Significant Threat
IP 146.190.153.30 is a high-risk address originating from DigitalOcean's network infrastructure in the United States, linked to 6,678 reported incidents of hacking activity with an 87% confidence rating and an 8/10 threat level.
The IP has been tracked across automated honeypot sensors since September 2025, with continuous reporting activity extending through June 2026. All 6,678 reports consistently document hacking-related intrusion attempts, placing this address in the highest activity frequency tier. The DigitalOcean ASN (AS14061) provides this IP, a major cloud hosting provider whose infrastructure is frequently abused by threat actors due to its reputation, flexible instance provisioning and geographic distribution. The sustained report volume spanning approximately nine months demonstrates persistent, automated scanning and exploitation behavior rather than opportunistic or isolated incidents.
Hacking activity in this context encompasses systematic attempts to exploit software vulnerabilities, compromise authentication mechanisms and gain unauthorized system access through credential-based attacks and vulnerability scanning. The volume and consistency of reports indicate that automated exploitation toolkits are being deployed from this IP across numerous targets. For an exposed service, a connection attempt from this address signals a hostile actor probing for weaknesses, with successful exploitation potentially resulting in data exfiltration, malware deployment or complete system compromise depending on the target's vulnerability profile.
Site operators should immediately block this IP at the firewall level given its sustained malicious activity profile. Implementing dynamic threat blocking solutions such as fail2ban can automate the identification and rejection of repeated hostile connections. Organizations should ensure all exposed services are fully patched, enforce strong multi-factor authentication and maintain active intrusion detection monitoring to catch any attempted exploitation. Blocking cloud provider address ranges at the network perimeter is also a viable defensive measure when legitimate traffic from these networks is not required.
NL 
GB 
IR 
UA 
BE