JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 208.72.217.90

208.72.217.90 was found in our database!

This IP was reported 62 times. Confidence of Abuse is 29%: ?

29%

ISP	NexG
Usage Type	Fixed Line ISP
ASN	AS16848
Domain Name	nexg.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 208.72.217.90

Whois 208.72.217.90

IP Abuse Reports for 208.72.217.90:

This IP address has been reported a total of 62 times from 19 distinct sources. 208.72.217.90 was first reported on November 15th 2023, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-09 00:10:37 (2 days ago)	sqlinjection union	SQL Injection Brute-Force Web App Attack
Anonymous	2026-05-29 22:49:56 (1 week ago)	Aggressive web scan	Web App Attack
Anonymous	2026-05-22 00:10:37 (2 weeks ago)	sqlinjection union	SQL Injection Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-16 03:24:19 (3 weeks ago)	(mod_security) mod_security (id:210410) triggered by 208.72.217.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210410) triggered by 208.72.217.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 23:24:11.502385 2026] [security2:error] [pid 9138:tid 9173] [client 208.72.217.90:54456] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS_NAMES:1\\x00\\xc0\\xa7\\xc0\\xa2%2527%2522 outside range: 1-255. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "95"] [id "210410"] [rev "4"] [msg "COMODO WAF: Invalid character in request\|\|luxury.management\|F\|3"] [data "ARGS_NAMES:1\\x5cx00\\x5cxc0\\x5cxa7\\x5cxc0\\x5cxa2%2527%2522=1\\x00\\xc0\\xa7\\xc0\\xa2%27%22"] [severity "ERROR"] [tag "CWAF"] [tag "Protocol"] [hostname "luxury.management"] [uri "/xmlrpc.php"] [unique_id "agfjWzsnIGLwM3Do856kVAAAANc"], referer: http://luxury.management/ show less	Brute-Force Bad Web Bot Web App Attack
🇮🇱 spd.co.il	2026-05-14 06:01:58 (4 weeks ago)	Web application attack detected	Hacking Web App Attack
🇮🇹 secureme	2026-05-12 08:30:00 (4 weeks ago)	/en/area/applications-0XOR(if(now()=sysdate(),sleep(12),0))XORZ	Web App Attack SQL Injection
Anonymous	2026-05-12 00:10:37 (4 weeks ago)	sqlinjection union	SQL Injection Brute-Force Web App Attack
🇳🇱 Savvii	2026-04-28 23:10:54 (1 month ago)	15 attempts against mh-modsecurity-ban on pf221108	Brute-Force Web App Attack
Anonymous	2026-04-24 18:02:01 (1 month ago)	Web attack	Bad Web Bot Web App Attack
Anonymous	2026-04-21 00:10:37 (1 month ago)	sqlinjection union	SQL Injection Brute-Force Web App Attack
Anonymous	2026-04-13 10:05:49 (1 month ago)	Blocked: Reason='High request volume — possible DDoS (> 5000 in 60 min)'; Requests=6037	DDoS Attack
🇺🇸 TPI-Abuse	2026-04-12 07:54:00 (1 month ago)	(mod_security) mod_security (id:210410) triggered by 208.72.217.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210410) triggered by 208.72.217.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 03:53:50.223736 2026] [security2:error] [pid 2504001:tid 2504027] [client 208.72.217.90:57641] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS_NAMES:1\\x00\\xc0\\xa7\\xc0\\xa2%2527%2522 outside range: 1-255. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "95"] [id "210410"] [rev "4"] [msg "COMODO WAF: Invalid character in request\|\|luxury.management\|F\|3"] [data "ARGS_NAMES:1\\x5cx00\\x5cxc0\\x5cxa7\\x5cxc0\\x5cxa2%2527%2522=1\\x00\\xc0\\xa7\\xc0\\xa2%27%22"] [severity "ERROR"] [tag "CWAF"] [tag "Protocol"] [hostname "luxury.management"] [uri "/xmlrpc.php"] [unique_id "adtPjtU5OBWfq37MU_--TQAAABc"], referer: http://luxury.management/ show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-04-11 06:27:50 (2 months ago)	1.248 requests with url.path */wp-comments-post.php	Brute-Force Bad Web Bot
Anonymous	2026-04-08 00:10:37 (2 months ago)	sqlinjection union	SQL Injection Brute-Force Web App Attack
🇺🇸 ipblock.com	2026-03-23 15:50:00 (2 months ago)	IPBlock protected site ID [4055-d][s=02]. Persistent 404, vulnerability scanner	Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 62 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a06:4880:6000::7e

🇧🇩 203.190.11.3

🇩🇪 185.249.74.198

🇺🇸 162.217.165.220

🇨🇳 120.211.189.58

🇨🇳 101.96.203.31

🇺🇸 69.164.214.243

🇳🇱 45.148.10.141

🇻🇳 171.244.37.103

🇸🇪 171.25.158.82

🇨🇳 115.190.155.5

🇳🇱 91.92.241.35

🇮🇳 61.246.201.82

🇪🇸 217.154.106.153

🇨🇦 199.21.149.124

🇩🇪 194.59.206.2

🇺🇸 162.241.129.208

🇫🇮 147.185.133.16

🇫🇮 135.181.182.250

🇧🇷 45.232.73.84