AbuseIPDB » 140.245.50.20

140.245.50.20 was found in our database!

This IP was reported 760 times. Confidence of Abuse is 100%: ?

100%

ISP	Oracle Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS31898
Domain Name	oracle.com
Country	Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 140.245.50.20

Whois 140.245.50.20

IP Abuse Reports for 140.245.50.20:

This IP address has been reported a total of 760 times from 182 distinct sources. 140.245.50.20 was first reported on February 8th 2025, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
pa4080	2025-05-16 12:35:17 (21 hours ago)	Detected by ModSecurity. Request URI: /.env	Web App Attack
Anonymous	2025-05-16 11:34:03 (22 hours ago)	2025-05-16T14:34:03.537788+03:00 mail haproxy[1575]: 140.245.50.20:41540 [16/May/2025:14:34:03.537] ... show more2025-05-16T14:34:03.537788+03:00 mail haproxy[1575]: 140.245.50.20:41540 [16/May/2025:14:34:03.537] http-in dao-lab.eu/<NOSRV> 0/-1/-1/-1/0 503 216 - - SC-- 1/1/0/0/0 0/0 "GET /.env HTTP/1.1" ... show less	Brute-Force Web App Attack
oh.mg	2025-05-16 08:35:41 (1 day ago)	[Fri May 16 10:35:40.346779 2025] [security2:error] [pid 1373635:tid 1373650] [client 140.245.50.20: ... show more[Fri May 16 10:35:40.346779 2025] [security2:error] [pid 1373635:tid 1373650] [client 140.245.50.20:52947] [client 140.245.50.20] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mmn.on.ca"] [uri "/.env"] [unique_id "aCb43DwoI-7q6AeEFXGncQAAAA0"] [Fri May 16 10:35:41.057902 2025] [security2:error] [pid 1373635:tid 1373644] [client 140.245.50.20:53273] [client 140.245.50.20] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anom ... show less	Bad Web Bot Web App Attack
thesimonmanuel	2025-05-16 03:48:16 (1 day ago)	140.245.50.20 - - [16/May/2025:06:54:50 +0530] "GET /.env HTTP/1.1" 403 146 "-" "-" "-" 140.24 ... show more140.245.50.20 - - [16/May/2025:06:54:50 +0530] "GET /.env HTTP/1.1" 403 146 "-" "-" "-" 140.245.50.20 - - [16/May/2025:06:54:50 +0530] "GET /.env HTTP/1.1" 403 146 "-" "-" "-" 140.245.50.20 - - [16/May/2025:09:18:15 +0530] "GET /.env HTTP/1.1" 403 146 "-" "-" "140.245.50.20" 140.245.50.20 - - [16/May/2025:09:18:15 +0530] "GET /.env HTTP/1.1" 403 146 "-" "-" "140.245.50.20" 140.245.50.20 - - [16/May/2025:09:18:15 +0530] "GET /.env HTTP/1.1" 403 97 "-" "-" "140.245.50.20" show less	Hacking Web App Attack
advena	2025-05-16 03:45:58 (1 day ago)	140.245.50.20 (AS31898 ORACLE-BMC-31898) was intercepted at 2025-05-16T03:38:25Z after violating WAF ... show more140.245.50.20 (AS31898 ORACLE-BMC-31898) was intercepted at 2025-05-16T03:38:25Z after violating WAF directive: 23548ee2b36547a1be09bb2c0550c529. Pre-cautionary/corrective action applied: block. show less	Web Spam Hacking Brute-Force Web App Attack
teamsecure	2025-05-16 00:28:43 (1 day ago)	Banned for trying to access env	Web App Attack
kranem	2025-05-15 03:00:04 (2 days ago)	Triggered Cloudflare WAF from SG. Action taken: BLOCK ASN: 31898 (ORACLE-BMC-31898)<br / ... show moreTriggered Cloudflare WAF from SG. Action taken: BLOCK ASN: 31898 (ORACLE-BMC-31898) Protocol: HTTP/1.1 (GET method) Endpoint: /.env Timestamp: 2025-05-15T00:21:26Z User-Agent: empty show less	Bad Web Bot
Cyber Crusader	2025-05-14 17:22:34 (2 days ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
kosada.com	2025-05-14 12:49:32 (2 days ago)	Web vulnerability probing	Web App Attack
vvv	2025-05-14 06:25:58 (3 days ago)	port=80, indicator_type=info-leak	Hacking
vfAcceloReporter	2025-05-14 02:46:57 (3 days ago)	140.245.50.20 - - [13/May/2025:23:46:56 -0300] "GET /.env HTTP/1.1" 301 169 "-" "-" ...	Brute-Force Exploited Host Web App Attack
advena	2025-05-14 01:46:04 (3 days ago)	140.245.50.20 (AS31898 ORACLE-BMC-31898) was intercepted at 2025-05-14T01:32:33Z after violating WAF ... show more140.245.50.20 (AS31898 ORACLE-BMC-31898) was intercepted at 2025-05-14T01:32:33Z after violating WAF directive: 23548ee2b36547a1be09bb2c0550c529. Pre-cautionary/corrective action applied: block. show less	Web Spam Hacking Brute-Force Web App Attack
Anonymous	2025-05-14 01:03:05 (3 days ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
teamsecure	2025-05-14 00:12:43 (3 days ago)	Banned for trying to access env	Web App Attack
ki3	2025-05-13 22:15:05 (3 days ago)	Fail2Ban: Web App Attacks and Forum Spam 140.245.50.20 1747174504.0(JST)	Web Spam Bad Web Bot Web App Attack

Showing 1 to 15 of 760 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

65.49.20.91

75.102.23.175

201.103.204.66

68.218.9.2

178.44.206.204

142.93.175.59

195.184.76.132

218.92.0.221

198.55.98.199

185.216.119.226

211.253.9.49

80.94.95.125

57.129.64.10

115.165.164.24

5.196.23.21

14.103.115.117

193.32.162.97

128.199.225.7

45.135.232.92

124.74.9.190