Showing 1 to 15 of 204 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 154.16.171.229

🇺🇸 216.25.89.92

🇳🇱 178.16.54.88

🇺🇸 172.232.3.17

🇺🇦 95.214.235.101

🇬🇧 87.236.176.135

🇳🇱 77.83.39.241

🇺🇸 66.132.224.20

🇩🇪 43.228.157.136

🇨🇳 222.86.23.92

🇺🇸 206.189.192.135

🇺🇸 107.180.88.176

🇺🇸 107.150.105.153

🇳🇱 45.148.10.152

🇰🇷 222.239.251.12

🇩🇪 185.242.3.195

🇨🇳 175.10.8.83

🇺🇸 172.110.223.97

🇨🇳 106.75.25.139

🇻🇳 103.60.242.169