JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.245.119.74

43.245.119.74 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 0%: ?

ISP	trafficforce, UAB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS264617
Domain Name	trafficforce.lt
Country	🇨🇭 Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.245.119.74

Whois 43.245.119.74

IP Abuse Reports for 43.245.119.74:

This IP address has been reported a total of 19 times from 7 distinct sources. 43.245.119.74 was first reported on October 30th 2023, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2024-10-27 02:26:14 (1 year ago)	(mod_security) mod_security (id:212620) triggered by 43.245.119.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:212620) triggered by 43.245.119.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 26 22:25:43.359253 2024] [security2:error] [pid 12545:tid 12610] [client 43.245.119.74:36199] [client 43.245.119.74] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|kettlehill.net\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /wp-login.php?login-error=<script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "kettlehill.net"] [uri "/wp-login.php"] [unique_id "Zx2kpz4Zp7GZDS7DVHfUuAAAAUQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-04 04:12:34 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 43.245.119.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211190) triggered by 43.245.119.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 04 00:12:26.558954 2024] [security2:error] [pid 9526:tid 9526] [client 43.245.119.74:43881] [client 43.245.119.74] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.stdavids-media.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /?option=com_helpdeskpro&task=ticket.download_attachment&filename=/../../../../../../../../../../../../etc/passwd&original_filename=AnyFileName.exe"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.stdavids-media.com"] [uri "/"] [unique_id "ZtfeKsvvaqBcT1zjVhOXgwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-27 20:24:45 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 43.245.119.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 43.245.119.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 27 16:23:30.373843 2024] [security2:error] [pid 5466:tid 5536] [client 43.245.119.74:39895] [client 43.245.119.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.net"] [uri "/.htpasswd"] [unique_id "ZqVXQvYoJo47UgPCj7zwEQAAAUI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2024-07-15 19:27:29 (1 year ago)	SS1: Web Attack GET /web/phpmyadmin/scripts/setup.php	Web Spam Hacking Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-06-29 03:06:52 (1 year ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇪🇸 10dencehispahard SL	2024-05-08 07:00:43 (2 years ago)	Unauthorized login attempts []	Brute-Force
🇪🇸 10dencehispahard SL	2024-05-08 06:52:14 (2 years ago)	Web Attack	DDoS Attack Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-05-01 10:40:58 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 43.245.119.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 43.245.119.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 01 06:40:51.926820 2024] [security2:error] [pid 27353:tid 46945076791040] [client 43.245.119.74:53493] [client 43.245.119.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.staging.kettlehill.com"] [uri "/.env.live"] [unique_id "ZjIcM5ywbXAzCxh1QbjEZQAAAVY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-04-16 00:41:53 (2 years ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇪🇸 10dencehispahard SL	2024-03-27 07:00:25 (2 years ago)	Unauthorized login attempts [ BI-16635]	Brute-Force
🇪🇸 10dencehispahard SL	2024-03-27 06:44:08 (2 years ago)	WP scan	Web App Attack
🇺🇸 TPI-Abuse	2024-02-13 23:56:45 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 43.245.119.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 43.245.119.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 13 18:55:01.946098 2024] [security2:error] [pid 13159:tid 46964593641216] [client 43.245.119.74:49507] [client 43.245.119.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.staging.kettlehill.com"] [uri "/wp-config.php-backup"] [unique_id "ZcwBVRLdQ7ghlPWmv_jS9gAAAUY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-01-26 12:32:40 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 43.245.119.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 43.245.119.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 26 07:32:36.395379 2024] [security2:error] [pid 14884] [client 43.245.119.74:39359] [client 43.245.119.74] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.stdavids-media.com\|F\|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.stdavids-media.com"] [uri "/conf/nginx.conf"] [unique_id "ZbOmZIp2M9YSrHM1eyUmFQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-01-04 21:46:43 (2 years ago)	Common attack or app scan event detected and blocked	Port Scan Hacking Web App Attack
🇺🇸 TPI-Abuse	2023-11-28 23:32:05 (2 years ago)	(mod_security) mod_security (id:212620) triggered by 43.245.119.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:212620) triggered by 43.245.119.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 28 18:30:30.404716 2023] [security2:error] [pid 31708:tid 47281315313408] [client 43.245.119.74:33329] [client 43.245.119.74] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|autodiscover.kettlehill.net\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /oauth/idp/logout?post_logout_redirect_uri=<script>console.log(`xss`)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "autodiscover.kettlehill.net"] [uri "/oauth/idp/logout"] [unique_id "ZWZ4Fvhjua4Um2B4ADQ7sgAAANQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 186.170.229.152

🇰🇿 176.64.31.114

🇭🇰 165.154.45.135

🇺🇸 162.216.150.88

🇺🇸 147.185.132.114

🇬🇧 89.37.172.143

🇵🇹 87.103.126.54

🇳🇱 178.16.54.226

🇭🇰 165.154.20.228

🇺🇸 162.216.149.91

🇺🇸 147.185.132.222

🇫🇷 91.231.89.156

🇵🇱 87.251.64.149

🇧🇬 78.128.113.22

🇺🇸 66.132.172.96

🇳🇱 45.148.10.147

🇲🇽 38.22.170.10

🇺🇸 18.97.19.200

🇨🇳 14.103.117.88

🇰🇷 218.145.147.80