JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.230.127.232

157.230.127.232 was found in our database!

This IP was reported 829 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.230.127.232

Whois 157.230.127.232

IP Abuse Reports for 157.230.127.232:

This IP address has been reported a total of 829 times from 422 distinct sources. 157.230.127.232 was first reported on February 8th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 rshict	2024-10-30 17:05:53 (1 year ago)	Hacking, Brute-Force, Web App Attack	Hacking Brute-Force Web App Attack
Anonymous	2024-10-27 11:16:20 (1 year ago)	[26/Oct/2024:18:03:04 -0400] \"GET /.env HTTP/1.1\" \"Mozilla/5.0 Keydrop\" [26/Oct/2024:18:03:04 -0 ... show more [26/Oct/2024:18:03:04 -0400] \"GET /.env HTTP/1.1\" \"Mozilla/5.0 Keydrop\" [26/Oct/2024:18:03:04 -0400] \"GET / HTTP/1.0\" Blank UA show less	Hacking
🇮🇪 RoboSOC	2024-10-27 08:29:34 (1 year ago)	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	Port Scan
🇺🇸 BSG Webmaster	2024-10-27 07:35:08 (1 year ago)	Port scanning (Port 443)	Port Scan Hacking
🇺🇸 TPI-Abuse	2024-10-26 21:40:42 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 157.230.127.232 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 157.230.127.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 26 17:40:38.827886 2024] [security2:error] [pid 1229:tid 1229] [client 157.230.127.232:44498] [client 157.230.127.232] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.206"] [uri "/.env"] [unique_id "Zx1h1m1b2TSYuPayLojLtAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 jk jk	2024-10-26 21:39:10 (1 year ago)	GoPot Honeypot 1	Hacking Web App Attack
Anonymous	2024-10-26 21:24:26 (1 year ago)	$f2bV_matches	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-10-26 21:13:07 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 157.230.127.232 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 157.230.127.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 26 17:12:59.576663 2024] [security2:error] [pid 19795:tid 19795] [client 157.230.127.232:39406] [client 157.230.127.232] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.175"] [uri "/.env"] [unique_id "Zx1bW4MsJvlcRbtfdnjrtQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-10-26 20:57:07 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 157.230.127.232 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 157.230.127.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 26 16:57:02.582951 2024] [security2:error] [pid 14419:tid 14419] [client 157.230.127.232:50094] [client 157.230.127.232] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.62"] [uri "/.env"] [unique_id "Zx1XnlYkLsCu2Ox8j2bToAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 kumiko	2024-10-26 20:55:42 (1 year ago)	[2024-10-26 20:55:41] Probing for dotfiles "GET /.env HTTP/1.1" 403	Bad Web Bot Web App Attack
🇨🇦 Anymous	2024-10-26 20:32:11 (1 year ago)	GET /.env HTTP/1.1 403 4436 "-" "Mozilla/5.0 Keydrop"	Bad Web Bot
🇧🇬 pa4080	2024-10-26 20:31:37 (1 year ago)	Detected by ModSecurity. Request URI: /.env	Web App Attack
🇺🇸 TPI-Abuse	2024-10-26 20:27:27 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 157.230.127.232 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 157.230.127.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 26 16:27:22.457532 2024] [security2:error] [pid 10966:tid 10966] [client 157.230.127.232:49372] [client 157.230.127.232] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.176"] [uri "/.env"] [unique_id "Zx1QqvNfwfe1NnJ_pWhjTgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-10-26 20:05:54 (1 year ago)	157.230.127.232 - - [26/Oct/2024:20:05:53 +0000] "GET /.env HTTP/1.1" 403 287 "-" "Mozilla/5.0 Keydr ... show more 157.230.127.232 - - [26/Oct/2024:20:05:53 +0000] "GET /.env HTTP/1.1" 403 287 "-" "Mozilla/5.0 Keydrop" ... show less	Hacking Web App Attack
🇳🇱 WeCloudit-Anti-Abuse	2024-10-26 19:37:25 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 157.230.127.232 (DE/Germany/-): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 157.230.127.232 (DE/Germany/-): 1 in the last 300 secs; Ports: *; Direction: 0; Trigger: LF_MODSEC show less	Brute-Force SSH

Showing 1 to 15 of 829 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4001:c20::128

🇳🇱 160.119.71.135

🇺🇸 99.92.204.98

🇭🇺 80.98.155.175

🇲🇽 187.216.224.85

🇺🇸 172.217.36.88

🇧🇷 164.152.250.192

🇿🇦 160.119.253.30

🇦🇺 158.178.141.16

🇺🇸 147.185.132.126

🇻🇳 116.110.159.188

🇺🇸 91.230.168.142

🇩🇪 91.107.198.115

🇺🇸 66.132.224.22

🇨🇳 49.64.23.173

🇺🇸 34.127.1.137

🇺🇸 18.207.133.167

🇨🇳 218.61.251.3

🇺🇸 192.236.244.137

🇺🇸 172.253.251.119