JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 130.49.113.52

130.49.113.52 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 4%: ?

ISP	Fine Group Servers Solutions LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35830
Domain Name	finegroupservers.com
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 130.49.113.52

Whois 130.49.113.52

IP Abuse Reports for 130.49.113.52:

This IP address has been reported a total of 4 times from 4 distinct sources. 130.49.113.52 was first reported on December 25th 2025, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-17 01:12:34 (7 hours ago)	Brute force	Brute-Force
🇫🇷 tilellit.pro	2026-02-22 13:13:25 (3 months ago)	Fail2Ban banned 130.49.113.52 for security violations in jail nginx-aggressive. Log: 2026/02/22 13:1 ... show more Fail2Ban banned 130.49.113.52 for security violations in jail nginx-aggressive. Log: 2026/02/22 13:13:23 [error] FastCGI sent in stderr: "Primary script unknown" , client: 130.49.113.52, server: [REDACTED], request: "POST /wp-admin/xmlrpc.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED] 2026/02/22 13:13:24 [error] FastCGI sent in stderr: "Primary script unknown" , client: 130.49.113.52, server: [REDACTED], request: "POST /wp-admin/xmlrpc.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED] ... show less	Bad Web Bot Web App Attack
🇫🇮 stinpriza	2026-02-19 21:21:06 (3 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-12-25 19:34:33 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 130.49.113.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 130.49.113.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 25 14:34:25.617719 2025] [security2:error] [pid 29832:tid 29832] [client 130.49.113.52:63731] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|prostar.industries\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "prostar.industries"] [uri "/wp-json/wp/v2/users/"] [unique_id "aU2RwXpSMQDBGDtqMZcPewAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 195.178.191.5

🇨🇴 185.75.12.207

🇨🇳 180.76.61.232

🇨🇳 58.18.80.18

🇷🇺 31.6.119.252

🇨🇦 20.151.179.130

🇨🇳 223.76.108.98

🇷🇺 185.70.129.15

🇷🇺 178.176.86.211

🇺🇸 172.172.214.224

🇺🇸 172.101.134.16

🇱🇹 141.98.9.130

🇸🇬 140.245.118.215

🇨🇳 118.145.235.110

🇱🇹 62.60.130.129

🇵🇰 39.38.154.56

🇹🇷 31.145.131.202

🇧🇬 5.188.206.66

🇺🇸 2001:470:1:fb5::1c0

🇮🇩 203.175.125.130