JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 191.96.168.192

191.96.168.192 was found in our database!

This IP was reported 150 times. Confidence of Abuse is 0%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutils.io
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 191.96.168.192

Whois 191.96.168.192

IP Abuse Reports for 191.96.168.192:

This IP address has been reported a total of 150 times from 61 distinct sources. 191.96.168.192 was first reported on August 10th 2021, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 conseilgouz	2026-03-30 00:50:40 (2 months ago)	vew-(visforms) : try to access forms...	Hacking
🇩🇪 paissangroup	2026-03-29 23:21:43 (2 months ago)	Multiple WAF Violations	Web App Attack
🇦🇺 oncord	2026-03-29 22:20:23 (2 months ago)	Form spam	Web Spam
🇫🇷 UM3	2026-02-08 13:58:43 (4 months ago)	Exim Auth Failed	Brute-Force
🇩🇪 grassau.com	2026-02-08 08:33:39 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 191.96.168.192 (NL/The Netherlands/-)	Brute-Force
🇩🇪 Freenex1911	2025-11-04 09:55:15 (7 months ago)	2025-11-04T09:55:15Z - RDP login from 191.96.168.192 failed multiple times.	Brute-Force
🇩🇪 DoSammy	2025-11-04 09:51:27 (7 months ago)	neu-RDP-Brute-Force	Brute-Force
🇯🇵 mkaraki	2025-08-12 09:57:33 (10 months ago)	1754992645 # Service_probe # SIGNATURE_SEND # source_ip:191.96.168.192 # dst_port:5004 ...	Port Scan
Anonymous	2025-08-04 15:26:04 (10 months ago)	Botnet - login attempts with leaked random user/pass lists	Hacking Brute-Force Web App Attack
🇧🇪 cmbplf	2025-07-27 18:24:22 (10 months ago)	474 requests with user_agent.original Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7 ... show more 474 requests with user_agent.original Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.6) Gecko/20050319 451 requests with user_agent.original Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 Edg/118.0.2088.76 GLS/97.10.7399.100 444 requests with user_agent.original Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/102.0.5143.178 Chrome/102.0.5143.178 Safari/537.36 438 requests with user_agent.original Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021208 Debian/1.2.1-2 433 requests with user_agent.original Mozilla/5.0 (Linux; Android 13; SAMSUNG SM-T220) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/23.0 Chrome/115.0.0.0 Mobile Safari/537.36 432 requests with user_agent.original Mozilla/5.0 (X11; Linux x86_64; SMARTEMB Build/3.12.9076) AppleWebKit/537.36 (KHTML, like Gecko) Chromium/103.0.5060.129 Chrome/103.0.5060.129 Safari/537.36 428 requests with user_agent.original M show less	Brute-Force Bad Web Bot
🇩🇪 ecm4u	2025-02-06 00:00:16 (1 year ago)	mail auth brute force	Brute-Force
🇨🇿 lp	2025-02-05 10:21:39 (1 year ago)	Email account brute force: 1 attempts were recorded from 191.96.168.192 2025-02-05T09:47:20+01:00 wa ... show more Email account brute force: 1 attempts were recorded from 191.96.168.192 2025-02-05T09:47:20+01:00 warning: unknown[191.96.168.192]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
Anonymous	2025-02-05 08:50:11 (1 year ago)	BruteForce IMAP/POP3	Brute-Force
🇳🇱 Linuxmalwarehuntingnl	2024-07-03 08:57:47 (1 year ago)	Unauthorized connection attempt	Brute-Force
🇺🇸 TPI-Abuse	2024-06-26 10:53:14 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.168.192 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 191.96.168.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 26 06:53:10.056566 2024] [security2:error] [pid 8763] [client 191.96.168.192:64778] [client 191.96.168.192] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mqyr.com"] [uri "/wp-config.php"] [unique_id "ZnvzFntHjNTd-iSRjaBNNAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 150 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 217.216.59.228

🇫🇮 178.20.210.208

🇬🇧 35.203.210.111

🇺🇸 35.149.211.157

🇯🇵 203.25.124.156

🇳🇱 185.242.226.90

🇺🇸 174.60.178.177

🇸🇪 157.22.103.75

🇨🇳 116.179.32.67

🇺🇸 108.51.63.143

🇳🇱 91.92.40.11

🇬🇧 81.19.219.237

🇸🇬 47.129.195.141

🇧🇷 45.187.108.43

🇨🇳 39.96.198.211

🇨🇦 24.222.155.157

🇺🇸 20.42.115.228

🇺🇸 13.89.125.254

🇺🇸 209.50.171.148

🇦🇷 201.234.106.215