JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.152.67.197

43.152.67.197 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 27%: ?

27%

ISP	Asia Pacific Network Information Center, Pty. Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS132203
Domain Name	apnic.net
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.152.67.197

Whois 43.152.67.197

IP Abuse Reports for 43.152.67.197:

This IP address has been reported a total of 14 times from 4 distinct sources. 43.152.67.197 was first reported on June 9th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 knock	2026-06-15 11:42:35 (3 days ago)	Knock-Knock honeypot brute-force: proto8 (1 total hits)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-13 06:29:05 (5 days ago)	(mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 02:29:00.334015 2026] [security2:error] [pid 3175:tid 3175] [client 43.152.67.197:45482] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.victotex.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.victotex.com"] [uri "/"] [unique_id "aiz4rM-z6H1V9CaZzsMRAAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 06:32:14 (1 week ago)	Illegitimate and/or suspicious requests.	Hacking
Anonymous	2026-06-10 02:31:01 (1 week ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 02:21:03 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 22:21:00.733060 2026] [security2:error] [pid 31040:tid 31040] [client 43.152.67.197:51310] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|jasconius.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "jasconius.org"] [uri "/"] [unique_id "aijKDDDQrB97ufjac2_LdQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 01:48:02 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 21:47:56.789897 2026] [security2:error] [pid 14249:tid 14249] [client 43.152.67.197:50368] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|omahareact.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "omahareact.org"] [uri "/"] [unique_id "aijCTG9uSW2F0boH5Q531wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 12:41:02 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:40:55.465215 2026] [security2:error] [pid 5149:tid 5149] [client 43.152.67.197:43714] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.cybersoftware.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.cybersoftware.org"] [uri "/"] [unique_id "aigJ14z1eTMd5NRjdl4T7gAAADM"], referer: http://go.partners.club show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 12:11:20 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:11:14.251942 2026] [security2:error] [pid 3472:tid 3472] [client 43.152.67.197:38292] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|freerein.info\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "freerein.info"] [uri "/"] [unique_id "aigC4tTOAq2r9tPBafSGOwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 11:53:23 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:53:17.606618 2026] [security2:error] [pid 4724:tid 4724] [client 43.152.67.197:48154] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.balmedia.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.balmedia.com"] [uri "/"] [unique_id "aif-rZOuOQnel0n1swVPHwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 11:14:22 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:14:17.386719 2026] [security2:error] [pid 15993:tid 15993] [client 43.152.67.197:36460] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.britishfolk.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.britishfolk.org"] [uri "/"] [unique_id "aif1iWbw_vHpBhgC3Ba-3AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 10:49:45 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 06:49:37.092806 2026] [security2:error] [pid 18355:tid 18355] [client 43.152.67.197:54548] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|sydneysue.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "sydneysue.com"] [uri "/"] [unique_id "aifvwUScVdu7OIi1QmivfgAAAA4"], referer: http://sydneysue.science show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 10:16:36 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 06:16:30.735983 2026] [security2:error] [pid 5730:tid 5730] [client 43.152.67.197:33010] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.firebelly.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.firebelly.org"] [uri "/"] [unique_id "aifn_k4kHLbTP5pbE9ywfQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 10:00:57 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 06:00:52.352372 2026] [security2:error] [pid 4818:tid 4818] [client 43.152.67.197:48418] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.fdhcc.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.fdhcc.org"] [uri "/"] [unique_id "aifkVM9d048jbYRin73WWgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 09:41:58 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.152.67.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 05:41:54.482146 2026] [security2:error] [pid 11032:tid 11032] [client 43.152.67.197:37756] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|rocktailsshow.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "rocktailsshow.com"] [uri "/"] [unique_id "aiff4hKt7_Gs4LvEuPYA7AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 89.21.67.178

🇸🇬 209.42.27.89

🇺🇸 208.109.191.140

🇨🇴 200.7.106.67

🇳🇱 195.178.110.30

🇧🇷 190.115.84.25

🇭🇰 172.253.6.27

🇮🇹 146.75.186.17

🇳🇱 45.148.10.62

🇺🇸 34.239.185.62

🇺🇸 20.40.216.117

🇺🇸 193.56.116.11

🇦🇷 190.220.172.154

🇲🇴 182.93.7.194

🇧🇩 103.153.171.96

🇳🇱 91.92.40.171

🇮🇳 49.204.138.47

🇨🇳 8.136.189.162

🇩🇪 194.88.98.94

🇳🇱 193.176.31.242