JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.90.108.172

116.90.108.172 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 68%: ?

68%

ISP	Gerrys Information Technology (Pvt.) Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS138985
Domain Name	gerrys.net
Country	🇵🇰 Pakistan
City	Karachi, Sindh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.90.108.172

Whois 116.90.108.172

IP Abuse Reports for 116.90.108.172:

This IP address has been reported a total of 15 times from 11 distinct sources. 116.90.108.172 was first reported on June 1st 2026, and the most recent report was 22 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 wlt-blocker	2026-06-05 23:33:37 (22 hours ago)	Unauthorized access to webpage admin	Web App Attack
Anonymous	2026-06-05 23:12:40 (22 hours ago)	Attac	Brute-Force
🇩🇪 big-cloud.nl	2026-06-05 19:32:29 (1 day ago)	Try to access /xmlrpc.php	Web App Attack
Anonymous	2026-06-04 21:18:10 (2 days ago)	Attac	Brute-Force
Anonymous	2026-06-04 21:17:08 (2 days ago)	(wordpress) Failed wordpress login from 116.90.108.172 (PK/Pakistan/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-04 18:46:38 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 116.90.108.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 116.90.108.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 14:46:29.025983 2026] [security2:error] [pid 7872:tid 7872] [client 116.90.108.172:57587] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kavahawaii.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kavahawaii.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiHIBcEpLs__7UwKOlQdjgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 00:05:09 (2 days ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (11/60 min)'; Requests=11	Port Scan
🇨🇭 4server	2026-06-03 21:15:43 (3 days ago)	[WedJun0323:15:38.5708612026][security2:error][pid724093:tid724402][client116.90.108.172:0]ModSecuri ... show more [WedJun0323:15:38.5708612026][security2:error][pid724093:tid724402][client116.90.108.172:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"sesael.ch\"][uri\"/xmlrpc.php\"][unique_id\"aiCZelsLUPY2xppj5AHObQAAAEM\"] show less	Hacking Web App Attack
Anonymous	2026-06-03 17:46:17 (3 days ago)	Attac	Brute-Force
🇮🇹 VHosting	2026-06-03 00:30:03 (3 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-03 00:05:42 (3 days ago)	(xmlrpc) Apache: Failed xmlrpc access from 116.90.108.172 (PK/Pakistan/-): 10 in the last 3600 secs ... show more (xmlrpc) Apache: Failed xmlrpc access from 116.90.108.172 (PK/Pakistan/-): 10 in the last 3600 secs (0-201) show less	Hacking
🇩🇪 4server	2026-06-02 23:54:05 (3 days ago)	[WedJun0301:53:59.3896962026][security2:error][pid870165:tid870286][client116.90.108.172:0]ModSecuri ... show more [WedJun0301:53:59.3896962026][security2:error][pid870165:tid870286][client116.90.108.172:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"aexthesya.ch\"][uri\"/xmlrpc.php\"][unique_id\"ah9tFzf3R6TBUfKvuoaWuwAAAM4\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 22:04:35 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 116.90.108.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 116.90.108.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 18:04:26.604486 2026] [security2:error] [pid 8442:tid 8442] [client 116.90.108.172:63751] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|certifiedfarmersmarkets.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "certifiedfarmersmarkets.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ah4B6vnNIt1QQJUClFHH0gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-01 19:28:31 (5 days ago)	(wordpress) Failed wordpress login from 116.90.108.172 (PK/Pakistan/-/-/-)	Brute-Force
🇫🇷 ELYAZ	2026-06-01 16:26:43 (5 days ago)	(wordpress) Failed wordpress login from 116.90.108.172 (PK/Pakistan/-): (CF_ENABLE)	Brute-Force

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 198.244.168.123

🇨🇳 183.250.25.11

🇨🇳 106.75.139.82

🇺🇸 104.23.190.163

🇺🇸 216.180.246.120

🇧🇷 205.210.31.220

🇫🇷 146.70.40.68

🇨🇳 119.98.69.109

🇺🇸 98.93.104.4

🇺🇸 74.94.1.61

🇨🇳 60.16.216.55

🇵🇱 31.179.197.26

🇨🇳 27.150.188.148

🇺🇸 198.211.112.71

🇪🇪 196.196.222.203

🇮🇩 160.187.174.22

🇫🇮 147.185.133.2

🇰🇷 112.151.178.49

🇱🇹 81.30.98.144

🇧🇬 79.124.59.78