JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 191.96.168.41

191.96.168.41 was found in our database!

This IP was reported 83 times. Confidence of Abuse is 0%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutils.io
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 191.96.168.41

Whois 191.96.168.41

IP Abuse Reports for 191.96.168.41:

This IP address has been reported a total of 83 times from 56 distinct sources. 191.96.168.41 was first reported on August 20th 2021, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 security.rdmc.fr	2025-11-04 11:57:27 (7 months ago)	Port Scan Attack proto:TCP src:32960 dst:5900	Port Scan
Anonymous	2025-08-04 15:18:22 (10 months ago)	Botnet - login attempts with leaked random user/pass lists	Hacking Brute-Force Web App Attack
🇳🇱 Study Bitcoin 🤗	2025-04-23 11:48:27 (1 year ago)	Port probe to tcp/995 (pop3over tls) [gda]	Port Scan
🇮🇩 Burayot	2025-02-03 21:06:27 (1 year ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 191.96.168.41 (NL/The Netherlands/-) ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 191.96.168.41 (NL/The Netherlands/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-02-03 19:56:13 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.168.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.168.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 03 14:56:05.869417 2025] [security2:error] [pid 3504162:tid 3504162] [client 191.96.168.41:59389] [client 191.96.168.41] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vangentholding.com"] [uri "/.git/HEAD"] [unique_id "Z6EfVVjY3xNRftJ8DwNcSAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-03 18:15:25 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.168.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.168.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 03 13:15:20.562057 2025] [security2:error] [pid 22562:tid 22562] [client 191.96.168.41:51769] [client 191.96.168.41] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anxo.org"] [uri "/.git/HEAD"] [unique_id "Z6EHuDXwKojdaqJc-zKvjAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 london2038.com	2025-02-03 16:53:09 (1 year ago)	Probing for exploits 191.96.168.41 - - [03/Feb/2025:17:51:16 +0100] "GET /.git/HEAD HTTP/1.1" 422 0 ... show more Probing for exploits 191.96.168.41 - - [03/Feb/2025:17:51:16 +0100] "GET /.git/HEAD HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36" 191.96.168.41 - - [03/Feb/2025:17:53:05 +0100] "GET /.git/HEAD HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36" show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-02-03 09:50:47 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.168.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.168.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 03 04:50:44.677663 2025] [security2:error] [pid 3616464:tid 3616464] [client 191.96.168.41:63982] [client 191.96.168.41] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tulsatvmemories.com"] [uri "/.git/HEAD"] [unique_id "Z6CRdPgpTPSD_08rmETLwgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-03 04:21:37 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.168.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.168.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 02 23:21:33.434376 2025] [security2:error] [pid 16323:tid 16323] [client 191.96.168.41:49596] [client 191.96.168.41] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arttechnology.net"] [uri "/.git/HEAD"] [unique_id "Z6BETc2Nf1BvkvyAvdLZuwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-03 03:35:21 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.168.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.168.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 02 22:35:16.739840 2025] [security2:error] [pid 14561:tid 14611] [client 191.96.168.41:58342] [client 191.96.168.41] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howardhallis.com"] [uri "/.git/HEAD"] [unique_id "Z6A5dMyo_qN8yAbOubGknwAAAFI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ATV	2025-02-03 03:13:35 (1 year ago)	Unsolicited connection attempts to ports 443, 80	Hacking
🇺🇸 TPI-Abuse	2025-02-03 02:06:57 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.168.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.168.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 02 21:06:47.954036 2025] [security2:error] [pid 27500:tid 27500] [client 191.96.168.41:58878] [client 191.96.168.41] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "greenmountainfeeds.com"] [uri "/.git/HEAD"] [unique_id "Z6Akt9z3ENWZGTBJWZ9lQQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-03 01:12:42 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.168.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.168.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 02 20:12:38.911318 2025] [security2:error] [pid 4243:tid 4243] [client 191.96.168.41:55233] [client 191.96.168.41] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "laecovillage.org"] [uri "/.git/HEAD"] [unique_id "Z6AYBtf-OB5ULdVVoT_fSQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-01-28 00:32:05 (1 year ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/191.96.168.41 202 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/191.96.168.41 2025-01-27 02:58:13 //193.242.151.144:1723 2025-01-27 02:56:31 //193.242.151.131:8080 2025-01-27 02:54:01 //45.130.189.54:6881 2025-01-27 02:57:36 //193.242.151.219:80 2025-01-27 02:58:02 //193.242.149.21:1723 show less	Web App Attack
🇺🇸 threatx	2025-01-08 20:14:46 (1 year ago)	Common blacklisted IPs across tenants	DDoS Attack Bad Web Bot Web App Attack

Showing 1 to 15 of 83 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.241

🇺🇸 34.45.215.157

🇵🇱 194.180.49.70

🇮🇳 122.166.49.42

🇷🇺 37.230.158.57

🇨🇳 221.12.37.6

🇭🇰 150.5.154.160

🇹🇼 111.248.134.130

🇱🇹 81.30.98.44

🇩🇪 34.1.162.1

🇩🇪 185.242.3.226

🇻🇳 116.110.218.160

🇺🇸 66.175.220.105

🇪🇹 196.189.124.218

🇵🇱 194.180.49.220

🇪🇬 41.196.0.221

🇬🇧 193.163.125.249

🇰🇷 119.203.251.187

🇺🇸 103.250.83.247

🇳🇱 91.92.40.4