JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 191.96.67.12

191.96.67.12 was found in our database!

This IP was reported 272 times. Confidence of Abuse is 8%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	Houston, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 191.96.67.12

Whois 191.96.67.12

IP Abuse Reports for 191.96.67.12:

This IP address has been reported a total of 272 times from 140 distinct sources. 191.96.67.12 was first reported on June 4th 2021, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 Mediashaker	2026-05-16 00:11:36 (4 weeks ago)	(smtpauth) Failed SMTP AUTH login from 191.96.67.12 (US/United States/-)	Brute-Force
🇬🇧 consul.to	2026-05-10 06:22:43 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇿 lp	2026-03-28 11:50:33 (2 months ago)	Email account brute force: 3 attempts were recorded from 191.96.67.12 2026-03-28T11:23:47+01:00 warn ... show more Email account brute force: 3 attempts were recorded from 191.96.67.12 2026-03-28T11:23:47+01:00 warning: unknown[191.96.67.12]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-03-28T11:23:47+01:00 warning: unknown[191.96.67.12]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-03-28T11:23:47+01:00 warning: unknown[191.96.67.12]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
Anonymous	2026-01-27 06:56:56 (4 months ago)	T: f2b 404 5x	Web App Attack
Anonymous	2026-01-20 01:19:28 (4 months ago)	Fail2ban: all-services - 2026/01/02 22:10:16191.96.67.12 - - [02/Jan/2026:22:12:30 -0500] "GET /.env ... show more Fail2ban: all-services - 2026/01/02 22:10:16191.96.67.12 - - [02/Jan/2026:22:12:30 -0500] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" attempts show less	Hacking Web App Attack
Anonymous	2026-01-12 02:22:13 (5 months ago)	Fail2ban: all-services - 2026/01/02 22:10:16191.96.67.12 - - [02/Jan/2026:22:12:30 -0500] "GET /.env ... show more Fail2ban: all-services - 2026/01/02 22:10:16191.96.67.12 - - [02/Jan/2026:22:12:30 -0500] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" attempts show less	Hacking Web App Attack
🇨🇿 lp	2026-01-10 01:23:06 (5 months ago)	Email account brute force: 6 attempts were recorded from 191.96.67.12 2026-01-10T00:50:04+01:00 warn ... show more Email account brute force: 6 attempts were recorded from 191.96.67.12 2026-01-10T00:50:04+01:00 warning: unknown[191.96.67.12]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-01-10T00:50:05+01:00 warning: unknown[191.96.67.12]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-01-10T00:50:07+01:00 warning: unknown[191.96.67.12]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-01-10T00:50:08+01:00 warning: unknown[191.96.67.12]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-01-10T00:50:28+01:00 warning: unknown[191.96.67.12]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-01-10T00:50:29+01:00 warning: unknown[191.96.67.12]: SASL LOGIN authentication failed: authentication fai show less	Brute-Force
🇧🇾 lns.bz	2026-01-07 21:24:10 (5 months ago)	.env scanning [BY]	Web App Attack
Anonymous	2026-01-07 10:20:40 (5 months ago)	FortiWeb WAF: 570 attacks detected. Threat Score: 57000. Types: Client Management(285), Block IP Lis ... show more FortiWeb WAF: 570 attacks detected. Threat Score: 57000. Types: Client Management(285), Block IP List(285). Origin: United States. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-01-07 08:01:26 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 191.96.67.12 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 191.96.67.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 03:01:22.169500 2026] [security2:error] [pid 11523:tid 11523] [client 191.96.67.12:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sportsbookcommission.com"] [uri "/.env"] [unique_id "aV4S0nRW_4RFvonrhKWBtQAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 madeit	2026-01-07 07:23:13 (5 months ago)		Web App Attack
🇺🇸 myagent.site	2026-01-07 06:47:46 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
Anonymous	2026-01-07 06:02:02 (5 months ago)	Automated report (2026-01-07T01:02:02-05:00). Caught probing for env file.	Hacking Web App Attack
🇺🇸 nationaleventpros.com	2026-01-07 05:22:03 (5 months ago)	vulnerability scan	Web App Attack
🇺🇸 rafled	2026-01-07 04:58:52 (5 months ago)	attempt to scan and scrape for env files and or files that expose the web app version	Bad Web Bot

Showing 1 to 15 of 272 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 171.105.76.81

🇨🇳 121.63.176.45

🇧🇬 91.191.209.46

🇺🇸 65.49.20.92

🇺🇸 64.62.156.14

🇻🇳 14.191.14.63

🇨🇳 220.181.108.144

🇺🇿 198.163.193.180

🇬🇧 152.32.157.173

🇨🇦 147.182.149.75

🇸🇬 128.199.231.249

🇳🇱 83.84.205.183

🇺🇸 65.49.1.187

🇺🇸 64.225.46.44

🇷🇺 45.91.64.6

🇺🇸 20.64.105.39

🇩🇪 2.27.20.149

🇷🇺 193.53.127.151

🇺🇾 179.26.204.21

🇨🇦 167.99.182.39