JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.156.60.23

43.156.60.23 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 62%: ?

62%

ISP	Asia Pacific Network Information Center, Pty. Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS132203
Domain Name	apnic.net
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.156.60.23

Whois 43.156.60.23

IP Abuse Reports for 43.156.60.23:

This IP address has been reported a total of 27 times from 10 distinct sources. 43.156.60.23 was first reported on June 9th 2026, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-06-10 10:00:18 (19 hours ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇬🇧 f3sc	2026-06-10 08:16:11 (21 hours ago)	43.156.60.23 - - [10/Jun/2026:10:16:11 +0200] "GET / HTTP/1.0" 400 943 "-" "-"	Hacking Web App Attack
🇺🇸 Lezetho	2026-06-10 08:00:32 (21 hours ago)	DDoS, WebSpam, Web Attack, and Brute-force blocked by Cloudflare	DDoS Attack Email Spam Hacking Brute-Force
🇺🇸 cwytech	2026-06-10 07:16:57 (22 hours ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wordpress-geofence-sus.	Bad Web Bot Web App Attack
🇨🇭 blinx	2026-06-10 03:15:21 (1 day ago)	Suspicious activity detected by Modsecurity	Web Spam Port Scan Hacking Bad Web Bot Web App Attack
🇺🇸 itsnixk	2026-06-10 02:22:24 (1 day ago)	(mod_security) mod_security (id:920210) triggered by 43.156.60.23 (SG/Singapore/-): 1 in the last 36 ... show more (mod_security) mod_security (id:920210) triggered by 43.156.60.23 (SG/Singapore/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 09 22:22:20.565278 2026] [security2:error] [pid 143880:tid 144025] [client 43.156.60.23:33356] ModSecurity: Access denied with code 406 (phase 1). Pattern match "\\\\b(?:keep-alive\|close),\\\\s?(?:keep-alive\|close)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "402"] [id "920210"] [msg "Multiple/Conflicting Connection Header Data Found"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/"] [unique_id "aijKXBB2aWVEgYm9nMP7dwAAAH4"] show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-09 23:43:36 (1 day ago)	(mod_security) mod_security (id:210350) triggered by 43.156.60.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.156.60.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 19:43:32.829560 2026] [security2:error] [pid 4356:tid 4356] [client 43.156.60.23:46394] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.vadgossos.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.vadgossos.org"] [uri "/"] [unique_id "aiilJJKL4KGhqSnPMdhoOAAAADI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 22:37:37 (1 day ago)	(mod_security) mod_security (id:210350) triggered by 43.156.60.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.156.60.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 18:37:30.737648 2026] [security2:error] [pid 30850:tid 30850] [client 43.156.60.23:53904] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|martinka.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "martinka.org"] [uri "/"] [unique_id "aiiVquQxPhZprWJFm2YSUwAAAAU"], referer: http://martinka.org show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 soverin	2026-06-09 22:31:30 (1 day ago)	Network scan on port 80	Email Spam
🇺🇸 TPI-Abuse	2026-06-09 22:16:17 (1 day ago)	(mod_security) mod_security (id:210350) triggered by 43.156.60.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.156.60.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 18:16:10.849095 2026] [security2:error] [pid 12591:tid 12591] [client 43.156.60.23:44676] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.mlsdirect.xyz\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.mlsdirect.xyz"] [uri "/"] [unique_id "aiiQqr1tE0EyXe--HYQwjQAAAAU"], referer: http://www.mlsdirect.xyz show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 21:07:39 (1 day ago)	(mod_security) mod_security (id:210350) triggered by 43.156.60.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.156.60.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 17:07:35.176708 2026] [security2:error] [pid 14185:tid 14185] [client 43.156.60.23:56566] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.keystroke.info\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.keystroke.info"] [uri "/"] [unique_id "aiiAl76hBCzuMbTHGq2dDgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 kranem	2026-06-09 21:00:11 (1 day ago)	Triggered Cloudflare WAF from SG. Action taken: BLOCK ASN: 132203 (Tencent Building, Kejizhongyi Ave ... show more Triggered Cloudflare WAF from SG. Action taken: BLOCK ASN: 132203 (Tencent Building, Kejizhongyi Avenue) Protocol: HTTP/1.1 (GET method) Endpoint: / Timestamp: 2026-06-09T20:32:23Z User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-09 19:52:15 (1 day ago)	(mod_security) mod_security (id:210350) triggered by 43.156.60.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.156.60.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 15:52:07.926052 2026] [security2:error] [pid 23628:tid 23628] [client 43.156.60.23:58870] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|femalegamblers.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "femalegamblers.org"] [uri "/"] [unique_id "aihu57jRSLZZ6jX1RBVfrgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 19:44:02 (1 day ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 17:58:39 (1 day ago)	(mod_security) mod_security (id:210350) triggered by 43.156.60.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.156.60.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 13:58:33.921042 2026] [security2:error] [pid 15526:tid 15526] [client 43.156.60.23:34944] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|se-advisorsgroup.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "se-advisorsgroup.com"] [uri "/"] [unique_id "aihUSVshakIVZRPoUj3O_wAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 159.65.193.121

🇰🇿 147.30.32.230

🇹🇷 85.105.140.125

🇱🇹 81.30.98.158

🇩🇪 69.5.169.125

🇫🇷 51.68.226.87

🇲🇾 47.254.192.95

🇺🇸 20.64.106.38

🇩🇪 217.160.80.195

🇹🇬 156.38.73.89

🇺🇸 129.121.96.159

🇮🇳 111.92.83.86

🇮🇳 103.239.85.2

🇺🇸 99.144.123.156

🇺🇸 67.207.84.8

🇧🇷 43.157.151.226

🇳🇱 204.76.203.219

🇷🇺 194.87.232.77

🇧🇷 168.121.99.76

🇺🇸 162.216.149.33