AbuseIPDB » 45.92.77.146
45.92.77.146
This IP was reported 5 times. Confidence of
Abuse
is 0% : ?
ISP
Xantho UAB
Usage Type
Data Center/Web Hosting/Transit
ASN
AS395954
Domain Name
xantho.lt
Country
๐บ๐ธ
United States of America
City
Los Angeles, California
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 45.92.77.146 :
This IP address has been reported a total of
5
times from
3 distinct
sources.
45.92.77.146 was first reported on
August 18th 2025 , and the most recent report was
1 month ago
Old Reports:
The most recent abuse report for this IP address is from
1 month ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฉ๐ช
rh24
2026-05-01 15:33:04
(1 month ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 45.92.77.146 (LT/Lit ...
show more
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 45.92.77.146 (LT/Lithuania/-)
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-01-17 00:08:32
(4 months ago)
(mod_security) mod_security (id:221260) triggered by 45.92.77.146 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:221260) triggered by 45.92.77.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 19:08:21.442059 2026] [security2:error] [pid 18346:tid 18346] [client 45.92.77.146:38435] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||ftp.nbcnewsradio.com:443|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/test.cgi"] [unique_id "aWrS9T4hkjP_6zzUOrP_vAAAAAE"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-28 21:49:28
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 45.92.77.146 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 45.92.77.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 17:49:18.762325 2025] [security2:error] [pid 26635:tid 26635] [client 45.92.77.146:37495] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/.env.nbcnewsradio"] [unique_id "aQE6XuA1wyEG_S94_Tv5BgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-01 02:49:20
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 45.92.77.146 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 45.92.77.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 31 22:49:10.155979 2025] [security2:error] [pid 4167172:tid 4167186] [client 45.92.77.146:48075] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.kettlehill.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.kettlehill.com"] [uri "/server.key"] [unique_id "aLUJpuryNSoVQ-6inclCagAAAUE"], referer: http://mail.kettlehill.com/server.key
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
10dencehispahard SL
2025-08-18 09:44:18
(9 months ago)
WP probing for vulnerabilities
Hacking
Exploited Host
Showing 1 to
5
of 5 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: