JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 199.96.164.204

199.96.164.204 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 3%: ?

ISP	MyridWeb LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	myridweb.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 199.96.164.204

Whois 199.96.164.204

IP Abuse Reports for 199.96.164.204:

This IP address has been reported a total of 14 times from 8 distinct sources. 199.96.164.204 was first reported on August 17th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-03 07:47:15 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 199.96.164.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 199.96.164.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 03:47:10.710410 2026] [security2:error] [pid 31730:tid 31730] [client 199.96.164.204:24215] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Danbury II/Stetson Coffee/Thumbs.db"] [unique_id "ah_b_rzz0qzigsBc4S2HAQAAAA4"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Danbury%20II/Stetson%20Coffee/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-25 18:13:11 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 199.96.164.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 199.96.164.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 25 13:13:06.679593 2026] [security2:error] [pid 17196:tid 17215] [client 199.96.164.204:12979] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|amazinglips.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "amazinglips.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZ87sk0aOdqu31gwOLQQswAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-07 13:13:00 (5 months ago)	LFI-RFI Score: 3 \| Issues: [{"source":"POST","key":"g-recaptcha-response","type":"lfi","pattern":"\/ ... show more LFI-RFI Score: 3 \| Issues: [{"source":"POST","key":"g-recaptcha-response","type":"lfi","pattern":"\/(?:\\.\\.\\\/\|%2e%2e\\\/\|%2e%2e%2f)\/i","sample":"\/\\..\/\\..\/\\..\/\\..\/\\..\/\\..\/\\..\/etc\/passwd"}] / Malicious scan suspected (score: 3 >= 3): Directory Traversal in POST Body / Path Matches Pattern (/wp-admin/) / Malicious scan suspected (score: 3 >= 3): Directory Traversal in POST Body / Path Matches Pattern (/wp-admin/) / reCAPTCHA challenge timed out show less	DDoS Attack Hacking Bad Web Bot Web App Attack
🇺🇸 Psycho Solutions LLC	2026-01-01 07:56:33 (5 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 1/1/2026 7:56 am (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-30 11:19:11 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-27 13:32:32 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-26 12:19:28 (5 months ago)	WP Login Scan Activities	Web App Attack
🇨🇭 backslash	2025-11-20 14:30:29 (6 months ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇺🇸 fbarela	2025-10-29 14:00:11 (7 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇮🇩 Burayot	2025-10-27 21:24:37 (7 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 199.96.164.204 (US/United States/-) ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 199.96.164.204 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-10-24 13:02:32 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 199.96.164.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 199.96.164.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 24 09:02:28.171346 2025] [security2:error] [pid 2071:tid 2071] [client 199.96.164.204:30063] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|areafinancieratf.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "areafinancieratf.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aPt45H73LvJV-GwTe2njIwAAAAA"], referer: https://areafinancieratf.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-10-13 06:30:24 (7 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇨🇿 lp	2025-08-18 18:21:54 (9 months ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 199.96.164.204 2025-08-18T19:52:17+02 ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 199.96.164.204 2025-08-18T19:52:17+02:00 vpn Access-Reject 'wcarter' station: 199.96.164.204 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-08-17 16:50:43 (9 months ago)	Unauthorized VPN login attempts: 3 attempts were recorded from 199.96.164.204 2025-08-17T18:11:24+02 ... show more Unauthorized VPN login attempts: 3 attempts were recorded from 199.96.164.204 2025-08-17T18:11:24+02:00 vpn Access-Reject 'pmorris' station: 199.96.164.204 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-08-17T18:12:06+02:00 vpn Access-Reject 'dcambell' station: 199.96.164.204 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-08-17T18:12:51+02:00 vpn Access-Reject 'kperez' station: 199.96.164.204 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.104.137.55

🇫🇷 91.196.152.178

🇺🇸 34.174.142.0

🇧🇴 181.188.187.140

🇨🇳 106.13.122.214

🇯🇵 101.36.104.242

🇬🇷 94.67.158.65

🇧🇦 31.223.129.43

🇺🇸 192.111.139.163

🇦🇷 186.148.224.83

🇺🇸 173.244.60.241

🇺🇸 76.79.213.70

🇭🇰 47.86.176.177

🇰🇷 27.100.188.204

🇷🇺 5.129.206.230

🇰🇷 221.164.235.189

🇳🇱 176.65.148.139

🇺🇸 162.217.165.32

🇮🇩 103.101.216.26

🇺🇸 35.150.128.133