AbuseIPDB » 185.72.241.75
185.72.241.75
This IP was reported 8 times. Confidence of
Abuse
is 13% : ?
ISP
Profisol Telecom S.R.L.
Usage Type
Data Center/Web Hosting/Transit
ASN
AS203020
Hostname(s)
undefined.hostname.localhost
Domain Name
profisol.ro
Country
๐ง๐ท
Brazil
City
Sao Paulo, Sao Paulo
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 185.72.241.75 :
This IP address has been reported a total of
8
times from
5 distinct
sources.
185.72.241.75 was first reported on
February 19th 2025 , and the most recent report was
19 hours ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ซ๐ท
Sklurk
2026-06-25 08:58:20
(19 hours ago)
Web App Attack
Web App Attack
2026-06-01 16:30:02
(3 weeks ago)
| A web attack returned code 200 (success).
Web App Attack
Hacking
SQL Injection
2026-03-05 10:29:13
(3 months ago)
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ...
show more
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-skip.asp
show less
Exploited Host
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-12-01 07:17:29
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 185.72.241.75 (undefined.hostname.localhost): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 185.72.241.75 (undefined.hostname.localhost): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 02:17:23.830748 2025] [security2:error] [pid 27471:tid 27505] [client 185.72.241.75:35199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.kettlehill.com"] [uri "/example.htaccess"] [unique_id "aS1BA3LXOKC0tXS7y0k-8gAAAJE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-28 21:46:52
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 185.72.241.75 (undefined.hostname.localhost): 1 ...
show more
(mod_security) mod_security (id:210730) triggered by 185.72.241.75 (undefined.hostname.localhost): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 17:46:47.342615 2025] [security2:error] [pid 30017:tid 30017] [client 185.72.241.75:58081] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ftp.nbcnewsradio.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/error.log"] [unique_id "aQE5x_0dd7A14r8wiqeA0gAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-26 04:16:31
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 185.72.241.75 (undefined.hostname.localhost): 1 ...
show more
(mod_security) mod_security (id:210730) triggered by 185.72.241.75 (undefined.hostname.localhost): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 26 00:16:26.194895 2025] [security2:error] [pid 7608:tid 7608] [client 185.72.241.75:60567] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||ftp.deandobkin.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.deandobkin.com"] [uri "/admin/error.log"] [unique_id "aNYTmkp0ZgFsEPybSfwBqQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
2025-03-02 17:05:15
(1 year ago)
botnet
DDoS Attack
2025-02-19 12:16:01
(1 year ago)
botnet
DDoS Attack
Showing 1 to
8
of 8 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: