JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 199.217.99.123

199.217.99.123 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 0%: ?

ISP	BL Networks
Usage Type	Data Center/Web Hosting/Transit
ASN	AS399629
Domain Name	blnwx.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 199.217.99.123

Whois 199.217.99.123

IP Abuse Reports for 199.217.99.123:

This IP address has been reported a total of 5 times from 5 distinct sources. 199.217.99.123 was first reported on November 27th 2025, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2025-11-29 02:37:22 (6 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 03:08:59 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 199.217.99.123 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 199.217.99.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 22:08:54.888740 2025] [security2:error] [pid 22241:tid 22241] [client 199.217.99.123:52726] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|intermixx.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "intermixx.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSkSRoeqw9-8jg9ZxzRk3gAAABw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 COMPLEX	2025-11-27 23:14:37 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from NL. Action taken: MANAGED_CHALLENGE ASN: 399629 (BLNW ... show more Triggered Cloudflare WAF (firewallCustom) from NL. Action taken: MANAGED_CHALLENGE ASN: 399629 (BLNWX) Protocol: HTTP/2 (GET method) Endpoint: /diddy show less	Bad Web Bot
🇮🇪 abassolsa	2025-11-27 19:41:22 (6 months ago)	199.217.99.123 - - [27/Nov/2025:19:41:19 +0000] "GET /comment/reply/?q=node/add HTTP/1.1" 404 43594 ... show more 199.217.99.123 - - [27/Nov/2025:19:41:19 +0000] "GET /comment/reply/?q=node/add HTTP/1.1" 404 43594 "https://www.genderportal.eu/group/welcome-e-discussion-0" "Mozilla/5.0 (Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0" 199.217.99.123 - - [27/Nov/2025:19:41:21 +0000] "GET /comment/reply/?q=user HTTP/1.1" 404 43589 "https://www.genderportal.eu/comment/reply/?q=node/add" "Mozilla/5.0 (Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0" ... show less	Brute-Force Bad Web Bot SSH
🇩🇪 Packets-Decreaser.NET	2025-11-27 13:55:08 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.126.87.236

🇧🇪 207.175.12.159

🇲🇽 187.190.35.163

🇲🇾 115.135.30.214

🇺🇸 103.144.28.85

🇺🇸 82.197.83.76

🇬🇧 81.153.170.203

🇭🇰 43.155.40.91

🇧🇷 43.135.199.248

🇨🇳 14.18.122.240

🇹🇼 220.128.221.64

🇩🇪 213.209.159.241

🇧🇷 189.50.142.78

🇨🇳 180.169.100.182

🇬🇧 165.154.129.188

🇹🇭 125.24.176.135

🇰🇷 121.185.78.234

🇨🇳 120.48.90.166

🇧🇩 103.86.198.162

🇩🇪 69.5.169.30