JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 199.96.166.118

199.96.166.118 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 7%: ?

ISP	MyridWeb LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	myridweb.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 199.96.166.118

Whois 199.96.166.118

IP Abuse Reports for 199.96.166.118:

This IP address has been reported a total of 15 times from 14 distinct sources. 199.96.166.118 was first reported on September 16th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Oakley	2026-05-17 08:02:07 (1 month ago)	(mod_security) mod_security (id:900210) triggered by 199.96.166.118 (US/United States/-): 5 in the l ... show more (mod_security) mod_security (id:900210) triggered by 199.96.166.118 (US/United States/-): 5 in the last 900 secs show less	Web App Attack Hacking
Anonymous	2026-05-02 14:02:34 (1 month ago)	Aggressive web scan	Web App Attack
Anonymous	2026-04-09 21:15:36 (2 months ago)	"POST /xmlrpc.php HTTP/1.1"	Hacking Web App Attack
🇪🇸 el-brujo	2026-02-24 12:10:47 (3 months ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:140.0) Gecko/20100101 Firefox/140.0 Action: managed_challenge Source: firewallManaged ASN Description: PUREVOLTAGE-INC - PureVoltage Hosting Inc. Country: US Method: POST Timestamp: 2026-02-24T12:10:47Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇳🇱 donarev419	2026-02-22 00:03:46 (4 months ago)	Connection to port 13443 with data transfer. Data preview:	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-02-08 23:09:12 (4 months ago)	(mod_security) mod_security (id:210350) triggered by 199.96.166.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 199.96.166.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 18:09:06.213110 2026] [security2:error] [pid 8187:tid 8187] [client 199.96.166.118:59201] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|scottcampbellconstruction.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "scottcampbellconstruction.com"] [uri "/contactus.htm"] [unique_id "aYkXkgvSeJ2_tYuYAGUNEQAAAAo"], referer: https://www.facebook.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 tilellit.pro	2026-02-05 13:54:27 (4 months ago)	Fail2Ban banned 199.96.166.118 for security violations in jail wp-armour. Log: 2026/02/05 13:54:26 [ ... show more Fail2Ban banned 199.96.166.118 for security violations in jail wp-armour. Log: 2026/02/05 13:54:26 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 199.96.166.118 \| Target: wplogin" , client: 199.96.166.118, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇪🇸 el-brujo	2026-02-05 13:35:51 (4 months ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:146.0) Gecko/20100101 Firefox/146.0 Action: managed_challenge Source: firewallManaged ASN Description: PUREVOLTAGE-INC - PureVoltage Hosting Inc. Country: US Method: POST Timestamp: 2026-02-05T13:35:51Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇩🇪 MusicLibrary	2026-02-05 12:12:03 (4 months ago)	Attempted access to non existent wordpress urls	Bad Web Bot
🇺🇸 nowyouknow	2025-12-22 19:04:58 (5 months ago)	(From [email protected]) Hey Team, I’m writing because I found your site on Page 2 for yo ... show more (From [email protected]) Hey Team, I’m writing because I found your site on Page 2 for your main keywords. Frankly, it makes me frustrated. Your website is much better than the guys ranking #1, but they are getting all the traffic. You are basically donating your customers to them for free, just because of some technical SEO issues. I have the data in front of me showing exactly why Google is favoring them over you. I’d love to walk you through the fix. Do you have availability this week for a brief call? Cheers, QIK 10x Growth show less	Phishing Web Spam
🇳🇱 i-turnradio.nl	2025-12-21 11:49:48 (6 months ago)	2025-12-21 @ 12:49:47 (CET) ~ Blocked for trying to access: /xmlrpc.php	Web App Attack
🇱🇻 garmtech.com	2025-12-02 00:11:47 (6 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇺🇸 [email protected]	2025-10-17 00:07:29 (8 months ago)	Fail2Ban jail apache-json-scanners detected activity on 2025-10-17T00:07:29Z	Brute-Force
🇹🇷 pamircil	2025-09-23 03:11:14 (8 months ago)	🍯 WinnieThePooh Honeypot : GET request to '/wp-config.copy' on (http/80)💀	Hacking Brute-Force SSH
🇧🇷 hostseries	2025-09-16 21:32:48 (9 months ago)	Trigger: LF_DISTATTACK	Brute-Force

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4004:1002::121

🇩🇪 213.209.159.228

🇺🇸 195.184.76.239

🇺🇸 195.184.76.165

🇺🇸 195.184.76.13

🇦🇷 191.241.142.170

🇧🇷 179.63.70.253

🇨🇮 154.0.30.137

🇧🇷 118.26.105.144

🇷🇴 80.94.92.178

🇺🇸 20.55.72.219

🇺🇸 18.216.195.211

🇨🇭 2400:cb00:920:1000:6d6d:e5f6:4e80:18fb

🇹🇭 203.154.158.195

🇩🇪 194.88.98.110

🇨🇳 183.250.25.11

🇫🇷 178.18.249.37

🇺🇸 165.154.206.246

🇮🇩 114.10.77.90

🇨🇳 113.13.118.228