JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.242.228.218

91.242.228.218 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	BlueVPS OU
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62005
Domain Name	bluevps.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.242.228.218

Whois 91.242.228.218

IP Abuse Reports for 91.242.228.218:

This IP address has been reported a total of 16 times from 10 distinct sources. 91.242.228.218 was first reported on February 17th 2024, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 island-freaks.com	2025-10-26 22:17:17 (7 months ago)	Attack Type: WordPress Exploit Bot attempt on /xmlrpc.php \| DNS 91.242.228.218 \| Agent: Mozilla/5.0 ... show more Attack Type: WordPress Exploit Bot attempt on /xmlrpc.php \| DNS 91.242.228.218 \| Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/536.39 (KHTML, like Gecko111) Chrome/92.4 Safari/533.54 show less	Port Scan Hacking Bad Web Bot Exploited Host Web App Attack
🇨🇭 backslash	2025-07-04 04:00:27 (11 months ago)		Bad Web Bot
🇦🇺 MAGIC	2025-06-27 09:09:00 (11 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-06-20 23:02:58 (11 months ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 20 19:02:52.129028 2025] [security2:error] [pid 2955733:tid 2955733] [client 91.242.228.218:21423] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Himolla-ZeroStress-Recliner/Images/Sinatra/Thumbs.db"] [unique_id "aFXonKyKeTEhyyYdakhiSQAAAAY"], referer: https://vitalitywebb.com/backstore/Himolla-ZeroStress-Recliner/Images/Sinatra/ show less	Brute-Force Bad Web Bot Web App Attack
🇲🇽 licjperezl	2025-06-10 19:13:30 (1 year ago)	Ataque de diccionario o DDoS en nuestros servicios en linea	Brute-Force
🇨🇦 wil.com	2025-06-09 02:04:46 (1 year ago)	GlobalProtect login attempts with user no-reply.	VPN IP Brute-Force
Anonymous	2025-05-30 02:13:47 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_MODSEC	Brute-Force SSH
Anonymous	2025-05-30 00:16:28 (1 year ago)	Ports: *; Direction: 0; Trigger: CT_LIMIT	Brute-Force SSH
🇷🇺 sms.ru	2024-09-29 09:55:07 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack
🇺🇸 TPI-Abuse	2024-08-07 16:52:25 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 07 12:52:19.036667 2024] [security2:error] [pid 29515:tid 29515] [client 91.242.228.218:24601] [client 91.242.228.218] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Bourne/Thumbs.db"] [unique_id "ZrOmQxm83pEqRsN5o8HTgAAAAA8"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Bourne/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-06-01 06:42:36 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇨🇭 backslash	2024-05-22 18:40:07 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2024-04-19 08:05:46 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 19 04:05:40.881188 2024] [security2:error] [pid 19697] [client 91.242.228.218:27751] [client 91.242.228.218] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|portalvasco.com\|F\|2"] [data ".beltronics.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "portalvasco.com"] [uri "/blog/2012/10/garantias-de-equipos-de-eeuu/www.beltronics.com"] [unique_id "ZiIl1MJoy_BOnx8_zxLSJAAAAA4"], referer: https://portalvasco.com/blog/2012/10/garantias-de-equipos-de-eeuu/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2024-04-12 10:40:23 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇮🇩 penjaga BRIN	2024-03-02 12:03:16 (2 years ago)	SQL injection attempt.-111	Brute-Force

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇹 188.251.37.2

🇮🇷 37.32.22.104

🇺🇸 216.25.89.93

🇸🇦 169.148.22.41

🇺🇸 147.185.132.191

🇺🇸 65.49.1.113

🇯🇴 37.123.65.39

🇺🇸 20.65.193.191

🇹🇼 198.235.24.56

🇻🇪 190.89.30.194

🇸🇬 152.42.170.139

🇰🇷 121.161.242.168

🇳🇱 94.102.49.193

🇳🇱 85.11.167.7

🇱🇹 77.90.185.5

🇲🇽 187.141.71.166

🇩🇪 167.94.146.67

🇺🇸 150.107.38.85

🇺🇸 141.11.88.12

🇺🇸 65.49.1.146