JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.55.189.25

157.55.189.25 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Antonio, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.55.189.25

Whois 157.55.189.25

IP Abuse Reports for 157.55.189.25:

This IP address has been reported a total of 49 times from 37 distinct sources. 157.55.189.25 was first reported on June 2nd 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-03 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇧🇷 SOC-BR	2026-06-03 07:35:39 (1 day ago)	Attack detected by Fortinet - applications3: Spring.Boot.Actuator.Unauthorized.Access - 2026-06-02 2 ... show more Attack detected by Fortinet - applications3: Spring.Boot.Actuator.Unauthorized.Access - 2026-06-02 20:52:38 - Source Port 31509 show less	Port Scan Hacking
🇺🇸 gu-alvareza	2026-06-03 07:05:29 (1 day ago)	HTPasswd.Access	Brute-Force
🇳🇴 Bots.go.to.hell	2026-06-03 06:01:10 (1 day ago)	This IP was detected by CrowdSec triggering custom/ip-honeypot	Web App Attack Bad Web Bot
🇺🇸 RAP	2026-06-03 05:49:54 (1 day ago)	2026-06-03 05:49:54 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇺🇸 OceanTreasure	2026-06-03 05:15:18 (1 day ago)	tcp/80; Spring Boot Actuator exposure attempt: "GET /actuator/env" @ 2026-06-03T05:08:12Z [azure]	Web App Attack
🇹🇷 SeczarSecureOps	2026-06-03 04:40:28 (1 day ago)	Seczar SecureOps — Port Scan Detection (8 events) — quarantined 43200m on fgdcapi	Port Scan
Anonymous	2026-06-03 04:38:53 (1 day ago)	tls scan	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 03:57:50 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 157.55.189.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 157.55.189.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 23:57:44.359659 2026] [security2:error] [pid 8810:tid 8810] [client 157.55.189.25:19609] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.145"] [uri "/.git/HEAD"] [unique_id "ah-mOCRCBEzUHIhH8ap8KwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 03:51:04 (1 day ago)	157.55.189.25 - - [03/Jun/2026:03:50:58 +0000] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (M ... show more 157.55.189.25 - - [03/Jun/2026:03:50:58 +0000] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" 157.55.189.25 - - [03/Jun/2026:03:50:59 +0000] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" "-" 157.55.189.25 - - [03/Jun/2026:03:51:00 +0000] "GET /.env.local HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" 157.55.189.25 - - [03/Jun/2026:03:51:03 +0000] "GET /.env.backup HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" "-" 157.55.189.25 - - [03/Jun/2026:03:51:04 +0000] "GET /.env.save HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" "-" ... show less	Port Scan Brute-Force
🇺🇸 technash	2026-06-03 03:50:00 (1 day ago)	Port scanning detection [Fortinet/Sentinel]. Deny/drop traffic.	Port Scan
🇧🇪 sid3windr	2026-06-03 03:49:14 (1 day ago)	GET /.git/HEAD (Tarpitted for , wasted 120B)	Web App Attack
🇹🇷 Threat.live	2026-06-03 03:40:06 (2 days ago)	Suspicious Connection Attempts	Brute-Force
🇳🇱 Roderic	2026-06-03 03:34:19 (2 days ago)	(apache_scanners-2) Failed apache-scanners trigger with match [redacted])	Port Scan
🇫🇮 TrafficAnalyser	2026-06-03 03:24:42 (2 days ago)	Port scanning	Port Scan

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 168.144.95.137

🇺🇸 162.216.150.160

🇺🇸 136.112.221.49

🇨🇳 121.29.149.148

🇺🇸 54.84.179.214

🇳🇱 45.153.34.195

🇺🇸 198.199.88.161

🇨🇳 171.105.76.47

🇻🇳 113.174.90.100

🇺🇸 65.49.1.35

🇺🇸 52.0.63.151

🇱🇹 45.227.254.170

🇮🇩 41.216.177.55

🇭🇰 199.45.154.183

🇳🇱 185.226.197.63

🇬🇪 178.134.233.24

🇺🇸 72.14.185.207

🇺🇸 66.132.186.135

🇩🇪 45.135.194.83

🇧🇪 34.76.237.251