JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 145.223.130.140

145.223.130.140 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 67%: ?

67%

ISP	BYTEPLUS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS150436
Domain Name	bytedance.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 145.223.130.140

Whois 145.223.130.140

IP Abuse Reports for 145.223.130.140:

This IP address has been reported a total of 32 times from 18 distinct sources. 145.223.130.140 was first reported on April 23rd 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-05-26 21:55:26 (1 week ago)	Kingcopy(AI-IDS): IP is wandering around the site and acting suspiciously.	Bad Web Bot
Anonymous	2026-05-26 09:21:11 (1 week ago)	FortiWeb WAF: 6 attacks detected. Threat Score: 19600. Types: Client Management(3), GEO IP(3). Origi ... show more FortiWeb WAF: 6 attacks detected. Threat Score: 19600. Types: Client Management(3), GEO IP(3). Origin: Singapore. show less	Web App Attack
🇩🇪 artifice	2026-05-25 01:49:13 (1 week ago)	Webshell or preinstalled backdoor probe.	Hacking Web App Attack
🇫🇷 masterguru	2026-05-24 17:16:39 (1 week ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 145.223.130.140 (SG/Singapore/-): 1 in the las ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 145.223.130.140 (SG/Singapore/-): 1 in the last 3600 secs (0-195) show less	Hacking
Anonymous	2026-05-24 09:21:24 (1 week ago)	FortiWeb WAF: 108 attacks detected. Threat Score: 13200. Types: Client Management(54), GEO IP(54). O ... show more FortiWeb WAF: 108 attacks detected. Threat Score: 13200. Types: Client Management(54), GEO IP(54). Origin: Singapore. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-24 05:17:55 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 145.223.130.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 145.223.130.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 01:17:44.044175 2026] [security2:error] [pid 6615:tid 6615] [client 145.223.130.140:39932] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|silvermoonherbals.com\|F\|2"] [data ".moongoth.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "silvermoonherbals.com"] [uri "/www.moongoth.com"] [unique_id "ahKJ-NksdCdjtOOOZdV9vAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 Anytech	2026-05-24 03:34:34 (1 week ago)	Blocked by Conn-Monitor: Automated bot activity	Bad Web Bot Web App Attack
Anonymous	2026-05-24 03:13:01 (1 week ago)	Malicious activity detected	Hacking Web App Attack
🇩🇪 Reinhard	2026-05-24 03:03:13 (1 week ago)	Parameter or path manipulation, hacking.	Hacking
🇫🇷 MatStef132	2026-05-24 03:01:20 (1 week ago)	MatShield L7: blocked on mathost.eu (sec-ch-ua-version-mismatch)	DDoS Attack
🇩🇪 FeG Deutschland	2026-05-24 01:51:41 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-05-24 00:24:10 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 145.223.130.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 145.223.130.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 20:23:58.899518 2026] [security2:error] [pid 3976:tid 3976] [client 145.223.130.140:40554] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|gamepart.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "gamepart.com"] [uri "/home/tancedi1/gamepart.com"] [unique_id "ahJFHmN69cpC66PVyXYg8gAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 13:34:58 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 145.223.130.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 145.223.130.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 09:34:48.517546 2026] [security2:error] [pid 20651:tid 20651] [client 145.223.130.140:57846] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|williamfitzsimmons.com\|F\|2"] [data ".dougfirlounge.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "williamfitzsimmons.com"] [uri "/news/0328-william-adds-chattanooga-date-uscan-tour/www.dougfirlounge.com"] [unique_id "ahGs-IY32zycJ6L1NKT8OwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Mehmet_The_Script_Kiddie	2026-05-23 10:23:36 (1 week ago)	CloudFlare WAF REPORT: /?s=%E3%80%90%E2%94%83%E8%81%94%E7%B3%BB46416%E2%92%8F5%28%E6%89%A3%29%E3%80% ... show more CloudFlare WAF REPORT: /?s=%E3%80%90%E2%94%83%E8%81%94%E7%B3%BB46416%E2%92%8F5%28%E6%89%A3%29%E3%80%91%E3%80%91%E5%BD%A9%E4%B8%96%E7%95%8C%E7%BD%91%E6%80%8E%E4%B9%88%E6%89%93%E4%B8%8D%E5%BC%80 show less	Bad Web Bot Web App Attack
🇩🇪 artifice	2026-05-23 08:04:40 (1 week ago)	Webshell or preinstalled backdoor probe.	Hacking Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 194.74.196.10

🇺🇸 107.150.96.74

🇧🇬 79.124.62.126

🇧🇷 179.125.169.27

🇧🇷 179.102.26.14

🇳🇱 176.65.148.29

🇬🇷 149.210.71.14

🇪🇸 141.109.168.80

🇹🇭 125.27.13.39

🇨🇳 112.123.185.161

🇮🇳 106.51.151.238

🇮🇳 103.99.36.182

🇨🇳 49.116.102.136

🇧🇷 45.7.187.181

🇺🇸 32.220.47.210

🇬🇧 193.176.29.23

🇸🇦 188.54.40.1

🇳🇱 172.94.9.159

🇺🇸 172.59.93.222

🇺🇸 162.216.149.186