JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.156.99.17

43.156.99.17 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 56%: ?

56%

ISP	Asia Pacific Network Information Center, Pty. Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS132203
Domain Name	apnic.net
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.156.99.17

Whois 43.156.99.17

IP Abuse Reports for 43.156.99.17:

This IP address has been reported a total of 27 times from 9 distinct sources. 43.156.99.17 was first reported on June 9th 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 sdos.es	2026-06-13 06:27:19 (16 hours ago)	"Multiple/Conflicting Connection Header Data Found - keep-alive, close"	Web App Attack
🇪🇸 Gem	2026-06-13 05:59:38 (17 hours ago)	Unauthorized web scan.	Web App Attack
🇺🇸 cwytech	2026-06-10 11:09:49 (3 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/tpot-web-high.	Bad Web Bot Web App Attack
🇷🇺 Mga Admin	2026-06-10 08:25:27 (3 days ago)	43.156.99.17 - - [10/Jun/2026:15:25:26 +0700] "GET / HTTP/1.0" 400 362 "-" "-" ...	Web App Attack
Anonymous	2026-06-10 06:35:09 (3 days ago)	Illegitimate and/or suspicious requests.	Hacking
🇺🇸 TPI-Abuse	2026-06-10 05:15:25 (3 days ago)	(mod_security) mod_security (id:210350) triggered by 43.156.99.17 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.156.99.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 01:15:20.499393 2026] [security2:error] [pid 26431:tid 26431] [client 43.156.99.17:43174] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.teguer.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.teguer.com"] [uri "/"] [unique_id "aijy6MBmzcpdvj83SNzKvQAAAAY"], referer: http://www.teguer.org show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 Roper123	2026-06-10 04:19:21 (3 days ago)	Web app exploits	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 04:01:55 (3 days ago)	(mod_security) mod_security (id:210350) triggered by 43.156.99.17 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.156.99.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 00:01:47.193106 2026] [security2:error] [pid 5327:tid 5327] [client 43.156.99.17:38496] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|freemanfoundationcle.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "freemanfoundationcle.org"] [uri "/"] [unique_id "aijhqxtbvGe9xNXxSlB1XgAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 02:07:44 (3 days ago)	(mod_security) mod_security (id:210350) triggered by 43.156.99.17 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.156.99.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 22:07:37.263814 2026] [security2:error] [pid 20612:tid 20612] [client 43.156.99.17:47518] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|med-engineering.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "med-engineering.com"] [uri "/"] [unique_id "aijG6SNZSdxqG7nAdJ8A2AAAAAo"], referer: http://www.med-engineering.org show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Lezetho	2026-06-10 00:04:20 (3 days ago)	DDoS, WebSpam, Web Attack, and Brute-force blocked by Cloudflare	DDoS Attack Email Spam Hacking Brute-Force
🇺🇸 cwytech	2026-06-09 23:08:19 (4 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wordpress-geofence-sus.	Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-06-09 20:37:51 (4 days ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-09 19:56:46 (4 days ago)	(mod_security) mod_security (id:210350) triggered by 43.156.99.17 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.156.99.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 15:56:40.808749 2026] [security2:error] [pid 24169:tid 24169] [client 43.156.99.17:56508] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|scottwithers.xyz\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "scottwithers.xyz"] [uri "/"] [unique_id "aihv-OeUqpZllktxhHU3_gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 19:20:30 (4 days ago)	(mod_security) mod_security (id:210350) triggered by 43.156.99.17 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.156.99.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 15:20:22.722936 2026] [security2:error] [pid 1770:tid 1770] [client 43.156.99.17:50860] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|arapi.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "arapi.org"] [uri "/"] [unique_id "aihndplsJwJec35ObIrxUAAAAAs"], referer: http://www.cdhci.org show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 18:56:15 (4 days ago)	(mod_security) mod_security (id:210350) triggered by 43.156.99.17 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.156.99.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 14:56:11.943428 2026] [security2:error] [pid 6958:tid 6958] [client 43.156.99.17:43362] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.calvarycavaliers.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.calvarycavaliers.org"] [uri "/"] [unique_id "aihhyzHjPs4VgXZy8XtFZQAAAAE"], referer: http://calvaryacademyshreveport.org show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2603:3:610a:de00::

🇰🇷 222.108.100.117

🇦🇺 103.192.80.254

🇫🇷 45.157.112.249

🇷🇺 31.173.67.141

🇨🇳 14.103.9.211

🇺🇸 8.229.168.110

🇲🇰 188.44.20.30

🇭🇰 69.165.75.162

🇨🇱 64.233.190.108

🇳🇱 45.148.10.151

🇸🇬 43.156.111.141

🇧🇪 35.210.61.208

🇬🇧 35.203.210.157

🇺🇸 34.168.150.58

🇳🇱 34.12.174.211

🇺🇸 23.146.243.219

🇹🇭 1.1.191.119

🇨🇳 223.88.58.21

🇧🇷 177.130.169.235