๐บ๐ธ
TPI-Abuse
2026-07-02 13:49:12
(4 hours ago)
(mod_security) mod_security (id:949110) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:949110) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 09:49:07.748932 2026] [security2:error] [pid 19410:tid 19410] [client 43.243.192.92:43660] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "chuckwagon.org"] [uri "/.env.local"] [unique_id "akZsU67tIf0i-8FllyBQJwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 09:19:34
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 05:19:27.149394 2026] [security2:error] [pid 8184:tid 8184] [client 43.243.192.92:28444] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "champschallenge.org"] [uri "/.env.staging"] [unique_id "akYtH3CJ7NTcSHRUiwTXrAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 19:12:25
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 15:12:20.898420 2026] [security2:error] [pid 25163:tid 25163] [client 43.243.192.92:36012] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brownlegacy.org"] [uri "/.env.example"] [unique_id "akVmlJ68-DbnGc3vDOlCNAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 18:36:23
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 14:36:19.832274 2026] [security2:error] [pid 28146:tid 28146] [client 43.243.192.92:63254] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "britishfolk.org"] [uri "/.env.staging"] [unique_id "akVeIw2M2pKmMVN2-1SZBQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 16:50:42
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 12:50:34.140979 2026] [security2:error] [pid 6394:tid 6415] [client 43.243.192.92:64444] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "c22p.org"] [uri "/wp-config.bak"] [unique_id "akVFWppWa3oAEy9YKjd2oQAAARM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 03:05:15
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 23:05:07.521675 2026] [security2:error] [pid 30551:tid 30560] [client 43.243.192.92:2500] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bhhg.org"] [uri "/.env.staging"] [unique_id "akSD4-rZpn743O4hg-R9oAAAAcY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 21:29:49
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 17:29:39.754967 2026] [security2:error] [pid 29903:tid 29903] [client 43.243.192.92:63244] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "austinbiblestudents.org"] [uri "/wp-config.bak"] [unique_id "akQ1Q-22e67rprX0CDMbWQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 19:07:53
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 15:07:45.891550 2026] [security2:error] [pid 2013:tid 2013] [client 43.243.192.92:36074] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "assec.org"] [uri "/.env.example"] [unique_id "akQUAWuMpVR0VfAEKPmRJQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 03:57:27
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.243.192.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:57:20.952565 2026] [security2:error] [pid 4643:tid 4643] [client 43.243.192.92:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mindmaterial.io"] [uri "/wp-config.bak"] [unique_id "aj9KIB9VwjP1CCQMMuR-NAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-06-26 20:09:02
(5 days ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice02,mx03]
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-06-26 19:07:01
(5 days ago)
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,wa01,wa02]
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mccsoft.io
2026-06-24 12:13:31
(1 week ago)
Web application attack / vulnerability scanning. Source sent 1 HTTP request(s) (1 distinct paths) to ...
show more
Web application attack / vulnerability scanning. Source sent 1 HTTP request(s) (1 distinct paths) to our public nginx web server on TCP 80/443, probing blocked/sensitive paths; all returned HTTP 444 (connection closed by security rule, jail nginx-444). Sample requests: GET /.docker/config.json. User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:134.0) Gecko/20100101 Firefox/134.0. Observed 2026-06-24 12:12:22 UTC. TCP handshake completed (requests fully received). Categories: Web App Attack / Bad Web Bot.
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-05-08 07:40:41
(1 month ago)
Blocked by UFW (TCP on 7868)
Source port: 19828
TTL: 54
Packet length: 60
TOS: 0x00
This report (fo ...
show more
Blocked by UFW (TCP on 7868)
Source port: 19828
TTL: 54
Packet length: 60
TOS: 0x00
This report (for 43.243.192.92) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐ฎ๐ณ
Mr.Singh
2026-05-08 06:30:13
(1 month ago)
NFT blocked 43.243.192.92 on 08-May-2026..
Port Scan
Brute-Force
๐ต๐ฑ
mkey
2026-04-23 01:00:02
(2 months ago)
Multiple ports scan detected locally. (17 probes in last hour, last seen 2026-04-23 02:55:00)
Port Scan