JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.239.78.73

91.239.78.73 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 49%: ?

49%

ISP	SOLLUTIUM EU Sp z.o.o.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS6698
Hostname(s)	dedicated.vsys.host
Domain Name	sollutium.com
Country	🇺🇦 Ukraine
City	Kyiv, Kyiv City

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.239.78.73

Whois 91.239.78.73

IP Abuse Reports for 91.239.78.73:

This IP address has been reported a total of 32 times from 11 distinct sources. 91.239.78.73 was first reported on May 19th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-22 21:59:30 (2 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-21. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-22 08:59:50 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 91.239.78.73 (dedicated.vsys.host): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 91.239.78.73 (dedicated.vsys.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 04:59:41.776507 2026] [security2:error] [pid 3763:tid 3763] [client 91.239.78.73:48477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dryrot.corepest.com"] [uri "/.env"] [unique_id "ahAa_Vx2yYQ3MgRH5MckTAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-22 06:47:51 (2 weeks ago)	(PERMBLOCK) 91.239.78.73 (UA/Ukraine/dedicated.vsys.host) has had more than 4 temp blocks in the las ... show more (PERMBLOCK) 91.239.78.73 (UA/Ukraine/dedicated.vsys.host) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs: show less	Port Scan
🇩🇪 Ba-Yu	2026-05-22 02:56:55 (2 weeks ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 big-cloud.nl	2026-05-22 01:23:53 (2 weeks ago)	Try to access /core/.env	Web App Attack
🇩🇪 SwinT	2026-05-22 01:00:09 (2 weeks ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 00:21:10 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 91.239.78.73 (dedicated.vsys.host): 1 in the la ... show more (mod_security) mod_security (id:210730) triggered by 91.239.78.73 (dedicated.vsys.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 20:21:05.767351 2026] [security2:error] [pid 21447:tid 21447] [client 91.239.78.73:46953] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.cier.usaangelinvestors.com\|F\|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.cier.usaangelinvestors.com"] [uri "/.env.backup"] [unique_id "ag-hcRWkp9CfMOxzNy_BXQAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-21 21:59:43 (2 weeks ago)	Auto-ban: >3000 req/min op 2026-05-21	Web App Attack SSH Hacking
🇺🇸 brightenfield	2026-05-21 20:29:04 (2 weeks ago)	Web App Attack	Web App Attack
🇧🇪 cmbplf	2026-05-21 16:39:28 (2 weeks ago)	612 requests with url.path *.env	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-21 14:38:43 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 91.239.78.73 (dedicated.vsys.host): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 91.239.78.73 (dedicated.vsys.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 10:38:39.436771 2026] [security2:error] [pid 558:tid 558] [client 91.239.78.73:33951] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ashwoodsecurity.com"] [uri "/.env"] [unique_id "ag8Y726MCQXiLsSV6E-ILgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-05-21 13:10:19 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-05-21 12:33:48 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 91.239.78.73 (dedicated.vsys.host): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 91.239.78.73 (dedicated.vsys.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 08:33:40.851818 2026] [security2:error] [pid 7181:tid 7181] [client 91.239.78.73:58825] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ancientleather.theflyingdutchman.us"] [uri "/.env"] [unique_id "ag77pDZjBsP_TCRo0E3bpAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-21 10:39:07 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 91.239.78.73 (dedicated.vsys.host): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 91.239.78.73 (dedicated.vsys.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 06:39:02.621494 2026] [security2:error] [pid 26451:tid 26477] [client 91.239.78.73:48085] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ajbruner.uoexpanse.com"] [uri "/.env"] [unique_id "ag7gxobXTpROkQtQyP3SCQAAAJc"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-05-21 10:15:28 (2 weeks ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 185.42.24.228

🇨🇳 111.61.87.70

🇮🇳 103.253.148.154

🇮🇷 84.47.209.39

🇺🇸 23.95.191.250

🇰🇷 223.130.140.86

🇩🇪 213.209.159.236

🇺🇸 172.174.72.225

🇫🇷 161.97.77.98

🇯🇵 124.99.133.45

🇺🇸 64.94.156.226

🇸🇬 47.128.54.63

🇬🇧 35.203.210.44

🇰🇷 222.232.176.7

🇵🇭 222.127.251.23

🇧🇪 207.175.2.26

🇺🇸 207.90.244.17

🇺🇸 172.185.24.228

🇪🇬 154.182.249.191

🇺🇸 143.198.238.87