JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 191.96.67.11

191.96.67.11 was found in our database!

This IP was reported 54 times. Confidence of Abuse is 27%: ?

27%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	Houston, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 191.96.67.11

Whois 191.96.67.11

IP Abuse Reports for 191.96.67.11:

This IP address has been reported a total of 54 times from 25 distinct sources. 191.96.67.11 was first reported on March 27th 2021, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 SvrAdmin	2026-06-10 07:20:34 (3 days ago)	[101] (smtpauth) Failed SMTP AUTH login from 191.96.67.11 (US/United States/-): 5 in the last 3600 s ... show more [101] (smtpauth) Failed SMTP AUTH login from 191.96.67.11 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2026-06-10 04:19:21 dovecot_login authenticator failed for H=(7MvpsGQ7) [191.96.67.11]:22705: 535 Incorrect authentication data ([email protected]) 2026-06-10 04:19:32 dovecot_login authenticator failed for H=(h6BopaF) [191.96.67.11]:28044: 535 Incorrect authentication data ([email protected]) 2026-06-10 04:19:46 dovecot_login authenticator failed for H=(nKL8hLY) [191.96.67.11]:24481: 535 Incorrect authentication data ([email protected]) 2026-06-10 04:20:07 dovecot_login authenticator failed for H=(KLQyAZ) [191.96.67.11]:5766: 535 Incorrect authentication data ([email protected]) 2026-06-10 04:20:28 dovecot_login authenticator failed for H=(gQy9gGz) [191.96.67.11]:51667: 535 Incorrect authentication data ([email protected]) show less	Port Scan Hacking Brute-Force Exploited Host
Anonymous	2026-06-10 07:11:20 (3 days ago)	BruteForce IMAP/POP3/SMTP	Brute-Force
🇺🇸 bigscoots.com	2026-06-10 07:04:49 (3 days ago)	(smtpauth) Failed SMTP AUTH login from 191.96.67.11 (US/United States/-): 5 in the last 3600 secs; P ... show more (smtpauth) Failed SMTP AUTH login from 191.96.67.11 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-06-10 03:03:48 dovecot_login authenticator failed for H=(mbPJt7) [191.96.67.11]:18988: 535 Incorrect authentication data ([email protected]) 2026-06-10 03:03:56 dovecot_login authenticator failed for H=(FCngw9) [191.96.67.11]:14990: 535 Incorrect authentication data ([email protected]) 2026-06-10 03:04:09 dovecot_login authenticator failed for H=(XjtxcOLJl) [191.96.67.11]:43949: 535 Incorrect authentication data ([email protected]) 2026-06-10 03:04:28 dovecot_login authenticator failed for H=(G1A9TDyx) [191.96.67.11]:12799: 535 Incorrect authentication data ([email protected]) 2026-06-10 03:04:47 dovecot_login authenticator failed for H=(3vVsivWLIT) [191.96.67.11]:19033: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇨🇿 lp	2026-05-15 09:20:26 (4 weeks ago)	Email account brute force: 1 attempts were recorded from 191.96.67.11 2026-05-15T10:48:33+02:00 warn ... show more Email account brute force: 1 attempts were recorded from 191.96.67.11 2026-05-15T10:48:33+02:00 warning: unknown[191.96.67.11]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
🇺🇸 TPI-Abuse	2026-03-13 21:26:55 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 191.96.67.11 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 191.96.67.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 13 17:26:48.168382 2026] [security2:error] [pid 26736:tid 26736] [client 191.96.67.11:63078] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.scoutinsignia.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.scoutinsignia.com"] [uri "/hats/WS_FTP.LOG"] [unique_id "abSBGHO2ZWEBuRWDrEcfxQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-03-13 20:05:21 (3 months ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 191.96.67.11 (US/United States/-): 1 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 191.96.67.11 (US/United States/-): 1 in the last 3600 secs (0-201) show less	Hacking
🇸🇪 konseptit	2026-01-06 16:50:23 (5 months ago)	(smtpauth) Failed SMTP AUTH login from 191.96.67.11 (US/United States/-)	Brute-Force
Anonymous	2025-09-13 18:02:55 (9 months ago)	191.96.67.11 - - [13/Sep/2025:18:01:05 +0000] "POST /wiki/Special:Contact HTTP/1.1" 200 7696 "https: ... show more 191.96.67.11 - - [13/Sep/2025:18:01:05 +0000] "POST /wiki/Special:Contact HTTP/1.1" 200 7696 "https://en.transformal.com/wiki/Special:Contact" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36" 191.96.67.11 - - [13/Sep/2025:18:02:55 +0000] "POST /wiki/Special:Contact HTTP/1.1" 200 7697 "https://en.transformal.com/wiki/Special:Contact" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36" ... show less	Web Spam Web App Attack
🇺🇸 xmission.com	2025-07-15 19:53:12 (10 months ago)	Blocked by UFW (TCP on 6881) Source port: 20504 TTL: 52 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 6881) Source port: 20504 TTL: 52 Packet length: 60 TOS: 0x08 This report (for 191.96.67.11) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 marzzzello	2025-07-07 00:53:18 (11 months ago)	Ports: 5x 8100	Port Scan
🇦🇺 oncord	2025-06-17 02:06:02 (11 months ago)	Form spam	Web Spam
🇩🇪 marzzzello	2025-06-12 23:42:50 (1 year ago)	Ports: 4x 51413	Port Scan
🇳🇱 WeCloudit-Anti-Abuse	2025-05-31 10:00:24 (1 year ago)	WAF: Block spam in PrestaShop 2- wsit	Email Spam Brute-Force
🇵🇱 sefinek.net	2025-05-22 09:13:12 (1 year ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇵🇱 sefinek.net	2025-05-05 14:20:16 (1 year ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Port Scan

Showing 1 to 15 of 54 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.107.156.227

🇩🇪 206.81.18.111

🇳🇱 204.76.203.206

🇦🇫 180.94.75.90

🇨🇳 116.252.80.130

🇷🇴 92.118.39.214

🇨🇳 58.34.237.18

🇳🇱 45.148.10.67

🇮🇷 45.84.157.81

🇺🇸 34.22.42.2

🇳🇱 20.123.146.94

🇺🇸 2001:470:2cc:1::1ed

🇩🇪 209.38.193.254

🇨🇱 200.120.194.214

🇺🇸 165.22.134.78

🇫🇮 147.185.133.173

🇫🇮 147.185.133.3

🇮🇩 103.110.34.131

🇹🇭 83.118.107.46

🇺🇸 47.251.125.118