JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.187.112.47

91.187.112.47 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 4%: ?

ISP	IPKO Telecommunications LLC
Usage Type	Fixed Line ISP
ASN	AS21246
Domain Name	ipko.com
Country	🇽🇰 Kosovo
City	Pristina, Pristina

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.187.112.47

Whois 91.187.112.47

IP Abuse Reports for 91.187.112.47:

This IP address has been reported a total of 4 times from 3 distinct sources. 91.187.112.47 was first reported on August 9th 2022, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 22:12:34 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 91.187.112.47 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 91.187.112.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 18:12:27.999354 2026] [security2:error] [pid 3186:tid 3186] [client 91.187.112.47:53270] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 91.187.112.47 (+1 hits since last alert)\|texascottagebakers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "texascottagebakers.com"] [uri "/xmlrpc.php"] [unique_id "aiNJy72_OCynPtACR8mq3QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 20:33:14 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 91.187.112.47 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 91.187.112.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 16:33:07.325508 2026] [security2:error] [pid 20400:tid 20400] [client 91.187.112.47:52385] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|studioyau.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "studioyau.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiMyg7YLrIsNXXEbN95CjQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 security.rdmc.fr	2022-08-09 07:20:10 (3 years ago)	Automatic report - Port Scan Attack proto:TCP src:26583 dst:23	Port Scan
🇿🇦 IrisFlower	2022-08-09 02:33:41 (3 years ago)	Unauthorized connection attempt detected from IP address 91.187.112.47 to port 23 [J]	Port Scan Hacking

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇳 202.131.239.178

🇨🇳 180.184.52.206

🇵🇪 161.132.38.234

🇮🇳 38.254.183.79

🇺🇸 34.53.45.232

🇺🇸 20.190.151.8

🇰🇷 220.92.117.221

🇺🇸 216.25.89.153

🇫🇷 185.194.178.105

🇨🇳 180.168.24.186

🇺🇸 147.185.132.74

🇨🇳 101.96.229.2

🇹🇷 81.213.110.14

🇬🇧 35.203.210.239

🇩🇪 35.198.168.210

🇮🇩 34.101.229.143

🇺🇸 34.75.105.174

🇺🇸 150.107.36.236

🇯🇵 132.145.122.251

🇭🇰 101.36.111.119