JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.128.85.99

43.128.85.99 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 65%: ?

65%

ISP	Asia Pacific Network Information Center, Pty. Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS132203
Domain Name	apnic.net
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.128.85.99

Whois 43.128.85.99

IP Abuse Reports for 43.128.85.99:

This IP address has been reported a total of 34 times from 10 distinct sources. 43.128.85.99 was first reported on June 8th 2026, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-09 06:26:35 (11 hours ago)	(mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:26:28.748303 2026] [security2:error] [pid 3325:tid 3325] [client 43.128.85.99:34544] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|myemail.navy\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "myemail.navy"] [uri "/"] [unique_id "aieyFLJ0oRa_TEai4ii5aQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 leithzz	2026-06-09 06:21:37 (12 hours ago)	Report by Cloudflare.Time: 2026-06-09T06:20:27Z	DDoS Attack
🇺🇸 TPI-Abuse	2026-06-09 05:22:16 (13 hours ago)	(mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 01:22:11.135194 2026] [security2:error] [pid 8202:tid 8202] [client 43.128.85.99:48614] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|csme-eprr.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "csme-eprr.com"] [uri "/"] [unique_id "aiejA_sf25NGS0ppFI-M4AAAAAw"], referer: http://www.csme-eprr.info show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 myip.foo	2026-06-09 04:26:32 (13 hours ago)	[myip.foo] 43.128.85.99 - - [09/Jun/2026:04:26:31 +0000] "GET / HTTP/1.1" 400 248 "-" "Mozilla/5.0 ( ... show more [myip.foo] 43.128.85.99 - - [09/Jun/2026:04:26:31 +0000] "GET / HTTP/1.1" 400 248 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1" show less	Web App Attack
🇫🇷 Sklurk	2026-06-09 03:50:52 (14 hours ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 02:58:57 (15 hours ago)	(mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 22:58:50.053762 2026] [security2:error] [pid 486:tid 486] [client 43.128.85.99:50978] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.n3fjp.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.n3fjp.com"] [uri "/"] [unique_id "aieBanbImwXTSqPmNUZN7AAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 00:21:07 (18 hours ago)	(mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 20:20:59.218354 2026] [security2:error] [pid 3169:tid 3169] [client 43.128.85.99:47510] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|incrp.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "incrp.org"] [uri "/"] [unique_id "aidca0EyBksaJin496mOgQAAABE"], referer: http://www.incrn.org show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-06-09 00:06:09 (18 hours ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇵🇱 Roper123	2026-06-08 23:10:40 (19 hours ago)	Web app exploits	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 22:51:03 (19 hours ago)	(mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 18:50:55.690565 2026] [security2:error] [pid 24129:tid 24129] [client 43.128.85.99:39828] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|campconcerto.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "campconcerto.com"] [uri "/"] [unique_id "aidHTw7ezBCjlhni-H07cgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 22:43:02 (19 hours ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 22:34:14 (19 hours ago)	(mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 18:34:09.947066 2026] [security2:error] [pid 27118:tid 27118] [client 43.128.85.99:36534] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|rohn.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "rohn.com"] [uri "/"] [unique_id "aidDYYmhXYk7YFtkH4q0nAAAAAQ"], referer: http://www.blessings.org show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 21:45:49 (20 hours ago)	(mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 17:45:44.374924 2026] [security2:error] [pid 26681:tid 26681] [client 43.128.85.99:44238] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|alfadventurecenter.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "alfadventurecenter.org"] [uri "/"] [unique_id "aic4CFLUvofBXXfASGo6HgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 20:25:03 (21 hours ago)	(mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 16:24:55.011592 2026] [security2:error] [pid 27861:tid 27861] [client 43.128.85.99:40514] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.azfilmguild.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.azfilmguild.org"] [uri "/"] [unique_id "aiclF01ncJ1unmVUm6DSDgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 19:57:50 (22 hours ago)	(mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.128.85.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 15:57:42.854051 2026] [security2:error] [pid 25466:tid 25466] [client 43.128.85.99:36664] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|technicallydental.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "technicallydental.com"] [uri "/"] [unique_id "aicetlqY0nEnwjPLyABivQAAAAM"], referer: http://www.technically.dental show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.46.188.16

🇻🇪 190.6.32.107

🇰🇷 47.80.23.89

🇨🇳 27.18.82.219

🇨🇴 200.21.254.245

🇲🇦 196.118.28.145

🇨🇱 181.226.24.245

🇺🇸 172.253.196.146

🇺🇸 143.198.172.94

🇺🇸 138.122.192.61

🇻🇳 113.166.127.6

🇫🇷 91.231.89.153

🇺🇸 66.132.195.41

🇳🇱 45.148.10.157

🇬🇧 35.203.211.154

🇺🇸 34.162.229.5

🇮🇹 34.154.26.138

🇨🇳 182.43.235.75

🇩🇪 157.90.174.226

🇻🇳 115.84.183.240