JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.242.228.148

91.242.228.148 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 0%: ?

ISP	BlueVPS OU
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62005
Domain Name	bluevps.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.242.228.148

Whois 91.242.228.148

IP Abuse Reports for 91.242.228.148:

This IP address has been reported a total of 22 times from 15 distinct sources. 91.242.228.148 was first reported on January 19th 2022, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 hbrks	2025-10-23 20:22:51 (7 months ago)	1 attack(s) detected, such as these: {"event":"nginx_block","ip":"91.242.228.148","host":"marche-be. ... show more 1 attack(s) detected, such as these: {"event":"nginx_block","ip":"91.242.228.148","host":"marche-be.com","request":"GET /wp-login.php HTTP/1.1","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36","reason":"service:unknow","timestamp":"2025-10-23T20:22:51 00:00","logentry":"marche-be.com 91.242.228.148 - - [23/Oct/2025:20:22:51 0000] GET /wp-login.php HTTP/1.1 444 0 http://marche-be.com/wp-login.php Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 - matched:service:unknow"} * Report Details : https://p4u.xyz/V1HIE4EQUZY/1 IP Details *: https://p4u.xyz/V1HIE4EQUZY/2 show less	Web Spam Hacking Bad Web Bot
🇩🇪 iNetWorker	2025-09-09 03:51:06 (8 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2025-09-06 20:19:05 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 16:18:59.464386 2025] [security2:error] [pid 8007:tid 8007] [client 91.242.228.148:39219] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Steelcase/pics/Gesture Stool/Thumbs.db"] [unique_id "aLyXMwAscn-qdpybvW0EzAAAAAQ"], referer: https://vitalitywebb.com/backstore/Steelcase/pics/Gesture%20Stool/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-05-24 02:30:06 (1 year ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-03-05 10:21:53 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 05 05:21:49.536314 2025] [security2:error] [pid 69539:tid 69539] [client 91.242.228.148:60435] [client 91.242.228.148] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Churchill II Recliner/Art Burl 2/Thumbs.db"] [unique_id "Z8glvYiPvMsAvmLLYErTuAAAAAw"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Churchill%20II%20Recliner/Art%20Burl%202/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-12-21 13:15:05 (1 year ago)	Attempted brute force login to web vpn	Hacking Brute-Force
Anonymous	2024-12-20 12:02:13 (1 year ago)	Attempted brute force login to web vpn	Hacking Brute-Force
Anonymous	2024-12-16 19:03:00 (1 year ago)	Attempted brute force login to web vpn	Hacking Brute-Force
🇺🇸 TPI-Abuse	2024-12-01 07:49:25 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 01 02:49:18.358231 2024] [security2:error] [pid 3684974:tid 3684974] [client 91.242.228.148:54211] [client 91.242.228.148] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Capital Club II/Thumbs.db"] [unique_id "Z0wU_uc6Aq1Rd8nZAahduQAAAAA"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Capital%20Club%20II/ show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2024-11-30 01:06:37 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇨🇦 polycoda	2024-11-03 11:13:30 (1 year ago)	🔑 Probes for xmlrpc.php everywhere	Hacking Web App Attack
Anonymous	2024-10-22 12:26:13 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-10-01 09:25:08 (1 year ago)	Automatic report - Vulnerability scan /RDWeb/Pages/en-US/login.aspx	Web App Attack
🇨🇦 wil.com	2024-09-24 03:59:04 (1 year ago)	GlobalProtect login attempts with user owarren.	VPN IP Brute-Force
🇺🇸 ChamberofCommerce.com	2024-08-13 17:45:07 (1 year ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇿 176.124.88.29

🇺🇸 147.185.132.84

🇺🇸 136.112.4.116

🇨🇳 111.11.93.87

🇧🇬 93.94.141.115

🇱🇹 81.30.98.62

🇮🇳 64.227.173.165

🇳🇱 45.148.10.157

🇩🇪 213.209.159.158

🇧🇷 205.210.31.212

🇳🇱 195.178.110.188

🇭🇺 188.36.66.3

🇩🇪 167.94.145.17

🇨🇳 119.96.81.99

🇮🇳 103.177.253.225

🇩🇪 69.5.169.88

🇮🇳 60.254.42.217

🇬🇧 45.43.93.253

🇺🇸 38.105.232.33

🇨🇳 1.180.114.22