JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 191.96.106.216

191.96.106.216 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 0%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 191.96.106.216

Whois 191.96.106.216

IP Abuse Reports for 191.96.106.216:

This IP address has been reported a total of 31 times from 17 distinct sources. 191.96.106.216 was first reported on December 29th 2022, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-04-01 02:13:11 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 191.96.106.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 191.96.106.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 22:13:05.410353 2026] [security2:error] [pid 32462:tid 32462] [client 191.96.106.216:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.upskirtcrazy.com"] [uri "/.env"] [unique_id "acx_MQ4zkw_6McVz95E1cAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 teamsecure	2026-03-31 22:01:03 (2 months ago)	Banned for trying to access env	Web App Attack
🇺🇸 Epimetheus	2026-03-31 19:34:27 (2 months ago)	Unauthorized access attempts: [GET] /.env UA: python-requests/2.26.0	Web App Attack
🇫🇷 lindi	2026-03-31 19:13:55 (2 months ago)	trying to access .env file ...	Hacking Web App Attack
🇩🇪 conseilgouz	2026-03-31 18:45:31 (2 months ago)	vee-17 : Block hidden directories=>/.env(/)	Hacking
🇺🇸 interbiznw.com	2026-03-31 17:37:56 (2 months ago)	malicious-web-requests-vulnerability-scanning-web1	Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 16:22:08 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 191.96.106.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 191.96.106.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 12:22:01.619846 2026] [security2:error] [pid 10390:tid 10390] [client 191.96.106.216:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kryptonome.com"] [uri "/.env"] [unique_id "acv0qeqXDgWtlsXMunPFvgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-03-31 15:47:23 (2 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 15:38:46 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 191.96.106.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 191.96.106.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 11:38:38.588875 2026] [security2:error] [pid 26545:tid 26545] [client 191.96.106.216:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sportsbookcommission.com"] [uri "/.env"] [unique_id "acvqflYOsc2ju9Mkb8iE3gAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Baking333	2026-03-31 15:29:11 (2 months ago)	[redacted] 191.96.106.216 - - [31/Mar/2026:16:29:02 +0100] "GET /.env HTTP/2.0" 301 286 "-" "python- ... show more [redacted] 191.96.106.216 - - [31/Mar/2026:16:29:02 +0100] "GET /.env HTTP/2.0" 301 286 "-" "python-requests/2.26.0" [redacted] 191.96.106.216 - - [31/Mar/2026:16:29:03 +0100] "GET /fr/.env/ HTTP/2.0" 404 25572 "-" "python-requests/2.26.0" show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 14:50:17 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 191.96.106.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 191.96.106.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 10:50:11.636703 2026] [security2:error] [pid 24800:tid 24800] [client 191.96.106.216:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "southernbroadcast.com"] [uri "/.env"] [unique_id "acvfI3cn6Ck4oagErh4dGwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-03-31 14:17:22 (2 months ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇺🇸 myagent.site	2026-03-31 13:24:45 (2 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇨🇭 lufi	2026-03-31 13:20:47 (2 months ago)	2026-03-31T15:20:46+02:00 lufischer04 ids442 2026-03-31 15:20:46 191.96.106.216: blacklistedPath: /. ... show more 2026-03-31T15:20:46+02:00 lufischer04 ids442 2026-03-31 15:20:46 191.96.106.216: blacklistedPath: /.env ... show less	Web Spam Brute-Force Hacking Web App Attack
Anonymous	2026-03-31 12:35:02 (2 months ago)	suspicious request in access.log	Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.119

🇦🇲 176.32.193.16

🇺🇸 162.141.167.49

🇨🇳 111.41.101.228

🇳🇱 104.23.166.145

🇳🇱 45.148.10.157

🇺🇸 34.41.247.182

🇧🇷 20.226.106.38

🇨🇦 20.220.147.44

🇷🇺 5.79.172.113

🇫🇷 2001:41d0:33a:a00::400

🇺🇸 205.210.31.52

🇪🇹 196.188.93.169

🇨🇳 180.169.100.182

🇮🇱 103.95.119.103

🇩🇪 94.26.106.46

🇸🇬 91.123.14.4

🇺🇸 76.127.61.251

🇮🇳 52.140.76.154

🇺🇸 35.255.240.36