JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 130.49.114.26

130.49.114.26 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 4%: ?

ISP	Fine Group Servers Solutions LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35830
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Vantaa, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 130.49.114.26

Whois 130.49.114.26

IP Abuse Reports for 130.49.114.26:

This IP address has been reported a total of 4 times from 3 distinct sources. 130.49.114.26 was first reported on November 12th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 solution.it	2026-06-12 18:57:32 (1 day ago)	[Fri Jun 12 20:57:31.505048 2026] [php7:error] [pid 3205055:tid 3205055] [client 130.49.114.26:17209 ... show more [Fri Jun 12 20:57:31.505048 2026] [php7:error] [pid 3205055:tid 3205055] [client 130.49.114.26:17209] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-03 03:53:24 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 130.49.114.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 130.49.114.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 02 22:53:17.243491 2026] [security2:error] [pid 3264:tid 3264] [client 130.49.114.26:57545] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|themediaplanet.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "themediaplanet.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aYFxLYvFusHYZ5GQmm39PwAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mind5t0rm	2026-01-26 14:08:43 (4 months ago)	(WPLOGIN) WP Login Attack 130.49.114.26 (FR/France/-): 3 in the last 3600 secs; Ports: ; Direction: ... show more (WPLOGIN) WP Login Attack 130.49.114.26 (FR/France/-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 130.49.114.26 - - [26/Jan/2026:21:08:32 +0700] "GET /wp-login.php HTTP/2.0" 200 2808 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0" 130.49.114.26 - - [26/Jan/2026:21:08:36 +0700] "GET /wp-login.php?wp_lang=en_US HTTP/2.0" 200 2808 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" 130.49.114.26 - - [26/Jan/2026:21:08:39 +0700] "POST /wp-login.php?wp_lang=en_US HTTP/2.0" 302 0 "https://zerowaterthailand.com/wp-login.php?wp_lang=en_US" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" show less	Port Scan
🇺🇸 TPI-Abuse	2025-11-12 06:15:38 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 130.49.114.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 130.49.114.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 01:15:32.917876 2025] [security2:error] [pid 25543:tid 25543] [client 130.49.114.26:50541] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|g-h2o.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "g-h2o.com"] [uri "/"] [unique_id "aRQmBJFh3BDQ004BjG4QLwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 189.229.47.91

🇷🇺 185.46.49.49

🇰🇷 121.178.185.141

🇺🇸 23.27.236.136

🇺🇸 193.203.9.169

🇰🇷 175.118.127.138

🇮🇳 122.187.230.38

🇨🇳 120.198.138.185

🇨🇳 117.159.78.217

🇰🇼 78.89.154.59

🇺🇸 45.45.237.214

🇺🇸 184.154.156.13

🇺🇸 135.237.127.177

🇮🇳 128.185.199.22

🇵🇹 85.240.193.104

🇺🇸 66.132.224.26

🇺🇸 66.132.172.235

🇨🇦 34.47.6.118

🇭🇰 199.45.155.64

🇫🇷 167.86.119.81