AbuseIPDB » 130.33.49.6

130.33.49.6 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 39%: ?

39%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 130.33.49.6

Whois 130.33.49.6

IP Abuse Reports for 130.33.49.6:

This IP address has been reported a total of 18 times from 11 distinct sources. 130.33.49.6 was first reported on May 18th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
TPI-Abuse	2025-05-18 20:07:22 (3 weeks ago)	(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 18 16:07:19.100494 2025] [security2:error] [pid 3337272:tid 3337272] [client 130.33.49.6:12124] [client 130.33.49.6] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|abirdnamedfart.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "abirdnamedfart.com"] [uri "/images/stories/admin-post.php"] [unique_id "aCo990kYJpl-D8MlWIWXoAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
backslash	2025-05-18 19:50:03 (3 weeks ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
TPI-Abuse	2025-05-18 19:22:06 (3 weeks ago)	(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 18 15:22:01.811601 2025] [security2:error] [pid 3992325:tid 3992325] [client 130.33.49.6:9905] [client 130.33.49.6] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|www.foxmm.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.foxmm.com"] [uri "/images/stories/admin-post.php"] [unique_id "aCozWaYcCCGKIM-mYXDwrgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Site.eu	2025-05-18 19:15:00 (3 weeks ago)	Excessive 404/403 errors	Brute-Force
TPI-Abuse	2025-05-18 19:06:32 (3 weeks ago)	(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 18 15:06:26.148061 2025] [security2:error] [pid 3286314:tid 3286314] [client 130.33.49.6:1822] [client 130.33.49.6] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|edenberg.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "edenberg.com"] [uri "/images/stories/admin-post.php"] [unique_id "aCovsonrvLALdu57oYethQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-05-18 18:47:23 (3 weeks ago)	(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 18 14:47:17.742960 2025] [security2:error] [pid 2462271:tid 2462282] [client 130.33.49.6:9118] [client 130.33.49.6] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|coloradocritterpics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "coloradocritterpics.com"] [uri "/images/stories/admin-post.php"] [unique_id "aCorNdotm1HpmBCyB6hquQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-05-18 18:22:26 (3 weeks ago)	(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 18 14:22:21.668139 2025] [security2:error] [pid 961078:tid 961128] [client 130.33.49.6:13023] [client 130.33.49.6] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|bodytherapies.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "bodytherapies.us"] [uri "/images/stories/admin-post.php"] [unique_id "aColXeb-tMC8IHZoKqJzTwAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
conseilgouz	2025-05-18 17:45:30 (3 weeks ago)	hae-7 : Trying access unauthorized files/dir=>/wp-content/upgrade-temp-backup/wp-login.php	Hacking
TPI-Abuse	2025-05-18 17:33:12 (3 weeks ago)	(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 18 13:33:07.043645 2025] [security2:error] [pid 388635:tid 388635] [client 130.33.49.6:5635] [client 130.33.49.6] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|www.jhonbens.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.jhonbens.com"] [uri "/images/stories/admin-post.php"] [unique_id "aCoZ01_51NGYj03dKpkZhAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-05-18 17:09:22 (3 weeks ago)	(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 18 13:09:15.503881 2025] [security2:error] [pid 2589569:tid 2589569] [client 130.33.49.6:2741] [client 130.33.49.6] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|circleway.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "circleway.org"] [uri "/images/stories/admin-post.php"] [unique_id "aCoUOzNI-2_3q34RFyI5jwAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
penguin-solutions.at	2025-05-18 17:07:44 (3 weeks ago)	Excessive 403/404 errors ...	Brute-Force Web App Attack
Anonymous	2025-05-18 17:04:38 (3 weeks ago)	(mod_security) mod_security triggered on hostname [redacted] 130.33.49.6 (JP/Japan/-)	SQL Injection
cmbplf	2025-05-18 16:59:51 (3 weeks ago)	40.036 requests in 1 hour (1w6h59m)	Brute-Force Bad Web Bot
TPI-Abuse	2025-05-18 16:45:37 (3 weeks ago)	(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:240000) triggered by 130.33.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 18 12:45:29.936779 2025] [security2:error] [pid 1394249:tid 1394249] [client 130.33.49.6:2213] [client 130.33.49.6] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|kristywernerauthor.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "kristywernerauthor.com"] [uri "/images/stories/admin-post.php"] [unique_id "aCoOqXFhWYTyHgH_baCyqAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
donkzquixote	2025-05-18 16:41:51 (3 weeks ago)	Scan for exploitable WordPress files/information, or other brute force attempts.	Brute-Force Web App Attack

Showing 1 to 15 of 18 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

125.229.245.38

5.23.51.23

65.49.1.234

181.58.32.228

101.126.151.131

123.58.192.104

150.117.7.117

141.98.10.195

27.19.25.172

139.59.64.179

176.65.148.2

5.255.231.122

128.199.148.185

198.235.24.217

185.196.220.81

205.210.31.46

162.240.167.98

118.194.251.145

34.80.240.228

14.103.118.186