JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.96.159.199

192.96.159.199 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 0%: ?

ISP	IONOS Cloud Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS54548
Hostname(s)	ip192-96-159-199.pbiaas.com
Domain Name	ionos.com
Country	🇺🇸 United States of America
City	Las Vegas, Nevada

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.96.159.199

Whois 192.96.159.199

IP Abuse Reports for 192.96.159.199:

This IP address has been reported a total of 31 times from 20 distinct sources. 192.96.159.199 was first reported on October 25th 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 jjnxpct	2026-01-22 05:30:45 (4 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env] show less	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2026-01-21 22:59:57 (4 months ago)	Auto-ban: >3000 req/min op 2026-01-21	Hacking Web App Attack SSH
Anonymous	2026-01-21 17:58:02 (4 months ago)	Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1, GET /.env.example HTTP/1.1	Hacking Web App Attack
🇳🇱 debestelapp	2026-01-21 14:33:16 (4 months ago)		Web App Attack
🇩🇪 sdos.es	2026-01-21 09:42:41 (4 months ago)	"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"	Web App Attack
🇳🇱 GabrielJST	2026-01-17 22:59:41 (4 months ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted] from 192.96.159.199 (US/U ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 192.96.159.199 (US/United States/ip192-96-159-199.pbiaas.com) show less	Bad Web Bot
🇱🇻 garmtech.com	2026-01-17 02:45:54 (5 months ago)	IM360 WAF: Laravel .env file access	Web App Attack
🇺🇸 [email protected]	2026-01-14 03:01:57 (5 months ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-01-14T03:01:56Z	Brute-Force
🇺🇸 [email protected]	2026-01-14 02:01:59 (5 months ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-01-14T02:01:59Z	Brute-Force
🇺🇸 TPI-Abuse	2026-01-14 01:27:21 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 192.96.159.199 (ip192-96-159-199.pbiaas.com): 1 ... show more (mod_security) mod_security (id:210492) triggered by 192.96.159.199 (ip192-96-159-199.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 20:27:15.996357 2026] [security2:error] [pid 28841:tid 28841] [client 192.96.159.199:61359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "notimallinckrodt.com.ar"] [uri "/.env"] [unique_id "aWbw89smWKPySZnKVGRuqQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 [email protected]	2026-01-14 01:02:06 (5 months ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-01-14T01:02:05Z	Brute-Force
🇺🇸 TPI-Abuse	2026-01-13 06:53:53 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 192.96.159.199 (ip192-96-159-199.pbiaas.com): 1 ... show more (mod_security) mod_security (id:210492) triggered by 192.96.159.199 (ip192-96-159-199.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 01:53:50.087007 2026] [security2:error] [pid 1068:tid 1068] [client 192.96.159.199:62889] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.worthhomes4rent.com"] [uri "/.env.example"] [unique_id "aWXr_gLo9MaIXrJNFLJ8YwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-13 06:38:47 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 192.96.159.199 (ip192-96-159-199.pbiaas.com): 1 ... show more (mod_security) mod_security (id:210492) triggered by 192.96.159.199 (ip192-96-159-199.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 01:38:41.806182 2026] [security2:error] [pid 3844464:tid 3844464] [client 192.96.159.199:57366] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.northfortworthalliance.com"] [uri "/.env.example"] [unique_id "aWXocXctnnjR-sZ5TCCoRwAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-13 05:33:57 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 192.96.159.199 (ip192-96-159-199.pbiaas.com): 1 ... show more (mod_security) mod_security (id:210492) triggered by 192.96.159.199 (ip192-96-159-199.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 00:33:51.237564 2026] [security2:error] [pid 4290:tid 4290] [client 192.96.159.199:55286] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.airtechconsulting.com"] [uri "/.env.example"] [unique_id "aWXZP2oeAKrI1rN1v_qN5QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-13 03:33:19 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 192.96.159.199 (ip192-96-159-199.pbiaas.com): 1 ... show more (mod_security) mod_security (id:210492) triggered by 192.96.159.199 (ip192-96-159-199.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 12 22:33:14.244640 2026] [security2:error] [pid 16141:tid 16141] [client 192.96.159.199:49276] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "socialstudiesforkids.com"] [uri "/.env"] [unique_id "aWW8-rajOBjxr3BIizdLgAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 120.48.181.192

🇺🇸 99.92.204.98

🇳🇱 91.92.40.29

🇨🇳 58.22.255.28

🇲🇽 200.68.161.186

🇳🇱 178.16.54.237

🇮🇩 163.7.6.41

🇨🇳 59.38.131.149

🇭🇰 45.142.154.103

🇺🇸 44.220.188.95

🇳🇱 204.76.203.81

🇩🇪 194.88.98.110

🇨🇷 186.177.88.42

🇺🇸 165.227.209.27

🇨🇳 119.29.195.53

🇵🇱 213.108.227.87

🇫🇷 212.227.27.47

🇬🇧 193.163.125.172

🇺🇸 192.178.37.26

🇩🇪 162.19.243.145