JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 191.96.150.193

191.96.150.193 was found in our database!

This IP was reported 378 times. Confidence of Abuse is 0%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 191.96.150.193

Whois 191.96.150.193

IP Abuse Reports for 191.96.150.193:

This IP address has been reported a total of 378 times from 126 distinct sources. 191.96.150.193 was first reported on May 4th 2022, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-05-03 04:52:19 (1 month ago)	Blocked by UFW (TCP on 34862) Source port: 38851 TTL: 52 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 34862) Source port: 38851 TTL: 52 Packet length: 60 TOS: 0x08 This report (for 191.96.150.193) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 SpaceHost-Server	2026-03-12 02:17:33 (3 months ago)		Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2026-03-11 20:12:00 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇫🇷 SpaceHost-Server	2026-03-11 02:17:30 (3 months ago)		Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2026-03-10 20:11:59 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 octageeks.com	2026-03-10 04:10:37 (3 months ago)	Wordpress malicious attack:[octamissingdomain]	Web App Attack
🇩🇪 macrob	2026-03-10 03:20:18 (3 months ago)	2026/03/10 03:20:16 [error] 3581169#3581169: 64184782 access forbidden by rule, client: 191.96.150. ... show more 2026/03/10 03:20:16 [error] 3581169#3581169: 64184782 access forbidden by rule, client: 191.96.150.193, server: bonocom.org, request: "GET /wp-includes/ID3/license.txt HTTP/1.1", host: "bonocom.org" 2026/03/10 03:20:17 [error] 3581169#3581169: 64184806 access forbidden by rule, client: 191.96.150.193, server: bonocom.org, request: "GET /xmlrpc.php?rsd HTTP/1.1", host: "bonocom.org" 2026/03/10 03:20:17 [error] 3581169#3581169: 64184779 access forbidden by rule, client: 191.96.150.193, server: bonocom.org, request: "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1", host: "bonocom.org" ... show less	Web App Attack
🇳🇱 Site.eu	2026-03-10 03:07:20 (3 months ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇳🇱 Savvii	2026-03-10 02:59:27 (3 months ago)	10 attempts against mh-misc-ban on moon	Web App Attack
🇺🇸 TPI-Abuse	2026-03-10 02:56:00 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 191.96.150.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 191.96.150.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 22:55:54.101669 2026] [security2:error] [pid 6627:tid 6627] [client 191.96.150.193:49283] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.lesdaniels.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.lesdaniels.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aa-IOgwtrYVgjLQOgund4AAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-10 02:39:59 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 191.96.150.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 191.96.150.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 22:39:55.204580 2026] [security2:error] [pid 16120:tid 16142] [client 191.96.150.193:28199] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rockabyecotons.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rockabyecotons.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aa-Ee8L3XOnwXmMtIh1RYwAAAVQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Antinson	2026-03-10 02:15:17 (3 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇬🇧 consul.to	2026-03-10 01:29:17 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-03-10 01:21:58 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 191.96.150.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 191.96.150.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 21:21:52.950675 2026] [security2:error] [pid 8371:tid 8371] [client 191.96.150.193:12032] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|srsrestoration.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "srsrestoration.net"] [uri "/blog/wp-json/wp/v2/users/"] [unique_id "aa9yMBY3pdCbDat-p3nB8QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-10 00:46:52 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 191.96.150.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 191.96.150.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 20:46:47.725874 2026] [security2:error] [pid 24478:tid 24478] [client 191.96.150.193:55962] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ibermar.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ibermar.info"] [uri "/wp-json/wp/v2/users/"] [unique_id "aa9p9-QxZsUnMi2iNesGkQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 378 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.180.246.117

🇨🇴 181.129.41.162

🇳🇱 172.71.95.147

🇺🇸 162.159.119.2

🇮🇳 103.57.184.134

🇦🇷 45.176.89.175

🇨🇳 27.128.170.160

🇧🇷 20.226.32.175

🇺🇸 2607:ff10:c8:594::8

🇨🇳 218.106.33.54

🇨🇳 218.25.89.208

🇸🇬 213.111.158.148

🇺🇸 205.210.31.102

🇳🇱 176.65.139.253

🇫🇷 173.249.10.85

🇰🇪 105.27.148.94

🇫🇷 85.217.140.10

🇷🇴 80.94.92.171

🇳🇱 45.153.34.235

🇬🇧 35.203.210.31