JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 72.252.198.155

72.252.198.155 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 18%: ?

18%

ISP	FLOW
Usage Type	Fixed Line ISP
ASN	AS30689
Domain Name	flowja.com
Country	🇯🇲 Jamaica
City	Mandeville, Manchester

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 72.252.198.155

Whois 72.252.198.155

IP Abuse Reports for 72.252.198.155:

This IP address has been reported a total of 15 times from 12 distinct sources. 72.252.198.155 was first reported on July 1st 2024, and the most recent report was 23 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-06-15 09:59:34 (23 hours ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security	DDoS Attack Hacking Exploited Host
Anonymous	2026-05-08 05:18:11 (1 month ago)	host-ipset-guard auto-report; server=server.osotir.org; rule=httpd-storefront-action-burst; count=23 ... show more host-ipset-guard auto-report; server=server.osotir.org; rule=httpd-storefront-action-burst; count=23/15; duration=72h; scope=server.osotir.org; country=JM; sites=osotir.org; samples=burst_window=1m \| distinct_ips=23 \| action_types=2 show less	Bad Web Bot Web App Attack
🇩🇪 filstal.org	2026-05-02 02:36:13 (1 month ago)	Bad web bot: Spoofed/obsolete UA (Mozilla/5.0 (compatible; MSIE 9.0; Windows 95; Trident/5.1)). Mass ... show more Bad web bot: Spoofed/obsolete UA (Mozilla/5.0 (compatible; MSIE 9.0; Windows 95; Trident/5.1)). Mass-scanning WordPress plugin. Coordinated large-scale bot attack. show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-17 05:30:44 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 72.252.198.155 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 72.252.198.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 17 01:30:40.955288 2026] [security2:error] [pid 3732371:tid 3732371] [client 72.252.198.155:61456] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|internet-brochures.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "internet-brochures.com"] [uri "/dynamicdancecenter.com"] [unique_id "aeHFgHyjC4kAe6Ws9fOnKwAAABo"], referer: http://internet-brochures.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-03-24 15:55:00 (2 months ago)	IPBlock protected site ID [3192-af][s=02]. Exploit request, vulnerability probe.	Hacking Bad Web Bot Web App Attack
🇨🇦 polycoda	2026-03-20 14:25:27 (2 months ago)	🥶 Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27	DDoS Attack
🇹🇷 rtbh.com.tr	2026-03-15 20:12:04 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇹🇷 rtbh.com.tr	2026-03-14 20:12:03 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
Anonymous	2025-11-25 08:32:34 (6 months ago)	scanning http requests from known botnet	Web App Attack
🇺🇸 SiliSoftware	2025-10-16 05:32:00 (8 months ago)	/phpBB3/templates/subSilver/images/lang_english/icon_pm.gif	Web App Attack
🇳🇱 exxos	2025-08-29 09:03:02 (9 months ago)	Attacks with Bad user agents	Hacking
🇳🇱 exxos	2025-08-01 08:55:57 (10 months ago)	HTTP1.x attacks	DDoS Attack
🇪🇸 Global Cyber Police	2025-07-27 15:12:46 (10 months ago)	Malicious bot activity detected: Hitting honeypot page (200 OK with 258/259 bytes sent).	Port Scan Brute-Force Web App Attack
🇳🇱 Linuxmalwarehuntingnl	2024-07-01 10:58:09 (1 year ago)	Unauthorized connection attempt	Brute-Force

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 204.76.203.212

🇭🇺 193.68.57.43

🇰🇷 183.109.232.182

🇧🇷 181.189.118.116

🇩🇪 178.105.164.33

🇵🇰 110.93.224.226

🇷🇺 88.205.172.170

🇺🇸 76.130.1.49

🇮🇳 47.15.98.120

🇩🇪 46.249.99.46

🇬🇧 35.203.211.58

🇨🇳 27.8.44.168

🇶🇦 20.173.116.24

🇻🇳 14.161.18.1

🇻🇪 181.208.184.190

🇬🇧 165.232.33.59

🇮🇩 103.59.161.65

🇺🇸 75.197.64.15

🇫🇷 51.159.103.72

🇳🇱 45.148.10.147