JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.239.78.72

91.239.78.72 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 71%: ?

71%

ISP	SOLLUTIUM EU Sp z.o.o.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS6698
Hostname(s)	dedicated.vsys.host
Domain Name	sollutium.com
Country	🇺🇦 Ukraine
City	Kyiv, Kyiv City

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.239.78.72

Whois 91.239.78.72

IP Abuse Reports for 91.239.78.72:

This IP address has been reported a total of 37 times from 18 distinct sources. 91.239.78.72 was first reported on May 19th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇺 DZBOT	2026-05-22 09:15:02 (2 weeks ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇫🇮 inlink.ltd	2026-05-22 07:55:14 (2 weeks ago)	dot file probe	Web App Attack
Anonymous	2026-05-22 06:59:27 (2 weeks ago)	(PERMBLOCK) 91.239.78.72 (UA/Ukraine/dedicated.vsys.host) has had more than 4 temp blocks in the las ... show more (PERMBLOCK) 91.239.78.72 (UA/Ukraine/dedicated.vsys.host) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs: show less	Port Scan
🇩🇪 mygcode.de	2026-05-22 06:58:41 (2 weeks ago)	Scanning for Exploits	Bad Web Bot
🇬🇧 openstrike.co.uk	2026-05-22 05:13:06 (2 weeks ago)	23 attacks on VC URLs, env grabbing URLs: GET /.git/config HTTP/1.1 GET /.vercel/.env.production.loc ... show more 23 attacks on VC URLs, env grabbing URLs: GET /.git/config HTTP/1.1 GET /.vercel/.env.production.local HTTP/1.1 show less	Hacking
🇩🇪 ut-addicted.com	2026-05-22 04:14:08 (2 weeks ago)	\[Fri May 22 06:14:07.053113 2026\] \[:error\] \[pid 13580:tid 139785748293376\] \[client 91.239.78. ... show more \[Fri May 22 06:14:07.053113 2026\] \[:error\] \[pid 13580:tid 139785748293376\] \[client 91.239.78.72:58289\] \[client 91.239.78.72\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "www.crx.it"\] \[uri "/.env.local"\] \[unique_id "ag-YD59Vh99@967j4m5l@QAAAM8"\] show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 03:12:33 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 91.239.78.72 (dedicated.vsys.host): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 91.239.78.72 (dedicated.vsys.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 23:12:26.418078 2026] [security2:error] [pid 26149:tid 26149] [client 91.239.78.72:59043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.councilofthesun.org.theholographicseed.com"] [uri "/.env.production"] [unique_id "ag_JmurM4PbJ-1GUTgMGqQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Matthew Ping	2026-05-22 01:00:02 (2 weeks ago)	ModSecurity rule 949110 triggered on wp1. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇳🇱 homeshowdomain.nl	2026-05-21 22:00:51 (2 weeks ago)	Auto-ban: >3000 req/min op 2026-05-21	Web App Attack SSH Hacking
🇧🇷 dominioz	2026-05-21 20:41:52 (2 weeks ago)	2026-05-21 20:41:07 GET /.env - - 91.239.78.72 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+Ap ... show more 2026-05-21 20:41:07 GET /.env - - 91.239.78.72 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36 - 404 40977 2026-05-21 20:41:10 GET /.env.local - - 91.239.78.72 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36 - 404 40977 2026-05-21 20:41:12 GET /.env.production - - 91.239.78.72 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36 - 404 40977 2026-05-21 20:41:16 GET /.env.development - - 91.239.78.72 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36 - 404 40977 ... show less	Web App Attack
Anonymous	2026-05-21 20:06:38 (2 weeks ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=27	Hacking
🇺🇸 TPI-Abuse	2026-05-21 18:47:57 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 91.239.78.72 (dedicated.vsys.host): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 91.239.78.72 (dedicated.vsys.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 14:47:52.468647 2026] [security2:error] [pid 28461:tid 28461] [client 91.239.78.72:33867] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bizecommnet.bizecomm.com"] [uri "/.env"] [unique_id "ag9TWCw_qw5u-OehneoKRwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-21 17:25:25 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 91.239.78.72 (dedicated.vsys.host): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 91.239.78.72 (dedicated.vsys.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 13:25:17.910221 2026] [security2:error] [pid 10073:tid 10073] [client 91.239.78.72:55509] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.beetreelabs.garyrankin.com"] [uri "/.env"] [unique_id "ag8__YGil1M7bxrRhdoldQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-21 13:58:18 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 91.239.78.72 (dedicated.vsys.host): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 91.239.78.72 (dedicated.vsys.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 09:58:13.778840 2026] [security2:error] [pid 27868:tid 27868] [client 91.239.78.72:42521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.archivetest.jeremyscraig.com"] [uri "/.env"] [unique_id "ag8PdTiOVN11d8MjYrrfJgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-05-21 13:10:17 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.95.191.47

🇮🇳 210.212.136.3

🇳🇱 176.65.139.217

🇩🇪 172.71.148.91

🇺🇸 43.159.148.221

🇬🇧 35.203.211.243

🇷🇴 2.57.121.112

🇧🇬 79.124.40.170

🇪🇸 79.117.115.43

🇬🇧 62.60.130.182

🇺🇸 47.253.111.119

🇺🇸 20.120.115.157

🇸🇪 90.231.80.167

🇺🇸 64.31.25.250

🇸🇬 47.84.204.63

🇨🇳 39.162.150.168

🇳🇱 5.61.209.224

🇺🇸 207.241.238.152

🇺🇸 152.32.205.153

🇫🇷 89.92.234.112