JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 191.96.67.120

191.96.67.120 was found in our database!

This IP was reported 56 times. Confidence of Abuse is 8%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	Houston, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 191.96.67.120

Whois 191.96.67.120

IP Abuse Reports for 191.96.67.120:

This IP address has been reported a total of 56 times from 34 distinct sources. 191.96.67.120 was first reported on May 19th 2023, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-23 08:33:11 (3 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇬🇧 consul.to	2026-04-27 05:54:40 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 homeshowdomain.nl	2026-03-13 22:59:10 (3 months ago)	Auto-ban: >3000 req/min op 2026-03-13	Web App Attack SSH Hacking
🇨🇭 zynex	2026-03-13 12:46:46 (3 months ago)	URL Probing: /.env	Web App Attack
🇬🇧 poundawebsiteltd	2026-03-13 12:36:28 (3 months ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 191.96.67.120 - - [13/Mar/2026:12 ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 191.96.67.120 - - [13/Mar/2026:12:36:26 +0000] GET /.env HTTP/1.1 403 214 - Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 show less	Web App Attack
🇺🇸 myagent.site	2026-03-13 12:36:08 (3 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇳🇱 Mangelot Hosting	2026-03-13 12:20:33 (3 months ago)	(modsecurity) srv102 ModSecurity 191.96.67.120 (US/United States/-): 10 in the last 3600 secs; Ports ... show more (modsecurity) srv102 ModSecurity 191.96.67.120 (US/United States/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
Anonymous	2026-03-13 12:20:02 (3 months ago)	suspicious request in access.log	Web App Attack
🇲🇾 Rizzy	2026-03-13 12:11:14 (3 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-03-13 12:01:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 191.96.67.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.67.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 13 08:01:24.205880 2026] [security2:error] [pid 7614:tid 7614] [client 191.96.67.120:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "avaliantlife.com"] [uri "/.env"] [unique_id "abP8lKbBJnbGcVVzYyEtqwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-03-13 07:23:25 (3 months ago)	2.358 requests with url.path *.env	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-13 06:43:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 191.96.67.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 191.96.67.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 13 02:43:39.953224 2026] [security2:error] [pid 31406:tid 31406] [client 191.96.67.120:1914] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mikewakimphotos.com"] [uri "/.env"] [unique_id "abOyG-QssTvspNsYzTuVCgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-03-13 06:43:34 (3 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇨🇭 teamsecure	2026-03-13 06:16:09 (3 months ago)	Banned for trying to access env	Web App Attack
🇺🇸 mnsf	2026-03-13 06:05:36 (3 months ago)	Scanning/Probing (20)	Brute-Force Web App Attack

Showing 1 to 15 of 56 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4004:100d::125

🇳🇱 213.177.179.28

🇨🇱 200.89.69.247

🇲🇿 196.3.101.2

🇪🇸 194.147.118.168

🇷🇺 176.210.123.78

🇭🇰 118.193.37.50

🇭🇰 46.247.61.62

🇺🇸 18.218.118.203

🇮🇳 202.53.94.246

🇮🇳 202.21.42.232

🇪🇪 194.76.227.116

🇸🇦 154.205.134.214

🇫🇮 147.185.133.186

🇧🇩 103.163.117.83

🇻🇳 103.118.28.17

🇧🇦 94.250.9.135

🇷🇺 83.171.114.42

🇺🇸 73.66.167.12

🇸🇳 41.214.109.107