JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 145.223.130.231

145.223.130.231 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 51%: ?

51%

ISP	BYTEPLUS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS150436
Domain Name	bytedance.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 145.223.130.231

Whois 145.223.130.231

IP Abuse Reports for 145.223.130.231:

This IP address has been reported a total of 43 times from 13 distinct sources. 145.223.130.231 was first reported on April 16th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 01:02:16 (6 days ago)	(mod_security) mod_security (id:210350) triggered by 145.223.130.231 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 145.223.130.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 21:02:02.914866 2026] [security2:error] [pid 12539:tid 12539] [client 145.223.130.231:42226] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.laboquimia.es\|F\|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.laboquimia.es"] [uri "/pdf_catalogo/THERMOFISHER-Cryofuge_centrifuges_brochure.pdf"] [unique_id "aiDOivg36_oyVejoNc5kQgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-26 09:19:48 (2 weeks ago)	FortiWeb WAF: 6 attacks detected. Threat Score: 26000. Types: Client Management(3), GEO IP(3). Origi ... show more FortiWeb WAF: 6 attacks detected. Threat Score: 26000. Types: Client Management(3), GEO IP(3). Origin: Singapore. show less	Web App Attack
🇩🇪 artifice	2026-05-25 02:58:31 (2 weeks ago)	Webshell or preinstalled backdoor probe.	Hacking Web App Attack
🇩🇪 FeG Deutschland	2026-05-25 01:52:53 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
Anonymous	2026-05-24 23:23:02 (2 weeks ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-05-24 22:10:02 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 145.223.130.231 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 145.223.130.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 18:09:52.281610 2026] [security2:error] [pid 19694:tid 19694] [client 145.223.130.231:54280] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|williamfitzsimmons.com\|F\|2"] [data ".crescentphx.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "williamfitzsimmons.com"] [uri "/news/0328-william-adds-chattanooga-date-uscan-tour/www.crescentphx.com"] [unique_id "ahN3MC5d6nlD6gOdS_f-kgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-05-24 10:04:53 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 27	Exploited Host Web App Attack
Anonymous	2026-05-24 09:20:42 (2 weeks ago)	FortiWeb WAF: 126 attacks detected. Threat Score: 15600. Types: Client Management(63), GEO IP(63). O ... show more FortiWeb WAF: 126 attacks detected. Threat Score: 15600. Types: Client Management(63), GEO IP(63). Origin: Singapore. show less	Web App Attack
Anonymous	2026-05-24 07:00:09 (2 weeks ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
Anonymous	2026-05-23 17:27:00 (2 weeks ago)	Multiple Violations by Bot	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 12:34:33 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 145.223.130.231 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 145.223.130.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 08:34:21.150723 2026] [security2:error] [pid 3890:tid 3890] [client 145.223.130.231:53280] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|brookspowell.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "brookspowell.com"] [uri "/mail to: [email protected]"] [unique_id "ahGezW-Yh2jFvkVCi2IBkQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Mehmet_The_Script_Kiddie	2026-05-23 10:23:36 (2 weeks ago)	CloudFlare WAF REPORT: /?s=%E6%81%92%E8%BE%BE%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0%E4%BB%A3%E7%90%86% ... show more CloudFlare WAF REPORT: /?s=%E6%81%92%E8%BE%BE%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0%E4%BB%A3%E7%90%86%E6%9C%80%E9%AB%98%E8%BF%94%E7%82%B9%E3%80%90%E2%94%83%E5%92%A8%E8%AF%A2%EF%BC%B12%E2%92%8F7%E2%92%8F01705%E3%80%91%E3%80%91 show less	Bad Web Bot Web App Attack
🇨🇭 backslash	2026-05-23 06:03:02 (2 weeks ago)	block ruleset DA4A07AEE48B136A3922182BE8AA8BFBC1840803	Bad Web Bot
🇺🇸 ipblock.com	2026-05-22 08:29:00 (2 weeks ago)	IPBlock protected site ID [3192-af][s=02]. Exploit request, vulnerability probe.	Hacking Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-05-20 18:54:00 (2 weeks ago)	IPBlock protected site ID [3192-af][s=02]. Exploit request, vulnerability probe.	Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 185.148.1.18

🇫🇮 35.228.198.184

🇷🇴 2.57.121.112

🇪🇨 193.30.14.163

🇵🇰 175.107.2.73

🇺🇸 162.254.34.59

🇹🇼 106.1.117.122

🇫🇷 91.231.89.5

🇺🇸 64.95.9.220

🇺🇸 40.124.179.252

🇩🇪 4.184.246.230

🇺🇸 2600:1f18:3aea:7000:95da:5cfc:b72e:c7fe

🇨🇳 223.109.252.253

🇰🇷 222.119.187.182

🇺🇿 213.230.82.139

🇩🇪 207.154.222.236

🇺🇸 205.210.31.35

🇺🇸 196.251.81.14

🇺🇸 195.184.76.114

🇬🇧 195.96.139.235