JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 130.49.113.96

130.49.113.96 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 23%: ?

23%

ISP	Fine Group Servers Solutions LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35830
Domain Name	finegroupservers.com
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 130.49.113.96

Whois 130.49.113.96

IP Abuse Reports for 130.49.113.96:

This IP address has been reported a total of 11 times from 7 distinct sources. 130.49.113.96 was first reported on March 11th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-23 05:23:17 (6 hours ago)	Brute force	Brute-Force
🇪🇸 librebit	2026-06-19 03:48:12 (4 days ago)	Brute force	Brute-Force
Anonymous	2026-06-13 11:39:05 (1 week ago)	[osotir.org] httpd-login-spray-site: sites=agonistes.gr; logs=/var/log/httpd/domains/agonistes.gr.lo ... show more [osotir.org] httpd-login-spray-site: sites=agonistes.gr; logs=/var/log/httpd/domains/agonistes.gr.log; samples=site_wide=true \| distinct_ips=57 \| /wp-login.php?wp_lang=en_US show less	Hacking Web App Attack
🇫🇮 inlink.ltd	2026-05-26 05:06:38 (4 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇫🇷 tilellit.pro	2026-05-21 20:46:22 (1 month ago)	Fail2Ban banned 130.49.113.96 for security violations in jail wp-armour. Log: 2026/05/21 20:46:22 [e ... show more Fail2Ban banned 130.49.113.96 for security violations in jail wp-armour. Log: 2026/05/21 20:46:22 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 130.49.113.96 \| Target: wplogin" , client: 130.49.113.96, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇫🇷 tilellit.pro	2026-05-21 12:10:02 (1 month ago)	Fail2Ban banned 130.49.113.96 for security violations in jail wp-armour. Log: 2026/05/21 12:10:02 [e ... show more Fail2Ban banned 130.49.113.96 for security violations in jail wp-armour. Log: 2026/05/21 12:10:02 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 130.49.113.96 \| Target: wplogin" , client: 130.49.113.96, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 TPI-Abuse	2026-03-26 17:02:26 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 130.49.113.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 130.49.113.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 13:02:22.405098 2026] [security2:error] [pid 518704:tid 518704] [client 130.49.113.96:16161] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|toepfer.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "toepfer.org"] [uri "/wp-json/wp/v2/users"] [unique_id "acVmnlxEu61McgW1GqhGtgAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-20 00:32:26 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 130.49.113.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 130.49.113.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 20:32:12.694089 2026] [security2:error] [pid 9474:tid 9474] [client 130.49.113.96:42849] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|oceandrivebeach.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "oceandrivebeach.net"] [uri "/wp-json/wp/v2/users"] [unique_id "abyVjO9FWtSbmVGEUoqLVAAAAAs"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-14 19:07:17 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 130.49.113.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 130.49.113.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 15:07:11.882502 2026] [security2:error] [pid 1023:tid 1023] [client 130.49.113.96:18891] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|caquintet.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "caquintet.com"] [uri "/wp-json/wp/v2/users"] [unique_id "abWx3_tg4gtzqxm69pFJIwAAAA4"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 crnpekgoz	2026-03-13 11:49:09 (3 months ago)	Mass-registration bot attack. 128+ accounts registering and logging in simultaneously from cloud/pro ... show more Mass-registration bot attack. 128+ accounts registering and logging in simultaneously from cloud/proxy infrastructure. show less	DDoS Attack Bad Web Bot Web App Attack
🇺🇸 TRoden	2026-03-11 00:22:34 (3 months ago)	Geo Block Plugin: Escalation flag(s): rce_attempt	Hacking

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 65.110.40.90

🇯🇵 8.216.5.47

🇭🇰 199.45.154.179

🇧🇩 160.25.5.221

🇮🇩 157.15.78.122

🇨🇳 150.158.196.236

🇨🇳 117.176.220.76

🇮🇳 116.193.128.214

🇨🇳 115.190.248.214

🇮🇳 106.219.144.80

🇫🇷 92.205.184.118

🇺🇸 65.49.1.212

🇩🇪 45.149.206.10

🇨🇦 20.151.206.212

🇸🇰 2a03:2760:1:9003:9999::165

🇧🇷 201.86.230.198

🇳🇱 185.156.73.233

🇳🇱 176.65.139.181

🇳🇱 176.65.132.22

🇮🇳 122.180.242.27