JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 199.96.165.229

199.96.165.229 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 17%: ?

17%

ISP	MyridWeb LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	myridweb.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 199.96.165.229

Whois 199.96.165.229

IP Abuse Reports for 199.96.165.229:

This IP address has been reported a total of 20 times from 12 distinct sources. 199.96.165.229 was first reported on April 24th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-22 11:30:20 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 199.96.165.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 199.96.165.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 07:30:13.246983 2026] [security2:error] [pid 30015:tid 30015] [client 199.96.165.229:63121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "support.leonardodecaprio.com"] [uri "/wp-config.php.old"] [unique_id "ahA-RcuK-xitnlm32oPWJAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 20:23:44 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 199.96.165.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 199.96.165.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 16:23:39.115645 2026] [security2:error] [pid 24834:tid 24834] [client 199.96.165.229:50841] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|waterspell.net\|F\|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "waterspell.net"] [uri "/wp-config.inc"] [unique_id "ag4YS9LDgANIxdhrBzptRQAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 03:01:39 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 199.96.165.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 199.96.165.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 23:01:32.548422 2026] [security2:error] [pid 16386:tid 16431] [client 199.96.165.229:9081] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "plumeraproductions.com"] [uri "/wp-config.bak"] [unique_id "ag0kDBtUjZ5-V4f5UtrDTgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-17 04:59:06 (3 weeks ago)	(wp-php-upload-includes) Block attempt to access .php in uploads wordpress uploads or well-known 199 ... show more (wp-php-upload-includes) Block attempt to access .php in uploads wordpress uploads or well-known 199.96.165.229 (US/United States/-) show less	Brute-Force
Anonymous	2026-05-04 08:11:59 (1 month ago)	199.96.165.229 - - [04/May/2026:16:11:58 +0800] "GET /shell.php HTTP/1.1" 301 - "-" "Mozilla/5.0 (Wi ... show more 199.96.165.229 - - [04/May/2026:16:11:58 +0800] "GET /shell.php HTTP/1.1" 301 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇩🇪 todix	2026-04-17 05:26:16 (1 month ago)	Web App Attack Exploid from 199.96.165.229	Web App Attack
🇺🇸 TPI-Abuse	2026-03-14 12:37:02 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 199.96.165.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 199.96.165.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 08:36:54.584435 2026] [security2:error] [pid 16529:tid 16529] [client 199.96.165.229:16235] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Golden-Technologies/pics/Golden Technologies 2009 Marketing CD/Luxury Beds/Deluxe Bed 4101/Thumbs.db"] [unique_id "abVWZl5fWDhO2zTHkB5JfQAAAA8"], referer: https://vitalitywebb.com/backstore/Golden-Technologies/pics/Golden%20Technologies%202009%20Marketing%20CD/Luxury%20Beds/Deluxe%20Bed%204101/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-21 01:11:29 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 199.96.165.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 199.96.165.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 20:11:26.174790 2026] [security2:error] [pid 6694:tid 6694] [client 199.96.165.229:59273] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|greenmountainfeeds.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "greenmountainfeeds.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZkGPvVy4LkiAl7tYoliUAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 EchoGuard	2026-02-13 15:29:55 (3 months ago)	FortiGate SSL VPN login failures	VPN IP Brute-Force
🇺🇸 Penny Packer	2026-01-28 03:17:37 (4 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇨🇭 backslash	2026-01-12 08:05:18 (5 months ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-19 11:25:00 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 199.96.165.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 199.96.165.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 19 06:24:54.736260 2025] [security2:error] [pid 25060:tid 25060] [client 199.96.165.229:58707] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|gamepart.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "gamepart.com"] [uri "/home/tancedi1/gamepart.com"] [unique_id "aUU2BpoThgy1UROTxoXjqQAAAAY"], referer: https://slate.com/technology/2006/06/the-godfather-the-game-reviewed.html show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-12-01 01:20:17 (6 months ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇨🇦 wil.com	2025-11-30 22:50:12 (6 months ago)	GlobalProtect login attempts with user jachange.	VPN IP Brute-Force
🇦🇺 oncord	2025-05-03 08:23:32 (1 year ago)	Form spam	Web Spam

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇶 65.20.149.93

🇩🇪 172.71.172.216

🇩🇪 172.71.148.129

🇮🇳 168.144.81.184

🇺🇸 98.80.4.47

🇮🇹 94.177.195.107

🇺🇸 66.132.172.34

🇳🇱 45.148.10.183

🇺🇸 43.153.102.138

🇨🇳 223.159.80.91

🇩🇪 202.22.174.177

🇺🇸 192.210.228.134

🇮🇩 182.10.131.167

🇺🇸 162.0.228.101

🇲🇲 136.228.161.66

🇻🇳 123.24.228.42

🇮🇩 103.79.247.161

🇺🇸 216.218.206.67

🇺🇸 199.195.254.215

🇬🇧 193.32.209.248