JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 130.49.114.58

130.49.114.58 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 13%: ?

13%

ISP	Fine Group Servers Solutions LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35830
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Vantaa, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 130.49.114.58

Whois 130.49.114.58

IP Abuse Reports for 130.49.114.58:

This IP address has been reported a total of 6 times from 4 distinct sources. 130.49.114.58 was first reported on October 21st 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 WebRep12	2026-05-22 07:56:00 (2 weeks ago)	Trying to hack in to our website	Hacking
🇺🇸 Jason Howell	2026-05-21 22:26:19 (2 weeks ago)	130.49.114.58 - - [21/May/2026:17:26:14 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2792 "-" "Apache-Http ... show more 130.49.114.58 - - [21/May/2026:17:26:14 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2792 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" 130.49.114.58 - - [21/May/2026:17:26:15 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2792 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" 130.49.114.58 - - [21/May/2026:17:26:16 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2793 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" 130.49.114.58 - - [21/May/2026:17:26:17 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2793 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" 130.49.114.58 - - [21/May/2026:17:26:18 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2794 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" ... show less	Web App Attack
🇺🇸 Jason Howell	2026-05-21 21:25:56 (2 weeks ago)	130.49.114.58 - - [21/May/2026:16:25:38 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2719 "-" "Apache-Http ... show more 130.49.114.58 - - [21/May/2026:16:25:38 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2719 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" 130.49.114.58 - - [21/May/2026:16:25:39 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2793 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" 130.49.114.58 - - [21/May/2026:16:25:49 -0500] "GET /wp-login.php HTTP/1.1" 200 4495 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 130.49.114.58 - - [21/May/2026:16:25:55 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2719 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" 130.49.114.58 - - [21/May/2026:16:25:56 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2792 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-01 19:42:23 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 130.49.114.58 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 130.49.114.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 01 15:42:16.703538 2026] [security2:error] [pid 13265:tid 13265] [client 130.49.114.58:52373] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|friedeprod.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "friedeprod.com"] [uri "/"] [unique_id "afUCGAt2Bd5afgzdsEdqrwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-15 16:37:35 (6 months ago)	(mod_security) mod_security (id:210350) triggered by 130.49.114.58 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 130.49.114.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 15 11:37:30.156005 2025] [security2:error] [pid 11524:tid 11537] [client 130.49.114.58:22465] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|kwainet.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "kwainet.com"] [uri "/"] [unique_id "aRisSpr_qEhJCECMYlwZAwAAAEo"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 relianoid.com	2025-10-21 22:10:47 (7 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 47.95.23.45

🇺🇸 20.171.72.5

🇳🇱 176.65.148.199

🇸🇪 155.4.244.169

🇻🇳 103.176.20.115

🇭🇰 43.154.2.4

🇰🇪 41.90.100.147

🇹🇷 31.40.204.166

🇻🇳 27.73.37.178

🇻🇳 14.183.44.219

🇺🇿 213.230.127.104

🇺🇸 91.230.168.211

🇳🇱 64.225.78.159

🇮🇹 34.154.186.104

🇺🇸 23.254.178.52

🇩🇪 172.71.172.213

🇫🇮 147.185.133.120

🇻🇳 113.182.228.61

🇩🇪 43.228.157.8

🇺🇸 35.252.243.30