JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 199.96.164.48

199.96.164.48 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 34%: ?

34%

ISP	MyridWeb LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	myridweb.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 199.96.164.48

Whois 199.96.164.48

IP Abuse Reports for 199.96.164.48:

This IP address has been reported a total of 18 times from 14 distinct sources. 199.96.164.48 was first reported on October 10th 2025, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-05 00:21:01 (19 hours ago)	...	Web App Attack
🇬🇧 relianoid.com	2026-06-04 03:54:55 (1 day ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2026-05-20 20:11:57 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 199.96.164.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 199.96.164.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 16:11:54.180008 2026] [security2:error] [pid 12914:tid 12914] [client 199.96.164.48:61935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "indiahouseportland.com"] [uri "/wp-config.php.bak"] [unique_id "ag4Vilyt3R5XTDIT3pwLHQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 18:11:46 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 199.96.164.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 199.96.164.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 14:11:37.009322 2026] [security2:error] [pid 16726:tid 16726] [client 199.96.164.48:49377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gellertdealers.totalstorage.solutions"] [uri "/wp-config.php.orig"] [unique_id "ag35WXprHE2TMFIQUlRRbAAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 15:14:23 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 199.96.164.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 199.96.164.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 11:14:18.372442 2026] [security2:error] [pid 5215:tid 5235] [client 199.96.164.48:61215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.strengthsmatter.teritemme.com"] [uri "/.wp-config.php.swp"] [unique_id "ag3PypFCf_iRIFpi0ORu4wAAAM8"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Aetherweb Ark	2026-05-17 10:53:44 (2 weeks ago)	(mod_security) mod_security (id:949110) triggered by 199.96.164.48 (US/United States/-): N in the la ... show more (mod_security) mod_security (id:949110) triggered by 199.96.164.48 (US/United States/-): N in the last X secs show less	Web App Attack
🇩🇪 LRob.fr	2026-05-16 09:30:04 (2 weeks ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-27 23:48:34 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 199.96.164.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 199.96.164.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 19:48:26.399952 2026] [security2:error] [pid 6056:tid 6056] [client 199.96.164.48:42397] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|greatwesternfirearms.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "greatwesternfirearms.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae_1ylhWdCFnUw7qIiuF3QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 todix	2026-04-17 09:16:47 (1 month ago)	WebAttack or semilar from 199.96.164.48	Web App Attack
🇩🇪 main.ows	2026-04-16 18:54:59 (1 month ago)	[16/Apr/2026:20:54:58.965419 +0200] aeEwgiRDpgs0ma4ZygQ2_QAAABA 199.96.164.48 15387 82.165.78.136 44 ... show more [16/Apr/2026:20:54:58.965419 +0200] aeEwgiRDpgs0ma4ZygQ2_QAAABA 199.96.164.48 15387 82.165.78.136 443 ... show less	Bad Web Bot Web App Attack
🇩🇪 stinpriza	2026-04-16 03:05:24 (1 month ago)	Web App Attack	Web App Attack
Anonymous	2026-01-26 23:01:22 (4 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.26 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.26 is noted in report timestamp show less	Hacking Brute-Force
🇹🇷 rtbh.com.tr	2025-12-26 20:10:40 (5 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Anonymous	2025-12-26 01:29:11 (5 months ago)	2025-12-26T02:26:55.542227+01:00 ns.almogavers.net auth[1407193]: pam_unix(dovecot:auth): authentica ... show more 2025-12-26T02:26:55.542227+01:00 ns.almogavers.net auth[1407193]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=nazcar rhost=199.96.164.48 user=nazcar ... show less	Web Spam Email Spam Port Scan Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-11-17 16:51:22 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 152.32.205.7

🇮🇳 182.74.241.2

🇺🇸 162.216.18.178

🇮🇹 158.173.77.54

🇩🇪 104.248.251.45

🇬🇧 35.203.211.77

🇺🇸 198.98.56.227

🇨🇳 114.246.241.87

🇨🇳 114.216.37.152

🇹🇼 101.13.4.119

🇨🇭 94.230.208.148

🇺🇸 47.251.244.32

🇨🇳 42.193.171.36

🇸🇳 41.208.147.131

🇫🇷 38.242.232.20

🇺🇸 208.84.100.114

🇬🇧 178.62.93.239

🇷🇺 176.109.97.11

🇩🇪 164.92.202.198

🇩🇪 141.11.45.97