JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.30.131.49

5.30.131.49 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 53%: ?

53%

ISP	Emirates Integrated Telecommunications Company PJSC (EITC-DU)
Usage Type	Fixed Line ISP
ASN	AS15802
Domain Name	du.ae
Country	🇦🇪 United Arab Emirates
City	Dubai, Dubai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.30.131.49

Whois 5.30.131.49

IP Abuse Reports for 5.30.131.49:

This IP address has been reported a total of 11 times from 8 distinct sources. 5.30.131.49 was first reported on June 23rd 2026, and the most recent report was 42 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-26 21:38:14 (42 minutes ago)	(mod_security) mod_security (id:240335) triggered by 5.30.131.49 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 5.30.131.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 17:38:08.852634 2026] [security2:error] [pid 4502:tid 4502] [client 5.30.131.49:60734] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 5.30.131.49 (+1 hits since last alert)\|americanacademyofteachersofsinging.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "americanacademyofteachersofsinging.org"] [uri "/xmlrpc.php"] [unique_id "aj7xQHB5Dqj0SaNxEssRdAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-25 20:02:04 (1 day ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
Anonymous	2026-06-25 17:49:10 (1 day ago)	Attac	Brute-Force
🇫🇷 dynamix	2026-06-25 17:16:54 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 14:52:21 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 5.30.131.49 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 5.30.131.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 10:52:12.522354 2026] [security2:error] [pid 22042:tid 22042] [client 5.30.131.49:49400] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 5.30.131.49 (+1 hits since last alert)\|rockinr.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rockinr.org"] [uri "/xmlrpc.php"] [unique_id "ajvvHCTppSpxdBecbhxTxgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 09:38:24 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 5.30.131.49 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 5.30.131.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 05:38:16.538214 2026] [security2:error] [pid 16177:tid 16177] [client 5.30.131.49:21605] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 5.30.131.49 (+1 hits since last alert)\|frogdesignmexico.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "frogdesignmexico.com"] [uri "/xmlrpc.php"] [unique_id "ajuliKBaQoVwc6Z2e03SdwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 YF	2026-06-24 08:02:16 (2 days ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
Anonymous	2026-06-24 06:29:57 (2 days ago)	[redacted] 5.30.131.49 - - [24/Jun/2026:08:29:13 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jet ... show more [redacted] 5.30.131.49 - - [24/Jun/2026:08:29:13 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)" [redacted] 5.30.131.49 - - [24/Jun/2026:08:29:25 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.2; http://site99998095.com" [redacted] 5.30.131.49 - - [24/Jun/2026:08:29:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 5.30.131.49 - - [24/Jun/2026:08:29:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 5.30.131.49 - - [24/Jun/2026:08:29:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.3; http://site77119446.com" ... show less	Hacking Web App Attack
🇫🇷 dwmp	2026-06-23 23:31:39 (2 days ago)	WordPress login Brute-Force	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 22:11:03 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 5.30.131.49 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 5.30.131.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 18:10:54.544102 2026] [security2:error] [pid 17483:tid 17483] [client 5.30.131.49:56450] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 5.30.131.49 (+1 hits since last alert)\|cynosurephotography.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cynosurephotography.com"] [uri "/xmlrpc.php"] [unique_id "ajsEboDq6JmDNCvsjqjlvAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2026-06-23 15:27:20 (3 days ago)	(wordpress) Failed wordpress login from 5.30.131.49 (AE/United Arab Emirates/Dubai/Dubai/-/[redacted ... show more (wordpress) Failed wordpress login from 5.30.131.49 (AE/United Arab Emirates/Dubai/Dubai/-/[redacted]): (CF_ENABLE) show less	Brute-Force

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇺 203.185.198.246

🇮🇷 176.65.240.242

🇫🇷 81.17.99.98

🇳🇱 45.148.10.239

🇸🇬 43.172.195.148

🇺🇸 23.95.8.134

🇳🇱 176.65.139.36

🇫🇮 147.185.133.212

🇭🇰 43.154.195.142

🇺🇸 193.36.224.78

🇩🇪 167.94.146.37

🇷🇺 158.160.209.126

🇧🇮 143.105.213.211

🇨🇳 117.175.140.121

🇨🇳 111.25.118.205

🇮🇹 104.253.90.7

🇧🇬 93.94.141.115

🇸🇳 41.82.50.218

🇺🇸 2607:ff10:c8:594::d

🇳🇱 195.178.110.188