JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.23.142.130

64.23.142.130 was found in our database!

This IP was reported 617 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.23.142.130

Whois 64.23.142.130

IP Abuse Reports for 64.23.142.130:

This IP address has been reported a total of 617 times from 325 distinct sources. 64.23.142.130 was first reported on November 7th 2025, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 expandmade.com	2026-06-13 14:21:59 (3 hours ago)	trolling for installation vulnerabilities [13/Jun/2026:14:21:58 "GET /.env"]	Web App Attack
🇩🇪 Vegascosmetics	2026-06-13 13:57:42 (3 hours ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security	DDoS Attack Hacking Exploited Host
🇩🇪 conseilgouz	2026-06-13 09:21:00 (8 hours ago)	ave-17 : Block hidden directories=>/.env(/)	Hacking
🇩🇪 conseilgouz	2026-06-13 01:39:21 (15 hours ago)	lae-17 : Block hidden directories=>/.env(/)	Hacking
🇧🇷 Halux	2026-06-12 00:30:35 (1 day ago)	64.23.142.130 Probing protected path or service	Web App Attack
🇺🇸 chronos	2026-06-11 07:54:10 (2 days ago)	[AUTORAVALT][[11/06/2026 - 04:54:10 -03:00 UTC] Attack from [DigitalOcean, LLC] [64.23.142.130] Acti ... show more [AUTORAVALT][[11/06/2026 - 04:54:10 -03:00 UTC] Attack from [DigitalOcean, LLC] [64.23.142.130] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software plug] ... show less	Hacking Web App Attack
🇫🇷 Baking333	2026-06-11 06:22:01 (2 days ago)	[redacted] 64.23.142.130 - - [11/Jun/2026:07:21:58 +0100] "GET /.env HTTP/2.0" 301 291 "-" "Mozilla/ ... show more [redacted] 64.23.142.130 - - [11/Jun/2026:07:21:58 +0100] "GET /.env HTTP/2.0" 301 291 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" [redacted] 64.23.142.130 - - [11/Jun/2026:07:21:59 +0100] "GET /fr/.env/ HTTP/2.0" 404 26929 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" show less	Bad Web Bot Web App Attack
🇪🇸 librebit	2026-06-11 03:57:53 (2 days ago)	Brute force	Brute-Force
🇩🇪 langenkamp-media	2026-06-10 18:26:12 (2 days ago)	Fail2Ban: Banned from jail nginx-scan-critical on 3dausdu.de	Web App Attack
🇭🇺 kranem	2026-06-10 18:00:38 (2 days ago)	Triggered Cloudflare WAF from US. Action taken: BLOCK ASN: 14061 (DigitalOcean, LLC) Protocol: HTTP/ ... show more Triggered Cloudflare WAF from US. Action taken: BLOCK ASN: 14061 (DigitalOcean, LLC) Protocol: HTTP/1.1 (GET method) Endpoint: / Timestamp: 2026-06-10T17:31:13Z User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 show less	Bad Web Bot
🇺🇸 ambor	2026-06-10 15:33:21 (3 days ago)	Honeypot triggered: /.env on ifebridge.com. User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/ ... show more Honeypot triggered: /.env on ifebridge.com. User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36. Method: GET show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 14:47:25 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 64.23.142.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.23.142.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 10:47:20.126586 2026] [security2:error] [pid 19710:tid 19710] [client 64.23.142.130:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abdulhameeds.art"] [uri "/.env"] [unique_id "ail4-Ju7Be5pldIx6AlcXgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Lezetho	2026-06-10 12:00:35 (3 days ago)	DDoS, WebSpam, Web Attack, and Brute-force blocked by Cloudflare	DDoS Attack Email Spam Hacking Brute-Force
🇩🇪 bryth	2026-06-10 04:55:49 (3 days ago)	Wordpress login/xmlrpc abuse (Wed Jun 10 04:38:44 AM UTC 2026)	Hacking Web App Attack
🇺🇸 SodaAudit.app	2026-06-10 02:07:21 (3 days ago)	[sodaaudit.app] Web app attack. Timestamp: 2026-06-09T23:17:23.000Z. 1 probe events, 1 distinct path ... show more [sodaaudit.app] Web app attack. Timestamp: 2026-06-09T23:17:23.000Z. 1 probe events, 1 distinct path(s). Paths (payload): /.env show less	Web App Attack

Showing 1 to 15 of 617 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.31

🇺🇸 147.185.132.47

🇰🇷 122.35.192.61

🇺🇸 40.124.175.52

🇬🇧 5.226.140.13

🇺🇸 65.49.1.110

🇨🇳 60.166.83.172

🇺🇸 57.141.20.56

🇺🇸 47.251.143.167

🇳🇱 45.148.10.157

🇬🇧 35.203.210.24

🇺🇸 20.29.78.145

🇷🇴 2.57.122.177

🇨🇳 221.0.10.169

🇳🇱 185.224.128.16

🇺🇸 172.234.192.12

🇸🇬 168.144.45.211

🇸🇬 103.13.206.100

🇺🇸 38.247.136.244

🇮🇪 3.253.61.154