JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.217.249.42

91.217.249.42 was found in our database!

This IP was reported 261 times. Confidence of Abuse is 76%: ?

76%

ISP	VPN Consumer Frankfurt, Germany
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.217.249.42

Whois 91.217.249.42

IP Abuse Reports for 91.217.249.42:

This IP address has been reported a total of 261 times from 105 distinct sources. 91.217.249.42 was first reported on March 31st 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-06-15 08:47:25 (5 days ago)	91.217.249.42 - - [15/Jun/2026:11:47:24 +0300] "GET /wp-includes/SimplePie/index.php HTTP/1.1" 404 7 ... show more 91.217.249.42 - - [15/Jun/2026:11:47:24 +0300] "GET /wp-includes/SimplePie/index.php HTTP/1.1" 404 711 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-15 02:25:53 (5 days ago)	91.217.249.42 - - [15/Jun/2026:05:25:52 +0300] "GET /amax.php HTTP/1.1" 404 706 "-" "Mozilla/5.0 (Wi ... show more 91.217.249.42 - - [15/Jun/2026:05:25:52 +0300] "GET /amax.php HTTP/1.1" 404 706 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 91.217.249.42 - - [15/Jun/2026:05:25:52 +0300] "GET /wp-content/hello.php HTTP/1.1" 404 706 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" ... show less	Web App Attack
🇳🇱 Site.eu	2026-06-14 01:26:10 (1 week ago)	Excessive multi-domain requests	Brute-Force
🇫🇮 as211431.net	2026-06-14 01:08:23 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /bypass.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇮 inlink.ltd	2026-06-12 08:11:03 (1 week ago)	Known malicious PHP file or CMS probe	Web App Attack
🇬🇧 consul.to	2026-06-11 11:59:13 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-11 01:22:59 (1 week ago)	91.217.249.42 - - [11/Jun/2026:04:22:58 +0300] "GET /wp-includes/js/jquery/jquery.php HTTP/1.1" 404 ... show more 91.217.249.42 - - [11/Jun/2026:04:22:58 +0300] "GET /wp-includes/js/jquery/jquery.php HTTP/1.1" 404 712 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 91.217.249.42 - - [11/Jun/2026:04:22:59 +0300] "GET /wp-includes/block-supports/autoload_classmap.php HTTP/1.1" 404 712 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" ... show less	Web App Attack
🇩🇪 larse99	2026-06-10 21:26:41 (1 week ago)	Detected Scanning / Hacking activity	Port Scan Hacking
🇫🇷 Octopuce	2026-06-09 19:33:02 (1 week ago)	Aggressive web search of vulnerable pages: /content.php /wp-content/uploads/about.php /wp-admin/wp-l ... show more Aggressive web search of vulnerable pages: /content.php /wp-content/uploads/about.php /wp-admin/wp-login.php /wp-includes/rest-api/endpoints/in ... show less	Web App Attack
🇩🇪 McClay	2026-06-08 11:37:18 (1 week ago)	HTTP-404 spam:91.217.249.42 - - [08/Jun/2026:13:37:12 +0200] "POST /.env HTTP/1.1" 404 1051 "-" "Moz ... show more HTTP-404 spam:91.217.249.42 - - [08/Jun/2026:13:37:12 +0200] "POST /.env HTTP/1.1" 404 1051 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" 91.217.249.42 - - [08/Jun/2026:13:37:13 +0200] "GET /.env HTTP/1.1" 404 1050 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" 91.217.249.42 - - [08/Jun/2026:13:37:13 +0200] "GET /.env.prod HTTP/1.1" 404 1050 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" 91.217.249.42 - - [08/Jun/2026:13:37:13 +0200] "GET /.env.production HTTP/1.1" 404 1050 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" 91.217.249.42 - - [08/Jun/2026:13:37:13 +0200] "GET /redmine/.env HTTP/1.1" 404 1050 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Ch ... show less	Web App Attack
Anonymous	2026-06-08 11:02:34 (1 week ago)	91.217.249.42 - - [08/Jun/2026:13:02:34 +0200] "GET /.DS_Store HTTP/1.1" 301 169 "-" "python-request ... show more 91.217.249.42 - - [08/Jun/2026:13:02:34 +0200] "GET /.DS_Store HTTP/1.1" 301 169 "-" "python-requests/2.32.5" show less	Bad Web Bot
🇫🇮 mnazibo	2026-06-08 11:00:45 (1 week ago)	Date: Jun 08 13:51:36 2026 EAT \| Reported IP: 91.217.249.42 mod_security \| id: 920350 \| DE/usernamea ... show more Date: Jun 08 13:51:36 2026 EAT \| Reported IP: 91.217.249.42 mod_security \| id: 920350 \| DE/usernameab.my_domain/- \| Connections: 1 \| Blocked: Permanent Block: [LF_MODSEC] \| Logs: ; Host header is a numeric IP address; Host header is a numeric IP address show less	SQL Injection Brute-Force Bad Web Bot
🇬🇧 Apache	2026-06-03 17:16:38 (2 weeks ago)	(mod_security) mod_security (id:20000010) triggered by 91.217.249.42 (DE/Germany/-): 5 in the last 3 ... show more (mod_security) mod_security (id:20000010) triggered by 91.217.249.42 (DE/Germany/-): 5 in the last 300 secs (CF_ENABLE) show less	Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-03 15:52:53 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Site.eu	2026-06-03 02:18:25 (2 weeks ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH

Showing 1 to 15 of 261 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.221.36.42

🇰🇷 211.198.128.124

🇦🇺 203.57.126.113

🇩🇿 193.194.91.218

🇧🇷 168.195.142.167

🇺🇸 157.245.12.72

🇫🇮 147.185.133.185

🇧🇷 138.121.246.116

🇮🇳 122.183.48.214

🇨🇦 104.234.135.32

🇬🇧 35.203.210.138

🇷🇺 31.25.29.163

🇬🇧 2a06:4880:8000::a4

🇷🇺 213.180.203.91

🇩🇪 167.94.145.26

🇺🇸 147.185.132.243

🇫🇷 78.116.127.149

🇫🇷 51.254.113.225

🇺🇸 47.251.243.210

🇳🇱 45.148.10.152