JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.242.228.175

91.242.228.175 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 0%: ?

ISP	BlueVPS OU
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62005
Domain Name	bluevps.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.242.228.175

Whois 91.242.228.175

IP Abuse Reports for 91.242.228.175:

This IP address has been reported a total of 23 times from 15 distinct sources. 91.242.228.175 was first reported on September 15th 2023, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-11-08 02:52:26 (7 months ago)	Forum/form spam	Web Spam
Anonymous	2025-09-05 21:13:33 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-08-29 23:44:36 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇦🇺 MAGIC	2025-06-21 02:10:30 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇬🇧 CrystalMaker	2025-06-14 21:49:41 (1 year ago)	Vulnerability scan - GET /shopdetail/1982061	Hacking
🇦🇺 MAGIC	2025-05-27 04:04:46 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇨🇭 backslash	2025-05-23 22:30:11 (1 year ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇪🇸 10dencehispahard SL	2025-05-22 05:32:44 (1 year ago)	WP probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-05-06 04:54:37 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.175 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 06 00:54:27.656091 2025] [security2:error] [pid 593966:tid 593966] [client 91.242.228.175:50641] [client 91.242.228.175] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Himolla-ZeroStress-Recliner/Images/Sinatra/Thumbs.db"] [unique_id "aBmWAyGEzTIM_ivt8t-b1gAAAAA"], referer: https://vitalitywebb.com/backstore/Himolla-ZeroStress-Recliner/Images/Sinatra/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-11-02 14:11:41 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.175 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 02 10:11:35.724909 2024] [security2:error] [pid 1236097:tid 1236097] [client 91.242.228.175:49101] [client 91.242.228.175] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Bristol II/Thumbs.db"] [unique_id "ZyYzF-pPgOLmC4x1Dp9_wwAAABE"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Bristol%20II/ show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 sms.ru	2024-09-24 14:50:07 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack
🇺🇸 TPI-Abuse	2024-09-24 09:52:05 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.175 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 24 05:51:56.179209 2024] [security2:error] [pid 4098255:tid 4098255] [client 91.242.228.175:41333] [client 91.242.228.175] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.accordionstars.com\|F\|2"] [data ".accordionfactory.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.accordionstars.com"] [uri "/www.accordionfactory.com"] [unique_id "ZvKLvGSCnmBhdECXc5ZB1QAAAAc"], referer: http://www.accordionstars.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Bryan Lemas	2024-09-11 00:17:32 (1 year ago)	"Attempts to brute force our VPN"	Brute-Force
🇨🇦 wil.com	2024-09-09 23:06:23 (1 year ago)	GlobalProtect login attempts with user fax.	VPN IP Brute-Force
🇧🇬 pa4080	2024-07-22 13:20:30 (1 year ago)	Detected by ModSecurity. Request URI: /wl.api.php?imgIWL=%2fimages%2f9%2f90%2fThinkServer_TD350_User ... show more Detected by ModSecurity. Request URI: /wl.api.php?imgIWL=%2fimages%2f9%2f90%2fThinkServer_TD350_User_Guide_and_Hardware_Maintenance_Manual.pdf%22+OR+%221%22%3d%221%22 show less	Hacking Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇹 217.26.178.46

🇳🇱 45.198.224.115

🇺🇸 44.193.179.33

🇺🇸 205.185.117.128

🇧🇪 198.235.24.201

🇰🇷 175.207.233.24

🇺🇸 173.239.211.55

🇺🇸 147.185.132.204

🇨🇳 117.50.70.169

🇺🇸 45.58.52.25

🇺🇸 44.100.36.208

🇺🇬 41.220.3.101

🇻🇳 27.79.43.110

🇺🇸 20.64.105.121

🇺🇸 2604:a880:4:1d0::4f0:a000

🇱🇹 81.30.98.144

🇨🇳 49.116.25.62

🇺🇸 44.229.10.185

🇺🇸 44.186.110.15

🇭🇰 8.217.192.50