JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.239.78.152

91.239.78.152 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 63%: ?

63%

ISP	SOLLUTIUM EU Sp z.o.o.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS6698
Hostname(s)	dedicated.vsys.host
Domain Name	sollutium.com
Country	🇺🇦 Ukraine
City	Kyiv, Kyiv City

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.239.78.152

Whois 91.239.78.152

IP Abuse Reports for 91.239.78.152:

This IP address has been reported a total of 23 times from 16 distinct sources. 91.239.78.152 was first reported on May 19th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-22 22:02:30 (2 weeks ago)	Auto-ban: >3000 req/min op 2026-05-22	Web App Attack SSH Hacking
🇫🇮 inlink.ltd	2026-05-22 07:11:09 (2 weeks ago)	dot file probe	Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 05:44:15 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 91.239.78.152 (dedicated.vsys.host): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 91.239.78.152 (dedicated.vsys.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 01:44:07.132237 2026] [security2:error] [pid 9000:tid 9000] [client 91.239.78.152:41433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kountz.org"] [uri "/.env"] [unique_id "ag_tJ72xS_gaT0FIE-3hggAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-05-22 05:29:45 (2 weeks ago)	Try to access /.env	Web App Attack
🇬🇧 consul.to	2026-05-22 02:55:42 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 mr.joecat	2026-05-21 18:47:40 (2 weeks ago)	91.239.78.152 - - [21/May/2026:20:47:37 +0200] "GET /.env HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Window ... show more 91.239.78.152 - - [21/May/2026:20:47:37 +0200] "GET /.env HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 91.239.78.152 - - [21/May/2026:20:47:38 +0200] "GET /.env.local HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 91.239.78.152 - - [21/May/2026:20:47:39 +0200] "GET /.env.production HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 91.239.78.152 - - [21/May/2026:20:47:39 +0200] "GET /.env.development HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 91.239.78.152 - - [21/May/2026:20:47:40 +0200] "GET /.env.staging HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-21 16:03:49 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 91.239.78.152 (dedicated.vsys.host): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 91.239.78.152 (dedicated.vsys.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 12:03:40.884390 2026] [security2:error] [pid 30546:tid 30546] [client 91.239.78.152:45819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jewers.org.crazycoin.net"] [uri "/.env"] [unique_id "ag8s3A7oabhhKPKYR3pn8AAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-05-21 14:02:22 (2 weeks ago)	http-sensitive-files - IP: 91.239.78.152 - time="2026-05-21T16:02:22+02:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 91.239.78.152 - time="2026-05-21T16:02:22+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 91.239.78.152 (UA/6698) : 4h ban on Ip 91.239.78.152" module=db show less	Web App Attack
🇩🇪 Dennis	2026-05-21 12:13:37 (2 weeks ago)	91.239.78.152 has been banned for triggering http-sensitive-files (5 events over 1.539722495s).	Brute-Force Web App Attack
🇫🇷 dynamix	2026-05-21 11:36:23 (2 weeks ago)	Multiple WAF Violations	Web App Attack
🇫🇷 LRob.fr	2026-05-21 11:15:03 (2 weeks ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-21 10:47:52 (2 weeks ago)	91.239.78.152 - - [21/May/2026:13:47:43 +0300] "GET /core/.env HTTP/1.1" 404 218 "-" "Mozilla/5.0 (W ... show more 91.239.78.152 - - [21/May/2026:13:47:43 +0300] "GET /core/.env HTTP/1.1" 404 218 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 91.239.78.152 - - [21/May/2026:13:47:46 +0300] "GET /api/.env HTTP/1.1" 404 2793 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Web App Attack
🇮🇹 ivanbiagi7	2026-05-21 10:45:30 (2 weeks ago)	(localhost/crowdsec) crowdsecurity/http-sensitive-files by ip 91.239.78.152 (UA/6698) : 4h ban on Ip ... show more (localhost/crowdsec) crowdsecurity/http-sensitive-files by ip 91.239.78.152 (UA/6698) : 4h ban on Ip 91.239.78.152 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-21 05:47:47 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 91.239.78.152 (dedicated.vsys.host): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 91.239.78.152 (dedicated.vsys.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 01:47:43.358596 2026] [security2:error] [pid 25865:tid 25865] [client 91.239.78.152:56465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "insearchofgod.org"] [uri "/.env"] [unique_id "ag6cf-vLbM4ZW1-KObWmDQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 Halux	2026-05-21 04:34:55 (2 weeks ago)	91.239.78.152 Probing protected path or service	Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.59

🇺🇸 184.105.139.69

🇺🇸 147.185.132.83

🇮🇩 119.47.90.19

🇧🇪 74.125.181.30

🇩🇪 46.225.223.141

🇳🇱 45.148.10.141

🇳🇱 45.142.193.161

🇺🇸 18.218.41.217

🇰🇷 211.185.23.242

🇧🇷 205.210.31.192

🇧🇷 148.227.91.123

🇮🇳 103.54.101.216

🇭🇰 103.43.191.43

🇹🇷 95.9.83.111

🇫🇷 82.25.175.105

🇺🇸 64.62.197.205

🇺🇸 64.62.197.197

🇸🇬 47.84.185.225

🇳🇱 45.148.10.147