JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.142.222.105

91.142.222.105 was found in our database!

This IP was reported 456 times. Confidence of Abuse is 100%: ?

100%

ISP	AXARNET COMUNICACIONES, S.L.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS50926
Hostname(s)	c100419.vservers.es
Domain Name	axarnet.es
Country	🇪🇸 Spain
City	Valencia, Valencia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.142.222.105

Whois 91.142.222.105

IP Abuse Reports for 91.142.222.105:

This IP address has been reported a total of 456 times from 214 distinct sources. 91.142.222.105 was first reported on June 29th 2024, and the most recent report was 27 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 LRob.fr	2026-06-28 22:15:03 (27 minutes ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇫🇷 tecnicorioja	2026-06-28 22:02:01 (40 minutes ago)	wp-login attack [28/Jun/2026:03:26:15	Brute-Force Web App Attack
🇫🇷 Security_Whaller	2026-06-28 21:58:06 (44 minutes ago)	Malicious activity detected on Honeypot.	Brute-Force Hacking Web App Attack
🇩🇪 maxpower	2026-06-28 21:42:08 (1 hour ago)	(wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 91.142.222.105 (ES/Spain/c100419.vservers.es): ... show more (wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 91.142.222.105 (ES/Spain/c100419.vservers.es): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 91.142.222.105 - - [28/Jun/2026:23:16:56 +0200] "GET /wp-json/wp/v2/users?offset=0&per_page=100&_fields=id,slug HTTP/2.0" 200 56 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" "-" host=rosamundpikeweb.com 91.142.222.105 - - [28/Jun/2026:23:28:45 +0200] "GET /wp-json/wp/v2/users?offset=0&per_page=100&_fields=id,slug HTTP/2.0" 200 32 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" "-" host=matteodinicola.it 91.142.222.105 - - [28/Jun/2026:23:42:05 +0200] "GET /wp-json/wp/v2/users/7?_fields=id,slug,roles HTTP/2.0" 404 81 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" "-" host=matteodinicola.it show less	Port Scan
🇩🇪 4server	2026-06-28 21:36:53 (1 hour ago)	[SunJun2823:36:49.7333042026][security2:error][pid2141716:tid2141838][client91.142.222.105:0]ModSecu ... show more [SunJun2823:36:49.7333042026][security2:error][pid2141716:tid2141838][client91.142.222.105:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"feldenkraistherapy.ch\"][uri\"/wordpress/xmlrpc.php\"][unique_id\"akGT8fbc-FMsfwFRLQEKOwAAANQ\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 dwmp	2026-06-28 21:25:59 (1 hour ago)	[28/Jun/2026:20:26:57.345635 +0200] akFncbgifdL2KZEvijS1BQAAAAA 91.142.222.105 60276 38.242.227.117 ... show more [28/Jun/2026:20:26:57.345635 +0200] akFncbgifdL2KZEvijS1BQAAAAA 91.142.222.105 60276 38.242.227.117 7081 [28/Jun/2026:21:04:48.789221 +0200] akFwUG-eRlL5syqD799X@AAAAJI 91.142.222.105 33930 38.242.227.117 7081 [28/Jun/2026:23:25:58.860529 +0200] akGRZm-eRlL5syqD799eQAAAAJI 91.142.222.105 39666 38.242.227.117 7081 ... show less	Brute-Force SSH
🇮🇪 Jim Keir	2026-06-28 21:22:30 (1 hour ago)	2026-06-28 21:22:29 91.142.222.105 File scanning, blocking 91.142.222.105 for 5 minutes	Web App Attack
🇬🇧 Mendip_Defender	2026-06-28 21:20:39 (1 hour ago)	[28/Jun/2026:21:32:36.554816 +0100] akGE5G5KIt8kx6m3nD_gZQAAAEg 91.142.222.105 51608 188.246.206.60 ... show more [28/Jun/2026:21:32:36.554816 +0100] akGE5G5KIt8kx6m3nD_gZQAAAEg 91.142.222.105 51608 188.246.206.60 7081 [28/Jun/2026:22:20:32.860108 +0100] akGQIJjcenZg-Li5Y8Kl3gAAABc 91.142.222.105 56550 188.246.206.60 7081 ... show less	Brute-Force
🇺🇸 xxkodedxx	2026-06-28 21:17:45 (1 hour ago)	[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 1× edge-block in 10 ... show more [Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 1× edge-block in 10m window. Origin: ES / AS50926 AXARNET COMUNICACIONES, S.L. Active: 21:16:54 UTC Volume: 1 HTTP req Probed: /?author=4&feed=rss2 Status mix: 444×1 UA: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" Auto-banned 30d. zorvexus-banner. show less	Bad Web Bot Web App Attack
🇺🇸 Penny Packer	2026-06-28 21:13:26 (1 hour ago)	Fail2Ban apache-tripwires	Web App Attack
🇩🇪 big-cloud.nl	2026-06-28 21:11:01 (1 hour ago)	Try to access /gebruikte-zadels//wordpress/xmlrpc.php	Web App Attack
🇩🇪 maxpower	2026-06-28 21:05:42 (1 hour ago)	(wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 91.142.222.105 (ES/Spain/c100419.vservers.es): ... show more (wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 91.142.222.105 (ES/Spain/c100419.vservers.es): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 91.142.222.105 - - [28/Jun/2026:23:02:08 +0200] "GET /wp-json/wp/v2/users/2?_fields=id,slug,roles HTTP/2.0" 404 81 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" "-" host=mail.circolotennispescara.it 91.142.222.105 - - [28/Jun/2026:23:04:34 +0200] "GET /wp-json/wp/v2/users?context=edit&per_page=100&_fields=slug HTTP/2.0" 401 113 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" "-" host=mail.circolotennispescara.it 91.142.222.105 - - [28/Jun/2026:23:05:32 +0200] "GET /wp-json/wp/v2/users/9?_fields=id,slug,roles HTTP/2.0" 404 81 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" "-" host=neiataviaggi.it show less	Port Scan
🇫🇮 6kilowatti	2026-06-28 20:50:00 (1 hour ago)	91.142.222.105 - - [28/Jun/2026:23:49:59 +0300] "GET /wp-includes/xmlrpc.php?password-protected=logi ... show more 91.142.222.105 - - [28/Jun/2026:23:49:59 +0300] "GET /wp-includes/xmlrpc.php?password-protected=login&redirect_to=https%3A%2F%2Flvi-viitala.6kw.fi%2Fwp-includes%2Fxmlrpc.php HTTP/1.1" 404 1578 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36, Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Web App Attack
🇮🇪 Coolnagour	2026-06-28 20:40:09 (2 hours ago)	http-probing: /wp/xmlrpc.php	Web App Attack
🇷🇴 iulianh	2026-06-28 20:28:58 (2 hours ago)	80,443	Brute-Force SSH

Showing 1 to 15 of 456 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 82.38.162.33

🇨🇳 180.167.128.202

🇲🇦 105.159.205.204

🇴🇲 89.147.177.13

🇸🇬 74.114.31.155

🇳🇱 45.148.10.141

🇰🇷 211.194.173.186

🇺🇸 205.210.31.44

🇸🇪 188.255.247.159

🇦🇷 172.69.35.170

🇺🇸 147.185.132.169

🇨🇳 42.226.11.149

🇺🇸 2607:f8b0:400e:c0c::12d

🇩🇪 217.160.35.160

🇩🇪 217.144.132.157

🇵🇱 217.28.144.61

🇦🇹 213.208.129.186

🇩🇪 213.202.230.81

🇫🇷 213.199.63.247

🇧🇬 213.91.183.107