JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 123.135.192.43

123.135.192.43 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 16%: ?

16%

ISP	China Unicom Shandong Province Network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Qingdao, Shandong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 123.135.192.43

Whois 123.135.192.43

IP Abuse Reports for 123.135.192.43:

This IP address has been reported a total of 16 times from 4 distinct sources. 123.135.192.43 was first reported on September 5th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-22 22:20:15 (3 days ago)	(mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 18:20:06.940879 2026] [security2:error] [pid 16721:tid 16748] [client 123.135.192.43:4378] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|ceol.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "ceol.com"] [uri "/"] [unique_id "ajm1FjMjNhnORFvIshKGIgAAAJA"], referer: https://ceol.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 19:46:10 (4 days ago)	(mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 15:46:05.077677 2026] [security2:error] [pid 27936:tid 27943] [client 123.135.192.43:55084] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|vanguardforthearts.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "vanguardforthearts.org"] [uri "/"] [unique_id "ajg_fRuY6LTxRgne4wrOUAAAAMU"], referer: http://vanguardforthearts.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 02:54:30 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 22:54:24.171320 2026] [security2:error] [pid 18670:tid 18670] [client 123.135.192.43:25488] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.citystreetsalon.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.citystreetsalon.com"] [uri "/"] [unique_id "ajC64HuLnGWJ4wb3KDbF3AAAAA4"], referer: http://www.citystreetsalon.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-23 14:03:45 (1 month ago)	Web attack	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 19:35:24 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 15:35:20.516626 2026] [security2:error] [pid 28351:tid 28351] [client 123.135.192.43:50121] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|tulsatvmemories.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tulsatvmemories.com"] [uri "/"] [unique_id "ahCv-APvRRrCtlrLzYV87gAAAAM"], referer: http://tulsatvmemories.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 02:34:26 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 22:34:19.434272 2026] [security2:error] [pid 7678:tid 7678] [client 123.135.192.43:13690] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|kneupper.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "kneupper.com"] [uri "/"] [unique_id "ag_AqxJ4bSqTEgf9JxgUzQAAAAc"], referer: https://kneupper.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-05-09 22:02:44 (1 month ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/123.135.192.43 2026-05-09 0 ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/123.135.192.43 2026-05-09 03:02:59 / show less	Web App Attack
🇳🇱 EGP Abuse Dept	2026-04-17 04:15:38 (2 months ago)	Unauthorized connection to proxy port 8080	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-04-03 00:32:28 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 20:32:24.910026 2026] [security2:error] [pid 8363:tid 8363] [client 123.135.192.43:24234] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|tcmu.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tcmu.org"] [uri "/index.html"] [unique_id "ac8KmF7y8T6ZvdFaNvXC1gAAAAY"], referer: http://tcmu.org/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-26 04:32:17 (3 months ago)	(mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 00:32:09.062010 2026] [security2:error] [pid 24059:tid 24059] [client 123.135.192.43:24717] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.yankeetownfishing.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.yankeetownfishing.com"] [uri "/"] [unique_id "acS2yWOH8i3og0VK1B-kaQAAAAE"], referer: http://www.yankeetownfishing.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-21 22:17:56 (3 months ago)	(mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 123.135.192.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 18:17:51.615912 2026] [security2:error] [pid 15501:tid 15501] [client 123.135.192.43:50185] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|holboxwhalesharktours.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "holboxwhalesharktours.net"] [uri "/"] [unique_id "ab8ZD0Tbq9EdUNnbET1lWQAAAA0"], referer: http://holboxwhalesharktours.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-02-12 22:04:23 (4 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/123.135.192.43 2026-02 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/123.135.192.43 2026-02-12 09:07:19 /config.json 2026-02-12 03:07:03 /robots.txt show less	Web App Attack
🇨🇳 ThreatBook.io	2025-12-22 22:03:42 (6 months ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/123.135.192.43 2025-12-22 0 ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/123.135.192.43 2025-12-22 03:56:03 /config.json show less	Web App Attack
🇨🇳 ThreatBook.io	2025-12-19 22:02:59 (6 months ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/123.135.192.43 2025-12-19 1 ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/123.135.192.43 2025-12-19 15:00:34 /explore/projects?non_archived=true&page=2&sort=latest_activity_desc show less	Web App Attack
🇨🇳 ThreatBook.io	2025-09-20 22:05:01 (9 months ago)	ThreatBook Intelligence: Scanner,Gateway more details on https://threatbook.io/ip/123.135.192.43 202 ... show more ThreatBook Intelligence: Scanner,Gateway more details on https://threatbook.io/ip/123.135.192.43 2025-09-20 09:04:16 /images/favicons/webmin/favicon-16x16.png show less	Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.155.87

🇷🇺 194.190.153.226

🇩🇪 194.187.176.16

🇺🇸 162.216.149.145

🇺🇸 147.185.132.206

🇮🇪 128.251.36.118

🇨🇳 118.145.164.82

🇳🇱 88.151.33.203

🇨🇦 85.217.149.6

🇺🇸 47.254.84.155

🇺🇸 34.56.169.144

🇨🇦 20.104.19.65

🇺🇸 185.147.159.244

🇯🇵 113.158.205.225

🇹🇼 49.158.8.146

🇺🇸 43.166.214.203

🇫🇷 31.56.228.253

🇺🇸 216.180.246.24

🇺🇸 207.90.244.19

🇧🇷 190.89.137.23