JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.55.189.21

157.55.189.21 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 65%: ?

65%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Antonio, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.55.189.21

Whois 157.55.189.21

IP Abuse Reports for 157.55.189.21:

This IP address has been reported a total of 25 times from 16 distinct sources. 157.55.189.21 was first reported on August 5th 2023, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇭🇺 Csaba Gáspár	2026-06-24 13:16:00 (7 hours ago)	HTPasswd.Access Spring.Boot.Actuator.Unauthorized.Access	Hacking
🇺🇸 TPI-Abuse	2026-06-24 12:23:01 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 157.55.189.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 157.55.189.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 08:22:57.757510 2026] [security2:error] [pid 17818:tid 17818] [client 157.55.189.21:40460] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.198"] [uri "/.git/HEAD"] [unique_id "ajvMIYXt3hte9x-732Ur0wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 polycoda	2026-06-24 12:14:29 (8 hours ago)	🔥 VERY AGGRESSIVE SCANNER probed over 100 inexistent files and PHP scripts in less than an hour.	Hacking Web App Attack
🇨🇦 polycoda	2026-06-24 11:17:07 (9 hours ago)	AutoBlock: 📡 Port Scan (Non Decay-Based) - ⚙️ Configuration File Access (Non Decay-Based)	Port Scan Hacking Web App Attack
🇧🇾 lns.bz	2026-06-08 00:01:10 (2 weeks ago)	.env scanning [BY]	Web App Attack
Anonymous	2026-06-07 23:54:34 (2 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇨🇿 Countryman	2026-06-07 13:12:21 (2 weeks ago)	IPS detection: HTPasswd.Access	Hacking
🇺🇸 RAP	2026-06-07 13:07:12 (2 weeks ago)	2026-06-07 13:07:12 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 Matthew Ping	2026-06-07 12:45:01 (2 weeks ago)	ModSecurity rule 949110 triggered on lulus. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
Anonymous	2026-06-07 12:25:01 (2 weeks ago)	suspicious request in access.log	Web App Attack
🇳🇱 Savvii	2026-06-07 12:00:45 (2 weeks ago)	15 attempts against mh-modsecurity-ban on virgo	Brute-Force Web App Attack
🇵🇱 Wepted	2026-06-07 11:32:26 (2 weeks ago)	Port scan detected by honeypot	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-07 11:32:11 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 157.55.189.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 157.55.189.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 07:32:05.633093 2026] [security2:error] [pid 10663:tid 10663] [client 157.55.189.21:37897] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.140"] [uri "/.git/HEAD"] [unique_id "aiVWtcDafq9UbY5CWwGUuAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 10:57:05 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 157.55.189.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 157.55.189.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 06:56:59.775537 2026] [security2:error] [pid 31840:tid 31997] [client 157.55.189.21:37515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.14"] [uri "/.git/HEAD"] [unique_id "aiVOe2wXgLrdIORNfUT9MQAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RAP	2026-06-07 10:21:44 (2 weeks ago)	2026-06-07 10:21:44 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 95.127.224.82

🇳🇱 45.148.10.147

🇻🇳 221.132.29.253

🇨🇦 216.128.182.140

🇳🇴 185.12.59.118

🇫🇷 85.217.140.2

🇺🇸 46.8.227.45

🇮🇷 5.202.169.252

🇬🇧 138.68.170.254

🇨🇳 111.85.240.127

🇨🇳 106.52.49.148

🇺🇸 104.23.197.154

🇦🇪 2001:8f8:1b3b:958:ae41:6e61:5805:fd59

🇨🇳 221.224.159.218

🇺🇸 205.210.31.44

🇺🇸 104.23.187.162

🇮🇶 65.20.204.88

🇧🇷 200.39.140.174

🇮🇷 176.65.240.242

🇩🇪 165.22.29.251