JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 199.96.167.99

199.96.167.99 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 19%: ?

19%

ISP	MyridWeb LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	myridweb.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 199.96.167.99

Whois 199.96.167.99

IP Abuse Reports for 199.96.167.99:

This IP address has been reported a total of 10 times from 8 distinct sources. 199.96.167.99 was first reported on December 14th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-24 13:01:29 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 199.96.167.99 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 199.96.167.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 09:01:23.434905 2026] [security2:error] [pid 31382:tid 31382] [client 199.96.167.99:63503] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|webjemm.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "webjemm.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ahL2oxhbS5JHVH1JiUz37wAAACw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-16 23:58:48 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 199.96.167.99 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 199.96.167.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 19:58:43.080492 2026] [security2:error] [pid 30243:tid 30243] [client 199.96.167.99:46197] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Golden-Technologies/pics/Golden Technologies 2009 Marketing CD/Lift Chairs/Lifestyle/Thumbs.db"] [unique_id "agkEsw1tofhPt9GykBS6RgAAAAE"], referer: https://vitalitywebb.com/backstore/Golden-Technologies/pics/Golden%20Technologies%202009%20Marketing%20CD/Lift%20Chairs/Lifestyle/ show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-05-12 06:07:00 (3 weeks ago)	IM360 WAF: SQL Injection via WordPress Link functionality MV:100')EXTRACTVALUE(10038,CONCAT(0x7e,(SE ... show more IM360 WAF: SQL Injection via WordPress Link functionality MV:100')EXTRACTVALUE(10038,CONCAT(0x7e,(SELECT/**/(ELT(10038=10038,1))),0x7e)) AND '1'='1 show less	SQL Injection
🇩🇪 on-com	2026-04-30 12:19:37 (1 month ago)	URL scan	Brute-Force Web App Attack
🇨🇭 backslash	2026-04-18 01:18:10 (1 month ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇳🇱 i-turnradio.nl	2026-02-19 06:23:22 (3 months ago)	2026-02-19 @ 07:23:22 (CET) ~ Blocked for trying to access: /erker/wp/wp-login.php	Web App Attack
🇦🇺 MAGIC	2026-02-04 01:11:51 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇱🇻 garmtech.com	2026-01-09 04:03:27 (4 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇫🇷 masterguru	2025-12-23 11:01:32 (5 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 199.96.167.99 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 199.96.167.99 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
Anonymous	2025-12-14 18:26:25 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.14 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.14 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2603:3:610a:de00::

🇪🇸 196.196.150.6

🇨🇭 209.99.184.143

🇧🇷 186.219.184.142

🇹🇭 182.52.236.80

🇨🇴 181.234.29.66

🇺🇸 216.25.89.109

🇹🇷 185.153.231.44

🇧🇷 177.191.129.41

🇭🇰 150.5.169.176

🇮🇩 103.171.84.20

🇨🇭 89.217.255.103

🇳🇴 89.185.81.112

🇭🇺 84.1.34.242

🇮🇳 59.180.146.74

🇰🇷 1.245.74.10

🇺🇸 2604:a880:400:d1:0:4:6c84:1

🇧🇷 131.161.249.165

🇨🇳 114.55.14.48

🇧🇩 103.171.69.89