JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.242.228.166

91.242.228.166 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 0%: ?

ISP	BlueVPS OU
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62005
Domain Name	bluevps.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.242.228.166

Whois 91.242.228.166

IP Abuse Reports for 91.242.228.166:

This IP address has been reported a total of 12 times from 7 distinct sources. 91.242.228.166 was first reported on March 13th 2024, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VHosting	2025-11-25 22:55:00 (6 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
Anonymous	2025-10-29 10:44:36 (7 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇨🇦 KIsmay	2025-10-28 16:28:27 (7 months ago)	Oct 28 12:28:01 www4 WPAudit[2924541]: 91.242.228.166 terratherma.com "Mozilla/5.0 (Windows NT 10.0; ... show more Oct 28 12:28:01 www4 WPAudit[2924541]: 91.242.228.166 terratherma.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36" sbd-admin:Grimmy FAIL Oct 28 12:28:07 www4 WPAudit[2924538]: 91.242.228.166 terratherma.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36" admin:Grimmy FAIL Oct 28 12:28:14 www4 WPAudit[2924541]: 91.242.228.166 terratherma.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36" scott:Grimmy FAIL Oct 28 12:28:20 www4 WPAudit[2924538]: 91.242.228.166 terratherma.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36" [email protected]:Grimmy FAIL Oct 28 12:28:26 www4 WPAudit[2924541]: 91.242.228.166 terratherma.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chro ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-09-06 20:02:03 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 16:01:56.384065 2025] [security2:error] [pid 21194:tid 21194] [client 91.242.228.166:32701] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Addison/Thumbs.db"] [unique_id "aLyTNIAkQ7StaDwKF2LiiAAAAAg"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Addison/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-06-20 23:29:59 (11 months ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 20 19:29:55.692474 2025] [security2:error] [pid 2982436:tid 2982436] [client 91.242.228.166:32219] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Laurel/Thumbs.db"] [unique_id "aFXu8-U8656jhZHIjQdebwAAAAc"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Laurel/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-06-19 18:10:07 (11 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
Anonymous	2025-05-08 00:23:50 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-08-21 20:37:01 (1 year ago)	Malicious activity detected	Hacking Web App Attack
🇷🇸 Smel	2024-07-22 08:52:17 (1 year ago)	HTTP/80/443/8080 Unauthorized Probe, Hack -	Hacking Web App Attack
🇨🇭 backslash	2024-05-14 08:45:10 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇨🇭 backslash	2024-04-12 00:30:15 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
Anonymous	2024-03-13 02:15:29 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇿 195.7.13.250

🇫🇷 185.255.126.4

🇺🇸 184.105.247.212

🇭🇰 165.154.225.20

🇩🇿 154.241.49.117

🇦🇴 105.168.82.255

🇮🇹 93.92.78.10

🇰🇿 85.193.107.63

🇻🇳 27.71.85.46

🇬🇧 193.163.125.210

🇰🇿 188.247.204.207

🇺🇿 188.113.254.227

🇷🇺 176.214.205.74

🇰🇿 176.64.30.120

🇺🇸 173.239.249.3

🇩🇪 167.94.145.31

🇮🇩 165.99.192.105

🇩🇿 154.255.65.42

🇬🇧 149.13.200.46

🇨🇳 114.222.252.120