JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.242.228.235

91.242.228.235 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 0%: ?

ISP	BlueVPS OU
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62005
Domain Name	bluevps.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.242.228.235

Whois 91.242.228.235

IP Abuse Reports for 91.242.228.235:

This IP address has been reported a total of 19 times from 12 distinct sources. 91.242.228.235 was first reported on December 12th 2022, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2025-10-22 01:07:17 (7 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-10-15 02:14:45 (8 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2025-09-11 00:43:20 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 91.242.228.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 91.242.228.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 10 20:43:13.831026 2025] [security2:error] [pid 9141:tid 9141] [client 91.242.228.235:46945] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|surrenderhouse.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "surrenderhouse.com"] [uri "/contact.html"] [unique_id "aMIbIZ0lc2S26dN8DrRe5gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 lp	2025-08-18 18:22:47 (9 months ago)	Unauthorized VPN login attempts: 3 attempts were recorded from 91.242.228.235 2025-08-18T19:53:08+02 ... show more Unauthorized VPN login attempts: 3 attempts were recorded from 91.242.228.235 2025-08-18T19:53:08+02:00 vpn Access-Reject 'cflores' station: 91.242.228.235 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-08-18T19:55:00+02:00 vpn Access-Reject 'pmartinez' station: 91.242.228.235 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-08-18T19:56:14+02:00 vpn Access-Reject 'klopez' station: 91.242.228.235 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-08-17 16:51:07 (9 months ago)	Unauthorized VPN login attempts: 3 attempts were recorded from 91.242.228.235 2025-08-17T18:12:19+02 ... show more Unauthorized VPN login attempts: 3 attempts were recorded from 91.242.228.235 2025-08-17T18:12:19+02:00 vpn Access-Reject 'ncambell' station: 91.242.228.235 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-08-17T18:12:38+02:00 vpn Access-Reject 'dwhite' station: 91.242.228.235 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-08-17T18:12:57+02:00 vpn Access-Reject 'krobinson' station: 91.242.228.235 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇭 backslash	2025-05-23 22:25:08 (1 year ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 91.242.228.235	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 91.242.228.235	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 91.242.228.235	DDoS Attack Brute-Force Web App Attack
🇨🇦 wil.com	2024-09-24 10:07:41 (1 year ago)	GlobalProtect login attempts with user opatel.	VPN IP Brute-Force
🇷🇺 sms.ru	2024-09-21 07:00:15 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack
🇫🇷 Sklurk	2024-07-07 12:38:25 (1 year ago)	Web App Attack	Web App Attack
🇦🇺 MAGIC	2024-06-27 06:08:33 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇻🇳 Xuan Can	2024-05-27 22:43:29 (2 years ago)	(mod_security) mod_security (id:6) triggered by 91.242.228.235 (US/United States/-): 1 in the last 3 ... show more (mod_security) mod_security (id:6) triggered by 91.242.228.235 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 28 05:43:20.420896 2024] [security2:error] [pid 5077:tid 47926650279680] [client 91.242.228.235:26579] [client 91.242.228.235] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-login.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "63"] [id "6"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/wp-login.php"] [unique_id "ZlUMiOXpR_wpsQyqz0HcggAAAEg"], referer: https://kb.pavietnam.vn/wp-login.php?action=register show less	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-05-24 01:09:45 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 91.242.228.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 91.242.228.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 23 21:09:35.594729 2024] [security2:error] [pid 8700] [client 91.242.228.235:15651] [client 91.242.228.235] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Longhorn II/Thumbs.db"] [unique_id "Zk_oz8EYF1j0vp_cQsl9NgAAABo"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Longhorn%20II/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 95.181.190.236

🇷🇺 95.165.84.70

🇱🇹 81.30.98.44

🇩🇪 43.228.157.10

🇻🇳 42.115.92.27

🇺🇸 3.88.9.47

🇹🇭 150.95.66.240

🇺🇸 68.235.46.165

🇺🇸 34.182.142.254

🇮🇪 3.250.26.240

🇬🇧 196.240.243.74

🇳🇱 195.178.110.26

🇳🇱 176.65.139.220

🇸🇬 129.226.200.18

🇭🇰 103.153.5.200

🇭🇰 38.76.161.183

🇺🇸 24.176.254.53

🇵🇹 171.22.253.183

🇺🇸 145.223.7.24

🇬🇭 102.223.92.101