JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 191.96.168.52

191.96.168.52 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 0%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutils.io
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 191.96.168.52

Whois 191.96.168.52

IP Abuse Reports for 191.96.168.52:

This IP address has been reported a total of 36 times from 26 distinct sources. 191.96.168.52 was first reported on October 22nd 2021, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 Doruk	2025-05-14 10:10:01 (1 year ago)	Unauthorized connection attempt	Brute-Force
🇫🇷 ecodehost.com	2025-03-08 14:10:02 (1 year ago)	Domain : ecodehost.com Rule : config 2025-03-08 13:53:24 10.100.1.20 GET /.git/HEAD - 80 - 191.96.16 ... show more Domain : ecodehost.com Rule : config 2025-03-08 13:53:24 10.100.1.20 GET /.git/HEAD - 80 - 191.96.168.52 HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 - ecodehost.com 404 8 0 1374 302 76 - - show less	Hacking SQL Injection
🇺🇸 TPI-Abuse	2025-03-08 14:07:32 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.168.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.168.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 08 09:07:24.945433 2025] [security2:error] [pid 1822237:tid 1822237] [client 191.96.168.52:60418] [client 191.96.168.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "summithost.com"] [uri "/.git/HEAD"] [unique_id "Z8xPHOWT3IJF6LP0DxE5YgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ecodehost.com	2025-03-08 13:54:02 (1 year ago)	Domain : ecodehost.com Rule : config 2025-03-08 13:53:21 10.100.1.20 GET /.git/HEAD - 80 - 191.96.16 ... show more Domain : ecodehost.com Rule : config 2025-03-08 13:53:21 10.100.1.20 GET /.git/HEAD - 80 - 191.96.168.52 HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 - ecodehost.com 404 8 0 1374 326 3306 - - show less	Hacking SQL Injection
🇺🇸 TPI-Abuse	2025-03-08 13:25:39 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.168.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.168.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 08 08:25:34.153509 2025] [security2:error] [pid 3213:tid 3213] [client 191.96.168.52:63269] [client 191.96.168.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ken-hensley.com"] [uri "/.git/HEAD"] [unique_id "Z8xFTvDnRKlwNoQI1KJ_OAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 vestibtech	2025-03-08 11:16:23 (1 year ago)	191.96.168.52 - - [08/Mar/2025:04:16:22 -0700] "GET /.git/HEAD HTTP/1.1" 301 493 "-" "Mozilla/5.0 (W ... show more 191.96.168.52 - - [08/Mar/2025:04:16:22 -0700] "GET /.git/HEAD HTTP/1.1" 301 493 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36" ... show less	Web App Attack
🇦🇺 MAGIC	2025-03-08 11:01:10 (1 year ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇷 Hydra-Shield.fr	2025-03-08 09:34:14 (1 year ago)	Directory Traversal on: /.git/HEAD	Web App Attack
🇺🇸 TPI-Abuse	2025-03-08 09:23:13 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.168.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.168.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 08 04:23:06.525766 2025] [security2:error] [pid 1239686:tid 1239686] [client 191.96.168.52:56176] [client 191.96.168.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tulsatvmemories.com"] [uri "/.git/HEAD"] [unique_id "Z8wMeh2VHLeiroAefI5fgAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 quicksand	2025-03-08 08:42:25 (1 year ago)	Malicious URI path [GET /.git/HEAD] [Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (K ... show more Malicious URI path [GET /.git/HEAD] [Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36] show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-08 08:35:48 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.168.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.168.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 08 03:35:42.823362 2025] [security2:error] [pid 8377:tid 8377] [client 191.96.168.52:61506] [client 191.96.168.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jerusalem-temple-today.com"] [uri "/.git/HEAD"] [unique_id "Z8wBXtPBCWLhzSH7tDIMqgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 niceshops.com	2025-03-08 07:00:20 (1 year ago)	Web Attack (08/Mar/2025:08:00:08.689", "frontend": "frontend_disco", "backend": "frontend_disco", "b ... show more Web Attack (08/Mar/2025:08:00:08.689", "frontend": "frontend_disco", "backend": "frontend_disco", "backend_server": "<NOSRV>", "time_request": 0, "time_wait": -1, "time_connect": -1, "time_response": -1, "time_active": 0, "status": 301, "bytes_read": 132, "termination_state": "LR--", "actconn": 87, "feconn": 86, "beconn": 0, "srv_conn": 0, "retries": 0, "srv_queue": 0, "backend_queue": 0, "capture_request": "{\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|}", "capture_response GET /.git/HEAD) show less	Web App Attack
🇺🇸 glaserceramics	2025-03-08 06:51:02 (1 year ago)	GET /.git/HEAD via HTTP/1.1 - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537. ... show more GET /.git/HEAD via HTTP/1.1 - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 show less	Web App Attack
🇩🇪 paissangroup	2025-03-08 05:51:30 (1 year ago)	Multiple WAF Violations	Web App Attack
Anonymous	2024-11-04 10:12:41 (1 year ago)	191.96.168.52 (US/United States/-), 5 distributed sshd attacks on account [test] in the last 3600 se ... show more 191.96.168.52 (US/United States/-), 5 distributed sshd attacks on account [test] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Nov 4 05:12:33 server5 sshd[32392]: Invalid user test from 84.239.18.14 Nov 4 05:12:33 server5 sshd[32396]: Invalid user test from 89.187.171.166 Nov 4 05:12:34 server5 sshd[32406]: Invalid user test from 191.96.168.52 Nov 4 05:12:34 server5 sshd[32398]: Invalid user test from 176.125.229.132 Nov 4 05:12:34 server5 sshd[32404]: Invalid user test from 176.125.229.132 IP Addresses Blocked: 84.239.18.14 (RO/Romania/-) 89.187.171.166 (US/United States/-) show less	Brute-Force

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.34

🇬🇧 165.154.129.188

🇰🇷 118.33.113.1

🇷🇺 85.95.166.40

🇱🇹 45.227.254.170

🇦🇪 31.215.119.189

🇺🇸 209.12.153.195

🇭🇺 195.199.210.194

🇫🇷 86.206.78.206

🇮🇪 86.40.118.60

🇸🇬 2001:df4:96c0:a3::a

🇬🇧 195.96.139.217

🇨🇱 190.20.73.110

🇨🇳 180.76.226.129

🇻🇳 116.105.165.246

🇭🇰 112.120.171.95

🇳🇱 93.123.118.228

🇬🇧 34.105.203.94

🇺🇸 2602:fb54:1a00::37

🇬🇧 188.240.59.29