JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 191.96.106.214

191.96.106.214 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 14%: ?

14%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 191.96.106.214

Whois 191.96.106.214

IP Abuse Reports for 191.96.106.214:

This IP address has been reported a total of 32 times from 18 distinct sources. 191.96.106.214 was first reported on December 14th 2023, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇼 taiwanfrp.me	2026-04-29 02:32:57 (1 month ago)	taiwanfrp NewUserConn auto-ban: reason=ip_over_target_scan_limit_60s1, conn10s=1, targets10m=1, targ ... show more taiwanfrp NewUserConn auto-ban: reason=ip_over_target_scan_limit_60s1, conn10s=1, targets10m=1, target=proxy:kiwicanary.MinecraftJadfwwefewfewfwva62o\|port:- show less	Port Scan Hacking
Anonymous	2026-04-29 01:59:41 (1 month ago)	Try to connect to Port_Scan_49_stealth	Port Scan
🇫🇮 6kilowatti	2026-04-29 00:03:23 (1 month ago)	2026-04-29T03:03:22.466002+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18 ... show more 2026-04-29T03:03:22.466002+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18:bd:57:7e:08:00 SRC=191.96.106.214 DST=5.61.88.83 LEN=40 TOS=0x00 PREC=0x00 TTL=234 ID=24640 PROTO=TCP SPT=20378 DPT=25428 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 Tamsweb	2026-04-28 23:02:01 (1 month ago)	Unauthorized connection attempt or scan from 191.96.106.214 on port 2816 ...	Port Scan
🇺🇸 octageeks.com	2026-04-16 04:08:37 (2 months ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇮🇹 VHosting	2026-02-18 23:14:39 (3 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇲🇾 syokadmin	2025-12-04 02:36:06 (6 months ago)	191.96.106.214 (US/United States/-), 2 distributed smtpauth attacks on account [[email protected] ... show more 191.96.106.214 (US/United States/-), 2 distributed smtpauth attacks on account [[email protected]] in the last 3600 secs show less	Brute-Force
🇺🇸 TPI-Abuse	2025-11-11 03:48:42 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 191.96.106.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 191.96.106.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 22:48:35.927137 2025] [security2:error] [pid 30698:tid 30698] [client 191.96.106.214:36169] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|metalgecko.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "metalgecko.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRKyE-ITQdlYD1Z-5XjZLAAAAAY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mawan	2025-11-11 03:04:49 (7 months ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇩🇪 kjaerulff	2025-11-10 23:56:21 (7 months ago)	Failed Wordpress login using xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2025-11-10 23:47:47 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 191.96.106.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 191.96.106.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 18:47:44.586146 2025] [security2:error] [pid 28289:tid 28289] [client 191.96.106.214:55441] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|nothotmail.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nothotmail.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aRJ5oPLZrHX6Gbh_3-qLhgAAAAw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-10 23:03:26 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 191.96.106.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 191.96.106.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 18:03:18.945081 2025] [security2:error] [pid 17805:tid 17805] [client 191.96.106.214:3864] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|benefit-design.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "benefit-design.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRJvNiHdQMHp4NW30MqJXwAAABY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2025-05-09 23:01:32 (1 year ago)	Form spam	Web Spam
🇦🇺 oncord	2025-05-07 11:48:58 (1 year ago)	Form spam	Web Spam
🇺🇸 oncord	2025-05-03 10:34:03 (1 year ago)	Form spam	Web Spam

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.3

🇩🇪 135.125.152.18

🇺🇸 45.33.40.18

🇺🇸 2602:fb54:1a00::10f

🇧🇷 186.236.15.154

🇧🇷 177.2.7.116

🇨🇳 175.30.48.172

🇧🇬 162.158.210.104

🇱🇹 158.173.79.28

🇭🇰 118.26.39.231

🇫🇷 91.231.89.60

🇬🇧 89.37.172.131

🇲🇾 47.254.196.98

🇳🇱 45.148.10.151

🇳🇱 45.148.10.121

🇧🇷 43.164.194.33

🇨🇳 43.139.185.150

🇺🇸 34.139.244.228

🇧🇪 198.235.24.234

🇱🇹 158.173.79.110