JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 130.49.10.165

130.49.10.165 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 22%: ?

22%

ISP	Fine Group Servers Solutions LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 130.49.10.165

Whois 130.49.10.165

IP Abuse Reports for 130.49.10.165:

This IP address has been reported a total of 10 times from 5 distinct sources. 130.49.10.165 was first reported on January 23rd 2026, and the most recent report was 7 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tilellit.pro	2026-06-28 08:14:57 (7 minutes ago)	Fail2Ban banned 130.49.10.165 for security violations in jail wp-armour. Log: 2026/06/28 08:14:57 [e ... show more Fail2Ban banned 130.49.10.165 for security violations in jail wp-armour. Log: 2026/06/28 08:14:57 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 130.49.10.165 \| Target: wplogin" , client: 130.49.10.165, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇫🇷 tilellit.pro	2026-06-27 06:17:09 (1 day ago)	Fail2Ban banned 130.49.10.165 for security violations in jail wp-armour. Log: 2026/06/27 06:17:09 [e ... show more Fail2Ban banned 130.49.10.165 for security violations in jail wp-armour. Log: 2026/06/27 06:17:09 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 130.49.10.165 \| Target: wplogin" , client: 130.49.10.165, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 TPI-Abuse	2026-06-25 19:42:04 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 130.49.10.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 130.49.10.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 15:41:59.847590 2026] [security2:error] [pid 29275:tid 29275] [client 130.49.10.165:20911] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|al-bukhari.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "al-bukhari.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aj2Eh-jnqkp1mSHTXm6OfwAAABs"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-21 15:25:59 (6 days ago)	130.49.10.165 - - [21/Jun/2026:17:25:57 +0200] "GET /wp-login.php HTTP/1.1" 404 178 "https://www.goo ... show more 130.49.10.165 - - [21/Jun/2026:17:25:57 +0200] "GET /wp-login.php HTTP/1.1" 404 178 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 130.49.10.165 - - [21/Jun/2026:17:25:57 +0200] "GET /wp-login.php HTTP/1.1" 404 178 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 12:46:43 (4 weeks ago)	(mod_security) mod_security (id:225170) triggered by 130.49.10.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 130.49.10.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 08:46:37.215128 2026] [security2:error] [pid 3576:tid 3576] [client 130.49.10.165:36115] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|stardancertantra.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "stardancertantra.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahmKrQ1B9p4OO3vFS_nUJgAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-04-14 10:45:57 (2 months ago)	Blocked by CSF 13 firewall - Rule: XMLRPC US/United States/-	Web App Attack
🇺🇸 TPI-Abuse	2026-04-02 22:31:00 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 130.49.10.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 130.49.10.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 18:30:58.103687 2026] [security2:error] [pid 2824:tid 2824] [client 130.49.10.165:48225] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kittencream.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kittencream.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ac7uIpVPuTJVuqVRVkgGLQAAAAE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-02 21:19:40 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 130.49.10.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 130.49.10.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 17:19:32.988768 2026] [security2:error] [pid 20563:tid 20563] [client 130.49.10.165:46311] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gulftelecom.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gulftelecom.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ac7dZM67p10-yK624Cc1pQAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2026-01-23 04:00:44 (5 months ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇺🇸 TPI-Abuse	2026-01-23 01:45:26 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 130.49.10.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 130.49.10.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 20:45:07.464561 2026] [security2:error] [pid 21544:tid 21544] [client 130.49.10.165:58597] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|activethinkers.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "activethinkers.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aXLSo2JdtAvevpgsdx7VSAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 196.251.86.207

🇳🇱 196.251.86.120

🇧🇷 186.250.114.22

🇦🇺 158.178.141.16

🇺🇸 147.185.132.41

🇸🇪 130.49.11.125

🇻🇳 113.177.27.200

🇸🇬 101.47.142.210

🇺🇸 66.132.195.25

🇺🇸 64.62.156.62

🇺🇸 44.249.186.234

🇺🇸 44.220.185.86

🇺🇸 20.14.94.72

🇺🇸 18.190.15.50

🇺🇸 209.182.202.239

🇳🇱 196.251.84.213

🇳🇱 196.251.83.100

🇺🇸 194.99.24.241

🇦🇷 167.250.5.20

🇬🇧 163.5.138.97