JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.242.228.209

91.242.228.209 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	BlueVPS OU
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62005
Domain Name	bluevps.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.242.228.209

Whois 91.242.228.209

IP Abuse Reports for 91.242.228.209:

This IP address has been reported a total of 14 times from 7 distinct sources. 91.242.228.209 was first reported on May 26th 2023, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-10-23 14:19:19 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 91.242.228.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 91.242.228.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 23 10:19:11.926832 2025] [security2:error] [pid 17143:tid 17143] [client 91.242.228.209:46991] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aPo5XxOXADav7fkt5SZzyAAAAA8"], referer: https://jolankagroup.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-07-04 04:00:27 (11 months ago)		Bad Web Bot
🇺🇸 TPI-Abuse	2025-05-06 05:05:11 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 06 01:05:07.984418 2025] [security2:error] [pid 606581:tid 606581] [client 91.242.228.209:43721] [client 91.242.228.209] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Steelcase/pics/STLC-674791/Thumbs.db"] [unique_id "aBmYg2-nHDTTdQY1Mu-YEQAAABE"], referer: https://vitalitywebb.com/backstore/Steelcase/pics/STLC-674791/ show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2025-03-12 19:44:11 (1 year ago)	WP probing for vulnerabilities	Hacking Exploited Host
🇳🇱 Roderic	2024-11-05 21:26:04 (1 year ago)	(apache-bow-document) Failed apache-bow-scanners trigger with match [redacted] from 91.242.228.209 ( ... show more (apache-bow-document) Failed apache-bow-scanners trigger with match [redacted] from 91.242.228.209 (GB/United Kingdom/-) show less	Hacking
🇳🇱 Roderic	2024-07-11 08:21:58 (1 year ago)	(apache-bow-document) Failed apache-bow-scanners trigger with match [redacted] from 91.242.228.209 ( ... show more (apache-bow-document) Failed apache-bow-scanners trigger with match [redacted] from 91.242.228.209 (US/United States/-) show less	Hacking
🇺🇸 TPI-Abuse	2024-07-11 06:42:49 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 11 02:42:42.852020 2024] [security2:error] [pid 20457] [client 91.242.228.209:31367] [client 91.242.228.209] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.accordionstars.com\|F\|2"] [data ".accordionfactory.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.accordionstars.com"] [uri "/www.accordionfactory.com"] [unique_id "Zo9-4k-w1Sw5FHbtGsPCOwAAAAg"], referer: http://www.accordionstars.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-06-24 20:46:52 (1 year ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2024-05-24 01:33:35 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 23 21:33:30.334120 2024] [security2:error] [pid 27272] [client 91.242.228.209:9199] [client 91.242.228.209] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Affinity II/Thumbs.db"] [unique_id "Zk_uarvZFcIIrgU86z-2VgAAAAM"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Affinity%20II/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2024-05-13 11:30:14 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
Anonymous	2024-05-10 14:35:02 (2 years ago)	Failed password for invalid user NEC port 443 SSLPVN	VPN IP Brute-Force
🇨🇭 backslash	2024-04-12 03:00:22 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 cory rabalais	2023-05-26 16:18:46 (3 years ago)	credential stuffing and password spraying	Brute-Force
🇺🇸 cory rabalais	2023-05-26 16:18:46 (3 years ago)	credential stuffing and password spraying	Brute-Force

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 198.244.226.25

🇺🇸 192.249.118.61

🇫🇮 147.185.133.103

🇮🇳 103.180.213.153

🇬🇪 85.118.108.25

🇮🇹 45.143.182.238

🇺🇸 2602:fb54:1a00::10e

🇵🇭 216.247.33.21

🇫🇮 147.185.133.15

🇺🇸 147.185.132.41

🇺🇸 91.230.168.112

🇫🇷 90.107.26.157

🇧🇪 80.84.28.99

🇺🇸 65.49.1.98

🇺🇸 64.62.197.148

🇳🇱 45.148.10.152

🇳🇱 45.148.10.121

🇧🇪 34.62.58.121

🇷🇴 2.57.122.177

🇨🇦 209.50.178.223