JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 46.99.156.59

46.99.156.59 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 31%: ?

31%

ISP	IPKO-4699
Usage Type	Commercial
ASN	AS21246
Domain Name	ipko.com
Country	🇽🇰 Kosovo
City	Pristina, Pristina

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 46.99.156.59

Whois 46.99.156.59

IP Abuse Reports for 46.99.156.59:

This IP address has been reported a total of 6 times from 5 distinct sources. 46.99.156.59 was first reported on March 22nd 2025, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 WeekendWeb	2026-06-17 04:15:46 (5 hours ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 01:14:55 (8 hours ago)	(mod_security) mod_security (id:240335) triggered by 46.99.156.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 46.99.156.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 21:14:50.171135 2026] [security2:error] [pid 15999:tid 15999] [client 46.99.156.59:57185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 46.99.156.59 (+1 hits since last alert)\|farsipraiseclub.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "farsipraiseclub.com"] [uri "/xmlrpc.php"] [unique_id "ajH1CpUUFgK9j694XJDAJgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 rh24	2026-06-16 22:15:44 (11 hours ago)	(xmlrpc_405) XMLRPC-Bot 405 46.99.156.59 (XK/Kosovo/-)	Hacking
🇺🇸 TPI-Abuse	2026-06-16 21:48:25 (12 hours ago)	(mod_security) mod_security (id:240335) triggered by 46.99.156.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 46.99.156.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 17:48:20.255958 2026] [security2:error] [pid 8742:tid 8742] [client 46.99.156.59:63333] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 46.99.156.59 (+1 hits since last alert)\|greenlight.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "greenlight.us"] [uri "/xmlrpc.php"] [unique_id "ajHEpK7S6_eyWxT_2KLAOwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-16 19:44:36 (14 hours ago)	[ssd1.kdns.gr] httpd-xmlrpc-post: sites=dacorlaw.com; logs=/var/log/httpd/domains/dacorlaw.com.log; ... show more [ssd1.kdns.gr] httpd-xmlrpc-post: sites=dacorlaw.com; logs=/var/log/httpd/domains/dacorlaw.com.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
Anonymous	2025-03-22 13:20:46 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 97.211.132.220

🇨🇳 58.255.244.173

🇳🇱 45.148.10.183

🇨🇳 14.103.84.166

🇬🇪 185.49.167.70

🇺🇸 135.237.122.43

🇿🇦 105.245.118.1

🇸🇬 103.250.11.176

🇮🇷 85.9.94.159

🇯🇵 20.243.208.191

🇺🇸 18.227.107.145

🇻🇳 2001:ee0:47f6:9040:dc2f:69d8:218f:c41e

🇧🇷 189.56.0.19

🇺🇸 148.153.188.254

🇳🇬 102.88.137.80

🇨🇳 39.129.41.254

🇮🇩 36.73.186.133

🇨🇳 14.103.107.229

🇵🇰 223.123.43.5

🇩🇪 213.209.159.56