JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 191.96.255.42

191.96.255.42 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 25%: ?

25%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 191.96.255.42

Whois 191.96.255.42

IP Abuse Reports for 191.96.255.42:

This IP address has been reported a total of 24 times from 9 distinct sources. 191.96.255.42 was first reported on December 13th 2023, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 int8	2026-06-16 05:15:49 (2 days ago)	2026-06-16T05:15:49.122786151Z Minecraft server scanner: status request	Port Scan
🇩🇪 ecs.ge	2026-06-06 15:53:35 (1 week ago)	Automatic Fail2Ban report from jail ssh: multiple matching events detected.	Brute-Force SSH
🇩🇪 piticu iuli	2026-06-06 07:22:36 (1 week ago)	(sshd) Failed SSH login from 191.96.255.42 (US/United States/-)	Brute-Force SSH
🇮🇹 VHosting	2026-06-05 19:55:03 (1 week ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 octageeks.com	2026-03-31 04:09:44 (2 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇮🇹 VHosting	2025-12-24 04:50:21 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇧🇪 cmbplf	2025-02-18 05:59:45 (1 year ago)	5 /?ybtpc=vbcki (3mos1w1d)	Brute-Force Bad Web Bot
🇦🇺 weblite	2025-01-04 00:58:55 (1 year ago)	WP_EXPLOIT_PROBE WP_MALWARE_PROBE	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-01-03 23:47:50 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.255.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.255.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 03 18:47:45.435387 2025] [security2:error] [pid 2138944:tid 2138944] [client 191.96.255.42:46898] [client 191.96.255.42] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.needtoorder.us"] [uri "/.env"] [unique_id "Z3h3If4Iox3gWb6RGhOwvAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-03 21:46:12 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.255.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.255.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 03 16:46:07.871800 2025] [security2:error] [pid 2634507:tid 2634507] [client 191.96.255.42:45594] [client 191.96.255.42] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dovka.com"] [uri "/.env"] [unique_id "Z3han8x5okHg3cZU8jDPMQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-03 21:01:04 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.255.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.255.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 03 16:00:58.736869 2025] [security2:error] [pid 524:tid 524] [client 191.96.255.42:37082] [client 191.96.255.42] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brandsmedia.com"] [uri "/.env"] [unique_id "Z3hQCldWNWIsqRKzzBeFjgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-03 20:27:53 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.255.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.255.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 03 15:27:49.103289 2025] [security2:error] [pid 4078:tid 4078] [client 191.96.255.42:33624] [client 191.96.255.42] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.atomicmc.com"] [uri "/.env"] [unique_id "Z3hIRcb1DZvxW55Y2ysVXwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-03 19:59:51 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.255.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.255.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 03 14:59:46.312378 2025] [security2:error] [pid 25543:tid 25543] [client 191.96.255.42:51712] [client 191.96.255.42] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "srosa.com"] [uri "/.env"] [unique_id "Z3hBsiUrasgU7t2Lu202SwAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-03 19:36:11 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.255.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.255.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 03 14:36:05.171555 2025] [security2:error] [pid 23298:tid 23298] [client 191.96.255.42:37896] [client 191.96.255.42] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aacoustics.com"] [uri "/.env"] [unique_id "Z3g8Jab9b_Rb2oqh2plQkwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-03 18:15:17 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 191.96.255.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.255.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 03 13:15:14.746494 2025] [security2:error] [pid 14936:tid 14936] [client 191.96.255.42:43786] [client 191.96.255.42] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elcalamo.com"] [uri "/.env"] [unique_id "Z3gpMunaUesw8yBLsM1avAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.32

🇷🇺 178.178.194.134

🇵🇭 124.105.218.150

🇺🇸 92.204.128.218

🇳🇱 45.148.10.183

🇺🇸 23.251.34.171

🇺🇸 2a04:4e41:3a03:d6dd::cd83:36dd

🇲🇦 196.64.136.141

🇧🇷 187.61.115.124

🇨🇳 183.233.85.194

🇹🇼 165.154.227.158

🇸🇬 138.75.114.62

🇭🇰 119.28.9.170

🇹🇭 118.193.56.171

🇷🇺 109.174.104.74

🇺🇸 107.172.250.235

🇹🇷 85.99.111.64

🇧🇬 79.124.40.126

🇺🇸 47.251.165.87

🇫🇷 45.154.138.56