JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 191.96.106.195

191.96.106.195 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 0%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 191.96.106.195

Whois 191.96.106.195

IP Abuse Reports for 191.96.106.195:

This IP address has been reported a total of 27 times from 18 distinct sources. 191.96.106.195 was first reported on October 27th 2023, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-03-28 11:01:02 (2 months ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 EGP Abuse Dept	2026-03-27 01:45:04 (2 months ago)	Scraping webshop URLs (www.badgehouder.nl), likely botnet drone	Bad Web Bot Exploited Host
Anonymous	2025-10-18 04:30:24 (8 months ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇮🇹 VHosting	2025-10-18 02:45:09 (8 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇺🇸 bigscoots.com	2025-10-17 19:58:09 (8 months ago)	(smtpauth) Failed SMTP AUTH login from 191.96.106.195 (US/United States/-): 5 in the last 3600 secs; ... show more (smtpauth) Failed SMTP AUTH login from 191.96.106.195 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2025-10-17 15:57:44 dovecot_login authenticator failed for (ADMIN) [191.96.106.195]:45464: 535 Incorrect authentication data ([email protected]) 2025-10-17 15:57:54 dovecot_login authenticator failed for (ADMIN) [191.96.106.195]:45472: 535 Incorrect authentication data ([email protected]) 2025-10-17 15:57:56 dovecot_login authenticator failed for (ADMIN) [191.96.106.195]:45498: 535 Incorrect authentication data ([email protected]) 2025-10-17 15:57:56 dovecot_login authenticator failed for (ADMIN) [191.96.106.195]:45488: 535 Incorrect authentication data ([email protected]) 2025-10-17 15:58:05 dovecot_login authenticator failed for (ADMIN) [191.96.106.195]:36854: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
Anonymous	2025-08-29 15:25:29 (9 months ago)	191.96.106.195 - - [29/Aug/2025:17:25:28 +0200] "GET /blog/wp-login.php HTTP/1.1" 403 3884 "-" "Mozi ... show more 191.96.106.195 - - [29/Aug/2025:17:25:28 +0200] "GET /blog/wp-login.php HTTP/1.1" 403 3884 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64)" ... show less	Web App Attack
Anonymous	2025-08-13 01:50:12 (10 months ago)	WordPress Brute Force	Brute-Force
🇺🇸 mnsf	2025-08-02 10:05:36 (10 months ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇧🇷 SvrAdmin	2025-03-26 18:38:03 (1 year ago)	[101] (smtpauth) Failed SMTP AUTH login from 191.96.106.195 (US/United States/-): 5 in the last 3600 ... show more [101] (smtpauth) Failed SMTP AUTH login from 191.96.106.195 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2025-03-26 15:35:27 dovecot_login authenticator failed for (ADMIN) [191.96.106.195]:58252: 535 Incorrect authentication data ([email protected]) 2025-03-26 15:35:59 dovecot_login authenticator failed for (ADMIN) [191.96.106.195]:44764: 535 Incorrect authentication data ([email protected]) 2025-03-26 15:37:33 dovecot_login authenticator failed for (ADMIN) [191.96.106.195]:58116: 535 Incorrect authentication data ([email protected]) 2025-03-26 15:38:00 dovecot_login authenticator failed for (ADMIN) [191.96.106.195]:60500: 535 Incorrect authentication data ([email protected]) 2025-03-26 15:38:00 dovecot_login authenticator failed for (ADMIN) [191.96.106.195]:60496: 535 Incorrect authentication data ([email protected]) show less	Port Scan Hacking Brute-Force Exploited Host
🇲🇾 syokadmin	2025-03-08 15:43:35 (1 year ago)	191.96.106.195 (US/United States/-), 2 distributed smtpauth attacks on account [[email protected]] i ... show more 191.96.106.195 (US/United States/-), 2 distributed smtpauth attacks on account [[email protected]] in the last 3600 secs show less	Brute-Force
🇪🇸 librebit	2025-02-20 06:34:49 (1 year ago)	Postfix SASL authentication failure	Brute-Force
🇲🇾 syokadmin	2025-02-20 00:33:47 (1 year ago)	191.96.106.195 (US/United States/-), 2 distributed smtpauth attacks on account [[email protected] ... show more 191.96.106.195 (US/United States/-), 2 distributed smtpauth attacks on account [[email protected]] in the last 3600 secs show less	Brute-Force
🇭🇺 Lacika555	2024-12-19 19:51:23 (1 year ago)	RdpGuard detected brute-force attempt on SMTP	Brute-Force
🇩🇪 nyuuzyou	2024-12-11 08:30:11 (1 year ago)	Intensive scraping: /web?s=%22R%E9pondre%20%E0%20cet%20article%22&country=ve-ve&scraper=brave. User- ... show more Intensive scraping: /web?s=%22R%E9pondre%20%E0%20cet%20article%22&country=ve-ve&scraper=brave. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51. show less	Bad Web Bot
🇺🇸 TPI-Abuse	2024-11-19 10:45:08 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.106.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 191.96.106.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 19 05:44:59.898558 2024] [security2:error] [pid 21524:tid 21526] [client 191.96.106.195:63576] [client 191.96.106.195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.124"] [uri "/.env"] [unique_id "ZzxsK_NzdBk-444Ioswn6AAAAMA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 122.166.49.42

🇷🇴 80.94.92.165

🇺🇸 35.253.141.111

🇿🇦 196.210.183.179

🇺🇸 193.3.53.8

🇬🇧 192.250.239.241

🇦🇷 190.183.247.15

🇳🇱 159.223.213.49

🇨🇳 101.126.145.214

🇳🇱 89.21.67.144

🇫🇷 85.217.140.7

🇺🇸 20.64.105.183

🇺🇸 13.89.125.253

🇬🇧 193.163.125.149

🇨🇱 186.11.16.19

🇺🇸 135.237.122.43

🇹🇼 128.14.237.120

🇺🇸 92.71.43.26

🇧🇷 45.167.55.26

🇳🇱 45.156.87.147