JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.156.109.91

43.156.109.91 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 50%: ?

50%

ISP	Asia Pacific Network Information Center, Pty. Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS132203
Domain Name	apnic.net
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.156.109.91

Whois 43.156.109.91

IP Abuse Reports for 43.156.109.91:

This IP address has been reported a total of 28 times from 9 distinct sources. 43.156.109.91 was first reported on June 9th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 Elysium Security	2026-06-15 05:11:31 (5 days ago)	Mass port scanning on a whole network	Port Scan
🇩🇪 Reinhard	2026-06-13 06:22:49 (1 week ago)	Unknown activity, but too many attacks with too many users.	Hacking
🇩🇪 barbarella	2026-06-10 08:13:23 (1 week ago)	Illegal http header rejected by modsecurity (GET /)	Hacking Web App Attack
🇮🇹 Progetto1	2026-06-10 04:30:04 (1 week ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 01:35:57 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 21:35:52.005949 2026] [security2:error] [pid 29933:tid 29933] [client 43.156.109.91:41166] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.jspd.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.jspd.com"] [uri "/"] [unique_id "aii_eCwLQ_JEpvMk4F71XAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-06-10 01:06:53 (1 week ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-10 00:20:13 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 20:20:05.274895 2026] [security2:error] [pid 19711:tid 19711] [client 43.156.109.91:54680] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.mundanestudies.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.mundanestudies.org"] [uri "/"] [unique_id "aiittTUH3s1qzMTwTis7BwAAAAM"], referer: http://www.mundanestudies.org show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 22:33:56 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 18:33:49.228671 2026] [security2:error] [pid 8448:tid 8448] [client 43.156.109.91:56630] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.bearssd.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.bearssd.org"] [uri "/bearquake"] [unique_id "aiiUzdKvt-9sHvCxKeqhxgAAABA"], referer: http://www.bearquake.org show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 22:04:47 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 18:04:40.006611 2026] [security2:error] [pid 15477:tid 15477] [client 43.156.109.91:50006] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.elevenprovenfacts.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.elevenprovenfacts.org"] [uri "/"] [unique_id "aiiN-Mgt7dnDOK0tFV-lAQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 20:23:35 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 16:23:29.409103 2026] [security2:error] [pid 4301:tid 4301] [client 43.156.109.91:38520] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|192.64.150.243:80\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "192.64.150.243"] [uri "/"] [unique_id "aih2QZgqlwed9hT0gJxPuQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 19:59:27 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 15:59:22.180839 2026] [security2:error] [pid 4290:tid 4290] [client 43.156.109.91:35170] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.papapizza.pizza\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.papapizza.pizza"] [uri "/"] [unique_id "aihwmj-AMTF45iaRT1enbAAAADk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 19:23:19 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 15:23:15.622349 2026] [security2:error] [pid 28434:tid 28434] [client 43.156.109.91:51194] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|frenchtowntogether.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "frenchtowntogether.org"] [uri "/"] [unique_id "aihoI5x8BKHAQZI8zmvuKwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 18:12:07 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 14:12:02.483261 2026] [security2:error] [pid 26489:tid 26489] [client 43.156.109.91:37650] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|keystroke.info\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "keystroke.info"] [uri "/"] [unique_id "aihXcheaIIFXMTx2uisTnQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 17:22:34 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.109.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 13:22:29.202500 2026] [security2:error] [pid 8354:tid 8354] [client 43.156.109.91:36048] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|tupansetc.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "tupansetc.com"] [uri "/"] [unique_id "aihL1dXuIbrnKbWe0auGzQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 16:54:17 (1 week ago)	Malicious activity detected	Hacking Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.26

🇧🇩 103.196.235.196

🇱🇹 81.30.98.158

🇨🇿 78.44.192.210

🇺🇸 20.29.116.172

🇬🇧 217.146.80.117

🇨🇭 209.99.190.113

🇧🇷 191.240.255.26

🇨🇱 186.11.27.254

🇱🇹 185.169.4.231

🇭🇰 101.36.122.186

🇬🇧 87.236.176.230

🇷🇴 80.94.92.186

🇩🇪 46.225.255.250

🇳🇱 5.255.112.68

🇨🇭 209.99.185.195

🇧🇷 205.210.31.252

🇺🇦 185.135.181.121

🇬🇧 165.232.41.13

🇬🇧 151.229.106.231