JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 199.96.165.134

199.96.165.134 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 1%: ?

ISP	MyridWeb LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	myridweb.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 199.96.165.134

Whois 199.96.165.134

IP Abuse Reports for 199.96.165.134:

This IP address has been reported a total of 12 times from 7 distinct sources. 199.96.165.134 was first reported on November 1st 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 sshtmp	2026-05-20 05:17:43 (2 weeks ago)	[AbuseIPDB auto-report] Attack: WordPress XML-RPC brute-force Hits: 1 \| First: 2026-05-20T07:17:43+0 ... show more [AbuseIPDB auto-report] Attack: WordPress XML-RPC brute-force Hits: 1 \| First: 2026-05-20T07:17:43+02:00 \| Last: 2026-05-20T07:17:43+02:00 Samples: POST /xmlrpc.php [200] show less	Brute-Force Web App Attack
🇨🇭 backslash	2026-03-15 05:27:09 (2 months ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇺🇸 nodepile	2026-01-30 10:00:13 (4 months ago)	Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/umnitza-umnitza-license-plate-ligh ... show more Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/umnitza-umnitza-license-plate-lights-p-1337.html ua='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.1529.54 Safari/537.36') show less	Open Proxy VPN IP
Anonymous	2026-01-17 12:38:18 (4 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.17 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.17 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 HandyTreff.de	2026-01-04 14:15:29 (5 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -30.096 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -30.096 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.3558.7 show less	Bad Web Bot Web App Attack
🇺🇸 nodepile	2025-12-11 20:00:34 (5 months ago)	Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/golf-iv-r32-projectormk4-umnitza-o ... show more Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/golf-iv-r32-projectormk4-umnitza-orion-v2-sup-tm-sup.html ua='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.431.158 Safari/537.36') show less	Open Proxy VPN IP
🇱🇻 garmtech.com	2025-12-02 09:09:30 (6 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇱🇻 garmtech.com	2025-11-30 06:04:43 (6 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇨🇭 backslash	2025-11-14 15:45:02 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-08 19:11:32 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 199.96.165.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 199.96.165.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 08 14:11:25.469182 2025] [security2:error] [pid 17786:tid 17786] [client 199.96.165.134:27085] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|oweng.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "oweng.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ-V3c3UykDNDWTLlvh9XgAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-08 13:06:42 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 199.96.165.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 199.96.165.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 08 08:06:36.995143 2025] [security2:error] [pid 16458:tid 16458] [client 199.96.165.134:37931] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ9AXDL06o2C_p83dbckRAAAABw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-01 14:40:07 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 199.96.165.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 199.96.165.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 01 10:40:01.048633 2025] [security2:error] [pid 8590:tid 8625] [client 199.96.165.134:54733] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|millicanjones.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "millicanjones.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQYbwXl6EaMmM6sQysSUPwAAANE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 181.214.48.205

🇺🇸 172.203.134.70

🇺🇸 147.185.132.111

🇻🇳 118.70.182.193

🇭🇰 112.119.21.245

🇭🇰 101.36.111.86

🇮🇳 182.95.103.150

🇵🇪 161.132.38.234

🇮🇩 143.20.49.38

🇨🇳 122.96.28.131

🇩🇪 46.224.160.234

🇳🇱 45.198.224.7

🇸🇬 148.66.142.9

🇭🇰 123.58.213.128

🇯🇵 118.193.61.170

🇨🇳 222.212.83.51

🇩🇪 207.241.172.57

🇧🇷 205.210.31.222

🇺🇸 205.210.31.45

🇲🇽 187.212.10.12