JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 191.96.67.196

191.96.67.196 was found in our database!

This IP was reported 117 times. Confidence of Abuse is 2%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	Houston, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 191.96.67.196

Whois 191.96.67.196

IP Abuse Reports for 191.96.67.196:

This IP address has been reported a total of 117 times from 79 distinct sources. 191.96.67.196 was first reported on June 23rd 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Rayulcifer	2026-06-11 11:29:43 (1 week ago)	[Sat Jun 06 02:14:50.591532 2026] [access_compat:error] [pid 3123365:tid 132703986890432] [client 19 ... show more [Sat Jun 06 02:14:50.591532 2026] [access_compat:error] [pid 3123365:tid 132703986890432] [client 191.96.67.196:21236] AH01797: client denied by server configuration: proxy:http://localhost:4000/ip [Sat Jun 06 02:14:50.755525 2026] [access_compat:error] [pid 3123365:tid 132703441626816] [client 191.96.67.196:56644] AH01797: client denied by server configuration: proxy:http://localhost:4000/ [Sat Jun 06 02:18:15.976877 2026] [access_compat:error] [pid 3136135:tid 132705990223552] [client 191.96.67.196:40814] AH01797: client denied by server configuration: proxy:http://localhost:4000/ip [Sat Jun 06 02:18:16.140251 2026] [access_compat:error] [pid 3136135:tid 132704020461248] [client 191.96.67.196:25686] AH01797: client denied by server configuration: proxy:http://localhost:4000/ [Sat Jun 06 02:21:55.479541 2026] [access_compat:error] [pid 3139793:tid 132705337460416] [client 191.96.67.196:28881] AH01797: client denied by server configuration: proxy:http://localhost:4000/ip ... show less	Brute-Force SSH
🇺🇸 Rayulcifer	2026-06-06 07:21:56 (2 weeks ago)	[Sat Jun 06 02:14:50.591532 2026] [access_compat:error] [pid 3123365:tid 132703986890432] [client 19 ... show more [Sat Jun 06 02:14:50.591532 2026] [access_compat:error] [pid 3123365:tid 132703986890432] [client 191.96.67.196:21236] AH01797: client denied by server configuration: proxy:http://localhost:4000/ip [Sat Jun 06 02:14:50.755525 2026] [access_compat:error] [pid 3123365:tid 132703441626816] [client 191.96.67.196:56644] AH01797: client denied by server configuration: proxy:http://localhost:4000/ [Sat Jun 06 02:18:15.976877 2026] [access_compat:error] [pid 3136135:tid 132705990223552] [client 191.96.67.196:40814] AH01797: client denied by server configuration: proxy:http://localhost:4000/ip [Sat Jun 06 02:18:16.140251 2026] [access_compat:error] [pid 3136135:tid 132704020461248] [client 191.96.67.196:25686] AH01797: client denied by server configuration: proxy:http://localhost:4000/ [Sat Jun 06 02:21:55.479541 2026] [access_compat:error] [pid 3139793:tid 132705337460416] [client 191.96.67.196:28881] AH01797: client denied by server configuration: proxy:http://localhost:4000/ip ... show less	Brute-Force SSH
Anonymous	2026-04-07 00:19:23 (2 months ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-03-28 16:23:23 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 191.96.67.196 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 191.96.67.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 28 12:23:15.703157 2026] [security2:error] [pid 26090:tid 26090] [client 191.96.67.196:52356] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cccorponline.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cccorponline.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "acgAc3XKrwvdmRJWkYPaWQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇹 centurion	2026-02-15 14:58:07 (4 months ago)	Unauthorized attempt on siem [80/tcp] Source port: 35061 TTL: 113 Packet length: 52 TOS: 0x00 https: ... show more Unauthorized attempt on siem [80/tcp] Source port: 35061 TTL: 113 Packet length: 52 TOS: 0x00 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 Rip	2026-02-15 14:54:24 (4 months ago)	Automated recon attempt targeting restricted and sensitive paths.	Web App Attack
🇺🇸 technojoe99	2026-02-15 14:19:38 (4 months ago)	Exploit scan from 191.96.67.196. GET /.env HTTP/1.1.	Web App Attack
🇮🇩 Burayot	2026-02-15 08:22:18 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 191.96.67.196 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 191.96.67.196 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇪🇸 librebit	2026-02-15 08:10:13 (4 months ago)	Brute force	Brute-Force
Anonymous	2026-02-15 06:10:14 (4 months ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇺🇸 mnsf	2026-02-15 06:07:00 (4 months ago)	Scanning/Probing (22)	Brute-Force Web App Attack
Anonymous	2026-02-15 05:14:11 (4 months ago)	Scraping for .env file	Web App Attack
🇺🇸 octageeks.com	2026-02-15 05:06:08 (4 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇬🇧 SilverZippo	2026-02-15 05:00:26 (4 months ago)	Web App Attack	Web App Attack
🇩🇪 on-com	2026-02-15 04:41:57 (4 months ago)	URL scan	Brute-Force Web App Attack

Showing 1 to 15 of 117 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.239.251.12

🇲🇺 197.225.146.23

🇺🇬 196.0.24.30

🇷🇺 195.222.129.138

🇷🇴 193.32.162.82

🇫🇮 178.20.210.151

🇺🇸 141.11.88.12

🇨🇿 92.62.233.214

🇷🇴 80.94.92.187

🇧🇷 20.206.67.148

🇹🇼 198.235.24.123

🇮🇹 185.15.170.221

🇫🇮 138.124.99.219

🇮🇩 103.186.1.103

🇨🇦 65.111.20.7

🇸🇬 47.128.112.196

🇭🇰 34.92.183.18

🇨🇳 8.138.154.105

🇺🇸 5.161.231.151

🇺🇸 2a04:c300:400::186