JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 130.49.112.151

130.49.112.151 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 21%: ?

21%

ISP	Fine Group Servers Solutions LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35830
Domain Name	finegroupservers.com
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 130.49.112.151

Whois 130.49.112.151

IP Abuse Reports for 130.49.112.151:

This IP address has been reported a total of 7 times from 4 distinct sources. 130.49.112.151 was first reported on December 29th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Jason Howell	2026-06-11 23:18:54 (2 days ago)	130.49.112.151 - - [11/Jun/2026:17:50:43 -0500] "GET /wp-login.php HTTP/1.1" 200 5919 "https://www.g ... show more 130.49.112.151 - - [11/Jun/2026:17:50:43 -0500] "GET /wp-login.php HTTP/1.1" 200 5919 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 130.49.112.151 - - [11/Jun/2026:17:50:44 -0500] "POST /wp-login.php HTTP/1.1" 200 6281 "https://tatpl-traffic.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 130.49.112.151 - - [11/Jun/2026:17:50:45 -0500] "GET /wp-admin/ HTTP/1.1" 302 4199 "https://tatpl-traffic.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 130.49.112.151 - - [11/Jun/2026:17:50:45 -0500] "GET /wp-login.php?redirect_to=https%3A%2F%2Ftatpl-traffic.com%2Fwp-admin%2F&reauth=1 HTTP/1.1" 200 8083 "https://tatpl-traffic.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 130.49.112.151 - - [11/Jun/ ... show less	Web App Attack
🇺🇸 kosada.com	2026-06-11 01:50:54 (3 days ago)	Web password guessing	Brute-Force
🇺🇸 TPI-Abuse	2026-05-30 17:20:36 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 130.49.112.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 130.49.112.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 13:20:33.506108 2026] [security2:error] [pid 6561:tid 6561] [client 130.49.112.151:17453] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|banis-associates.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "banis-associates.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahscYb0Hx8SuEvt7VFYz6wAAABk"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-30 12:54:41 (2 weeks ago)	Web password guessing	Brute-Force
🇺🇸 TPI-Abuse	2026-05-21 14:28:13 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 130.49.112.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 130.49.112.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 10:28:05.780358 2026] [security2:error] [pid 28020:tid 28020] [client 130.49.112.151:51821] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cpking.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cpking.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ag8WdTVQFx5FwTZMV69R2gAAAAc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-22 23:03:26 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 130.49.112.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 130.49.112.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 18:03:09.866385 2026] [security2:error] [pid 4532:tid 4532] [client 130.49.112.151:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|pixacast.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pixacast.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXKsrTnYT4bNjzHtpkqbPwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:02:37 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 73.91.172.40

🇩🇪 69.5.169.121

🇭🇰 223.197.248.209

🇧🇷 205.210.31.176

🇺🇸 198.98.56.205

🇧🇷 170.78.133.49

🇦🇷 167.250.118.53

🇨🇳 39.104.62.104

🇺🇸 2001:470:1:332::49

🇨🇳 182.138.158.53

🇺🇸 165.154.36.62

🇺🇸 136.107.214.190

🇳🇱 91.92.40.44

🇺🇸 72.14.178.148

🇺🇸 64.62.197.37

🇳🇱 45.148.10.152

🇨🇳 39.144.138.2

🇺🇸 35.196.116.188

🇨🇦 34.130.46.154

🇨🇦 15.235.11.7