JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 96.27.198.133

96.27.198.133 was found in our database!

This IP was reported 238 times. Confidence of Abuse is 0%: ?

ISP	Wide Open West
Usage Type	Fixed Line ISP
ASN	AS12083
Hostname(s)	d27-96-133-198.evv.wideopenwest.com
Domain Name	wideopenwest.com
Country	🇺🇸 United States of America
City	Utica, Michigan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 96.27.198.133

Whois 96.27.198.133

IP Abuse Reports for 96.27.198.133:

This IP address has been reported a total of 238 times from 81 distinct sources. 96.27.198.133 was first reported on May 19th 2023, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 10dencehispahard SL	2024-10-04 11:23:39 (1 year ago)	Scan to detect web files	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2024-10-02 12:11:12 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 96.27.198.133 (d27-96-133-198.evv.wideopenwest. ... show more (mod_security) mod_security (id:210492) triggered by 96.27.198.133 (d27-96-133-198.evv.wideopenwest.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 08:11:09.035164 2024] [security2:error] [pid 6737:tid 6737] [client 96.27.198.133:43126] [client 96.27.198.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.convoyforkids.com"] [uri "/wp-config.php~"] [unique_id "Zv04XU_Fdczm0bnzYkvzRAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-24 02:17:59 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 96.27.198.133 (d27-96-133-198.evv.wideopenwest. ... show more (mod_security) mod_security (id:210492) triggered by 96.27.198.133 (d27-96-133-198.evv.wideopenwest.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 23 22:17:52.870461 2024] [security2:error] [pid 13763:tid 13763] [client 96.27.198.133:40054] [client 96.27.198.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "investorsfundingusa.com"] [uri "/wp-config.php.bak"] [unique_id "ZvIhUASEOA2nNFK_V8EkzAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 georgengelmann	2024-09-23 09:36:17 (1 year ago)	Failed login attempt for pedro	Brute-Force Web App Attack
🇩🇪 XICTRON	2024-09-12 22:25:02 (1 year ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇵🇱 sefinek.net	2024-09-11 18:16:48 (1 year ago)	IP 96.27.198.133 [T1] triggered Cloudflare WAF (firewallCustom). Action taken: CHALLENGE ASN: 12083 ... show more IP 96.27.198.133 [T1] triggered Cloudflare WAF (firewallCustom). Action taken: CHALLENGE ASN: 12083 (WOW-INTERNET) Protocol: HTTP/1.1 (method GET) Domain: blocklist.sefinek.net Endpoint: / Timestamp: 2024-09-11T08:53:40Z Ray ID: 8c166dbf6fce1267 Rule ID: cc5e7a6277d447eca9c1818934ba65c8 User agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 Report generated by Node-Cloudflare-WAF-AbuseIPDB (https://github.com/sefinek24/Node-Cloudflare-WAF-AbuseIPDB) show less	Bad Web Bot
🇺🇸 beehivesafety	2024-09-03 01:18:22 (1 year ago)	Threat Blocked by BeeHive from (ASN:12083) (Network:WOW-INTERNET) (Host:beehive.systems) (Method:GET ... show more Threat Blocked by BeeHive from (ASN:12083) (Network:WOW-INTERNET) (Host:beehive.systems) (Method:GET) (Protocol:HTTP/1.1) (Timestamp:2024-09-03T01:18:22Z) show less	Open Proxy VPN IP Port Scan Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2024-09-02 02:11:02 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 96.27.198.133 (d27-96-133-198.evv.wideopenwest. ... show more (mod_security) mod_security (id:210492) triggered by 96.27.198.133 (d27-96-133-198.evv.wideopenwest.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 01 22:10:56.136724 2024] [security2:error] [pid 2701:tid 2701] [client 96.27.198.133:41080] [client 96.27.198.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.purehomesystems.com"] [uri "/.git/config"] [unique_id "ZtUesGAIBaotkG5RFGCaPQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-01 02:40:25 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 96.27.198.133 (d27-96-133-198.evv.wideopenwest. ... show more (mod_security) mod_security (id:210492) triggered by 96.27.198.133 (d27-96-133-198.evv.wideopenwest.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 31 22:40:18.785647 2024] [security2:error] [pid 27950:tid 27950] [client 96.27.198.133:45660] [client 96.27.198.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.razeemco.com"] [uri "/.git/config"] [unique_id "ZtPUEguUtrkRN0CBo0Ax7gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-08-29 08:05:32 (1 year ago)	Bot / scanning and/or hacking attempts: GET /wp-config.phpn HTTP/1.1, GET /wp-config.php.com HTTP/1. ... show more Bot / scanning and/or hacking attempts: GET /wp-config.phpn HTTP/1.1, GET /wp-config.php.com HTTP/1.1, GET /wp-config-sample.php~~ HTTP/1.1, GET /wp-config.phpe HTTP/1.1, GET /wp-config.php.backup HTTP/1.1, GET /wp-config.php_old HTTP/1.1, GET /wp-config.php~~~~ HTTP/1.1, GET /wp-config.php.public HTTP/1.1, GET /uv-config.php.public HTTP/1.1, GET /wp-config.php-o HTTP/1.1, GET /wp-config.phpd HTTP/1.1, GET /wp-config.php1 HTTP/1.1, GET /wp-config.php.uk HTTP/1.1, GET /wp-config.php.resetwp_bak HTTP/1.1, GET /wp-config.phpo HTTP/1.1, GET /wp-config.php.us HTTP/1.1, GET /bb-config.php.bak HTTP/1.1 show less	Hacking Web App Attack
🇲🇾 Rizzy	2024-08-29 06:27:26 (1 year ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇩🇪 PaulSep	2024-08-26 16:54:30 (1 year ago)	2024-08-26T18:54:30+02:00 [redacted] 96.27.198.133 - - [26/Aug/2024:18:54:28 +0200] "GET /account/ ... show more 2024-08-26T18:54:30+02:00 [redacted] 96.27.198.133 - - [26/Aug/2024:18:54:28 +0200] "GET /account/ HTTP/1.1" 302 58172 "https://[redacted]/wp-login.php?redirect_to=%2Fil-mio-account%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" show less	Hacking
🇦🇺 MAGIC	2024-08-21 10:05:03 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2024-08-18 17:14:04 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 96.27.198.133 (d27-96-133-198.evv.wideopenwest. ... show more (mod_security) mod_security (id:210492) triggered by 96.27.198.133 (d27-96-133-198.evv.wideopenwest.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 18 13:13:59.899156 2024] [security2:error] [pid 22415:tid 22415] [client 96.27.198.133:39086] [client 96.27.198.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artritiscanina.com"] [uri "/wp-config.php~~~~"] [unique_id "ZsIr1_mJzdizcrhPZjFj6wAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-09 07:43:18 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 96.27.198.133 (d27-96-133-198.evv.wideopenwest. ... show more (mod_security) mod_security (id:210730) triggered by 96.27.198.133 (d27-96-133-198.evv.wideopenwest.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 03:43:12.188877 2024] [security2:error] [pid 8133:tid 8133] [client 96.27.198.133:36058] [client 96.27.198.133] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|isullc.net\|F\|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "isullc.net"] [uri "/config.old"] [unique_id "ZrXIkLZMYaXM__wPcrNG5QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 238 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a03:2880:16ff:5d::

🇳🇱 213.177.179.62

🇻🇪 190.153.21.124

🇺🇸 167.99.54.222

🇮🇳 61.95.199.54

🇧🇷 45.170.58.123

🇺🇸 20.42.108.100

🇺🇸 2a03:2880:16ff:5c::

🇧🇷 200.155.66.2

🇧🇪 198.235.24.203

🇧🇷 189.91.128.26

🇧🇷 186.238.247.238

🇮🇩 180.252.162.21

🇵🇰 111.92.142.155

🇳🇱 93.123.72.183

🇷🇴 80.94.92.177

🇩🇪 79.215.2.72

🇺🇸 47.251.105.28

🇳🇱 34.91.212.219

🇺🇸 34.59.157.230