JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.159.57.25

43.159.57.25 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 38%: ?

38%

ISP	Asia Pacific Network Information Center, Pty. Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS132203
Domain Name	apnic.net
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.159.57.25

Whois 43.159.57.25

IP Abuse Reports for 43.159.57.25:

This IP address has been reported a total of 18 times from 6 distinct sources. 43.159.57.25 was first reported on June 9th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-13 06:29:50 (4 days ago)	(mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 02:29:46.319143 2026] [security2:error] [pid 1644:tid 1644] [client 43.159.57.25:37430] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|theartbrush.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "theartbrush.com"] [uri "/"] [unique_id "aiz42nkMP30uINCea2GjVgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 05:44:34 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 01:44:26.848892 2026] [security2:error] [pid 26033:tid 26033] [client 43.159.57.25:37214] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.al-harbi.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.al-harbi.com"] [uri "/"] [unique_id "aij5uiEvo6zBT9k8AJg8rgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 02:25:43 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 22:25:36.051493 2026] [security2:error] [pid 29380:tid 29380] [client 43.159.57.25:47430] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.ileronde.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.ileronde.com"] [uri "/"] [unique_id "aijLIIw9KlAET7oWgdD9wAAAAAY"], referer: http://www.ileronde.org show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 02:08:38 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 22:08:33.015739 2026] [security2:error] [pid 32566:tid 32566] [client 43.159.57.25:34760] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.calvarycavaliers.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.calvarycavaliers.org"] [uri "/"] [unique_id "aijHIcvBlGzyXlbqPe6l9AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 13:13:42 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 09:13:38.691808 2026] [security2:error] [pid 520:tid 520] [client 43.159.57.25:54810] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|comunitatregantsangles.cat\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "comunitatregantsangles.cat"] [uri "/"] [unique_id "aigRggTltGMg6Q8VV-tADAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 12:48:53 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:48:46.156158 2026] [security2:error] [pid 8914:tid 8914] [client 43.159.57.25:49622] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.conquesticon.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.conquesticon.org"] [uri "/"] [unique_id "aigLrlZkjlTMjoxiU2QRZwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ne1for23	2026-06-09 12:27:48 (1 week ago)	Attempt to access invalid virtual host name (###.###.###.###:443). Typically used to access "intern ... show more Attempt to access invalid virtual host name (###.###.###.###:443). Typically used to access "internal" resources improperly exposed externally and "protected" only by a lack of external DNS resolution. 43.159.57.25 - - [09/Jun/2026:12:27:48 +0000] "GET / HTTP/1.1" 403 153 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1" "-" show less	Hacking
🇨🇦 dispensight	2026-06-09 12:25:11 (1 week ago)	Automated web scanner: 2 GET requests to health.dispensight.cloud, s01-app.dispensight.ca. Paths: /. ... show more Automated web scanner: 2 GET requests to health.dispensight.cloud, s01-app.dispensight.ca. Paths: /. UA: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1. Shenzhen Tencent Computer Systems Company Limited (Singapore, Singapore). show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-09 12:20:42 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:20:34.179838 2026] [security2:error] [pid 25677:tid 25677] [client 43.159.57.25:42778] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|ic1surplus.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "ic1surplus.com"] [uri "/"] [unique_id "aigFEg4TF8Jr1pP3hfqk1AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 12:04:11 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:04:05.209568 2026] [security2:error] [pid 18348:tid 18348] [client 43.159.57.25:39316] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.lidart.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.lidart.org"] [uri "/"] [unique_id "aigBNem7zFYQAsEca7ontQAAAI4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 london2038.com	2026-06-09 12:03:08 (1 week ago)	Malformed or malicious web request 43.159.57.25 - - [09/Jun/2026:14:03:03 +0200] "GET / HTTP/1.1" 40 ... show more Malformed or malicious web request 43.159.57.25 - - [09/Jun/2026:14:03:03 +0200] "GET / HTTP/1.1" 400 255 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1" show less	Hacking Web App Attack
🇨🇭 blinx	2026-06-09 11:54:19 (1 week ago)	Suspicious activity detected by Modsecurity	Web Spam Port Scan Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 11:28:20 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:28:13.379321 2026] [security2:error] [pid 3291:tid 3291] [client 43.159.57.25:38978] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|bernsteinip.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "bernsteinip.com"] [uri "/"] [unique_id "aif4zeJhnW_2WtuJ0bSwzAAAACo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 11:08:51 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 43.159.57.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:08:48.161265 2026] [security2:error] [pid 23658:tid 23658] [client 43.159.57.25:34402] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|perron.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "perron.org"] [uri "/"] [unique_id "aif0QBur-DY8MtHGvMJOUgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 11:07:01 (1 week ago)	Malicious activity detected	Hacking Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 178.207.10.91

🇩🇪 164.92.250.106

🇳🇱 91.92.40.23

🇧🇷 45.227.223.145

🇳🇱 45.148.10.183

🇫🇮 178.20.210.152

🇮🇳 142.93.218.50

🇧🇷 129.121.54.208

🇺🇸 65.49.1.42

🇹🇼 58.115.60.119

🇩🇪 46.101.123.64

🇺🇸 23.238.46.196

🇺🇸 18.119.209.50

🇳🇱 192.42.116.142

🇧🇷 143.95.213.196

🇳🇱 45.66.35.25

🇺🇸 35.223.195.52

🇵🇱 212.87.241.139

🇺🇸 66.132.172.107

🇺🇸 57.141.20.62