JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.132.198.148

91.132.198.148 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 9%: ?

ISP	TrafficTransitSolution LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS43444
Domain Name	traffictransitsolution.us
Country	🇺🇸 United States of America
City	SeaTac, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.132.198.148

Whois 91.132.198.148

IP Abuse Reports for 91.132.198.148:

This IP address has been reported a total of 7 times from 4 distinct sources. 91.132.198.148 was first reported on December 1st 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-06 20:36:33 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 91.132.198.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 91.132.198.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 16:36:24.885373 2026] [security2:error] [pid 21273:tid 21273] [client 91.132.198.148:49527] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|primacomm.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "primacomm.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiSEyAfyicvN-f-CgeLiGwAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 05:39:34 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 91.132.198.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 91.132.198.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 01:39:30.093937 2026] [security2:error] [pid 10714:tid 10714] [client 91.132.198.148:15425] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|stardancertantra.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "stardancertantra.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahE9krc09W078yzyrdh_swAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 tilellit.pro	2026-05-19 04:31:14 (1 month ago)	Fail2Ban banned 91.132.198.148 for security violations in jail wp-armour. Log: 2026/05/19 04:31:14 [ ... show more Fail2Ban banned 91.132.198.148 for security violations in jail wp-armour. Log: 2026/05/19 04:31:14 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 91.132.198.148 \| Target: wplogin" , client: 91.132.198.148, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 TPI-Abuse	2026-03-14 12:40:40 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 91.132.198.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.132.198.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 08:40:36.772732 2026] [security2:error] [pid 20517:tid 20517] [client 91.132.198.148:26365] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Golden-Technologies/pics/Golden Technologies 2009 Marketing CD/Luxury Beds/Standard Bed 3101/Thumbs.db"] [unique_id "abVXRIvPQaAy_xEdDoQX_QAAACo"], referer: https://vitalitywebb.com/backstore/Golden-Technologies/pics/Golden%20Technologies%202009%20Marketing%20CD/Luxury%20Beds/Standard%20Bed%203101/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-02-10 03:05:05 (4 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇩🇪 HandyTreff.de	2026-01-18 12:25:03 (5 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -50 (Bad < -10 / Very Bad < -20 / Ex ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -50 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.1697.1 show less	Bad Web Bot Web App Attack
🇨🇭 backslash	2025-12-01 01:40:11 (6 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.107.192.176

🇸🇬 209.38.59.93

🇲🇳 203.23.199.88

🇹🇳 196.203.254.3

🇪🇸 185.204.247.162

🇨🇳 182.123.65.188

🇺🇸 172.253.199.216

🇮🇩 103.98.176.164

🇳🇱 45.153.34.71

🇨🇱 186.64.123.124

🇭🇰 152.32.226.8

🇯🇵 118.193.61.170

🇹🇼 110.25.112.152

🇳🇬 102.88.137.80

🇮🇷 91.92.215.12

🇳🇱 91.92.40.233

🇿🇲 45.215.251.247

🇫🇷 45.157.112.38

🇭🇰 45.10.175.193

🇺🇸 205.210.31.34