JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.156.78.118

43.156.78.118 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 39%: ?

39%

ISP	Asia Pacific Network Information Center, Pty. Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS132203
Domain Name	apnic.net
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.156.78.118

Whois 43.156.78.118

IP Abuse Reports for 43.156.78.118:

This IP address has been reported a total of 29 times from 7 distinct sources. 43.156.78.118 was first reported on June 9th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 cwytech	2026-06-10 10:51:19 (1 week ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/tpot-web-high.	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 10:17:19 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 06:17:13.474506 2026] [security2:error] [pid 25645:tid 25645] [client 43.156.78.118:54568] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|tremulant.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "tremulant.com"] [uri "/artists/floating-opera"] [unique_id "aik5qSyGrQUohPYw2Cu--QAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 06:33:23 (1 week ago)	Illegitimate and/or suspicious requests.	Hacking
🇺🇸 TPI-Abuse	2026-06-10 04:26:01 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 00:25:50.256999 2026] [security2:error] [pid 27679:tid 27679] [client 43.156.78.118:42278] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.editions.click\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.editions.click"] [uri "/"] [unique_id "aijnTk9ClrThB6reoKmKQQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 1gz	2026-06-10 00:50:47 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-09 22:55:56 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 18:55:53.532967 2026] [security2:error] [pid 359:tid 359] [client 43.156.78.118:43438] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|rohn.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "rohn.com"] [uri "/"] [unique_id "aiiZ-b8Bub_MhgVg_79pBQAAAE4"], referer: http://www.blessings.org show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-06-09 22:45:27 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-09 22:29:29 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 18:29:23.627305 2026] [security2:error] [pid 26828:tid 26828] [client 43.156.78.118:55446] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|southernreader.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "southernreader.com"] [uri "/"] [unique_id "aiiTw6MIw88DYrxOQR22OgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 22:04:31 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 18:04:25.401669 2026] [security2:error] [pid 6868:tid 6868] [client 43.156.78.118:45074] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.exhaustthelimits.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.exhaustthelimits.org"] [uri "/"] [unique_id "aiiN6bio8A40_rbC1nhn8AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 Roper123	2026-06-09 21:53:07 (1 week ago)	Web app exploits	Web App Attack
🇺🇸 itsnixk	2026-06-09 21:11:13 (1 week ago)	(mod_security) mod_security (id:920210) triggered by 43.156.78.118 (SG/Singapore/-): 1 in the last 3 ... show more (mod_security) mod_security (id:920210) triggered by 43.156.78.118 (SG/Singapore/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 09 17:11:09.371098 2026] [security2:error] [pid 134937:tid 135039] [client 43.156.78.118:47898] ModSecurity: Access denied with code 406 (phase 1). Pattern match "\\\\b(?:keep-alive\|close),\\\\s?(?:keep-alive\|close)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "402"] [id "920210"] [msg "Multiple/Conflicting Connection Header Data Found"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/"] [unique_id "aiiBbXSL7DtfVkrnQJjChAAAABM"] show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-09 20:53:50 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 16:53:46.660466 2026] [security2:error] [pid 7513:tid 7513] [client 43.156.78.118:36818] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|kln.ne.jp\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "kln.ne.jp"] [uri "/jehovah/"] [unique_id "aih9Wl5McsO8atbM1ZvBlAAAAC4"], referer: http://xn--ick3d6az397ak06a.net show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 20:07:49 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 16:07:44.380091 2026] [security2:error] [pid 10174:tid 10174] [client 43.156.78.118:38352] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|thesilverlegion.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "thesilverlegion.org"] [uri "/"] [unique_id "aihykJnOFu_3VfxeYxr4UwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 19:24:23 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 15:24:19.245518 2026] [security2:error] [pid 8518:tid 8518] [client 43.156.78.118:40262] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|shieldsenterprises.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "shieldsenterprises.com"] [uri "/"] [unique_id "aihoY65n2UO5HvNH4IwKFQAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 18:32:59 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 43.156.78.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 14:32:54.062894 2026] [security2:error] [pid 13051:tid 13051] [client 43.156.78.118:48790] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|hker.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "hker.org"] [uri "/"] [unique_id "aihcVqj-O5loMgQS6O-kNQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 2001:41d0:303:70a6::1

🇮🇩 163.7.8.79

🇵🇭 119.92.70.82

🇮🇳 103.225.15.98

🇮🇶 65.20.138.26

🇺🇸 54.91.52.248

🇺🇸 35.221.15.147

🇧🇪 34.78.163.29

🇮🇳 115.240.213.114

🇨🇳 112.123.17.217

🇺🇸 107.175.118.49

🇳🇬 102.88.137.80

🇳🇱 91.92.40.4

🇫🇷 85.217.140.48

🇳🇬 62.173.38.229

🇨🇳 14.152.90.226

🇺🇸 2607:f8b0:4001:c10::12e

🇻🇳 125.212.244.35

🇸🇬 47.84.100.125

🇹🇼 221.120.5.198