JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 177.153.38.157

177.153.38.157 was found in our database!

This IP was reported 46 times. Confidence of Abuse is 100%: ?

100%

ISP	Locaweb Serviços de Internet S/A
Usage Type	Data Center/Web Hosting/Transit
ASN	AS27715
Hostname(s)	fragbase.vps-kinghost.net
Domain Name	locaweb.com.br
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 177.153.38.157

Whois 177.153.38.157

IP Abuse Reports for 177.153.38.157:

This IP address has been reported a total of 46 times from 30 distinct sources. 177.153.38.157 was first reported on June 15th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 Peregrine	2026-06-19 03:09:34 (4 days ago)	Fail2Ban Jail: tomcat-honeypot \| Evidence: - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /p ... show more Fail2Ban Jail: tomcat-honeypot \| Evidence: - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /project/.env HTTP/1.1" 404 414 - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /.env HTTP/1.1" 404 414 - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /project/.env HTTP/1.1" 404 414 - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /.env HTTP/1.1" 404 414 show less	Bad Web Bot
🇧🇷 Peregrine	2026-06-18 03:09:23 (5 days ago)	Fail2Ban Jail: tomcat-honeypot \| Evidence: - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /p ... show more Fail2Ban Jail: tomcat-honeypot \| Evidence: - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /project/.env HTTP/1.1" 404 414 - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /.env HTTP/1.1" 404 414 - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /project/.env HTTP/1.1" 404 414 - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /.env HTTP/1.1" 404 414 show less	Bad Web Bot
🇧🇷 Peregrine	2026-06-17 03:09:21 (6 days ago)	Fail2Ban Jail: tomcat-honeypot \| Evidence: - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /p ... show more Fail2Ban Jail: tomcat-honeypot \| Evidence: - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /project/.env HTTP/1.1" 404 414 - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /.env HTTP/1.1" 404 414 - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /project/.env HTTP/1.1" 404 414 - 177.153.38.157 - - [15/Jun/2026:13:50:03 -0300] "GET /.env HTTP/1.1" 404 414 show less	Bad Web Bot
🇳🇱 homeshowdomain.nl	2026-06-16 22:03:40 (6 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-15. show less	Web App Attack SSH Hacking
🇬🇧 openstrike.co.uk	2026-06-16 05:15:07 (1 week ago)	12 attacks on env grabbing URLs: GET /api/.env HTTP/1.1	Hacking
🇬🇧 andypiper	2026-06-16 01:01:06 (1 week ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇺🇸 mnsf	2026-06-16 00:15:45 (1 week ago)	Abuse Detected (9)	Brute-Force Web App Attack
Anonymous	2026-06-15 20:04:04 (1 week ago)	Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1	Hacking Web App Attack
🇺🇸 [email protected]	2026-06-15 19:43:45 (1 week ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-06-15T19:43:44Z	Brute-Force
🇺🇸 [email protected]	2026-06-15 18:42:51 (1 week ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-06-15T18:42:51Z	Brute-Force
🇺🇸 [email protected]	2026-06-15 18:05:58 (1 week ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-06-15T18:05:58Z	Brute-Force
🇪🇸 Francisco Vallejo	2026-06-15 18:04:43 (1 week ago)	[Mon Jun 15 20:04:42.238941 2026] [core:info] [pid 293330:tid 130567290984128] [client 177.153.38.15 ... show more [Mon Jun 15 20:04:42.238941 2026] [core:info] [pid 293330:tid 130567290984128] [client 177.153.38.157:36108] AH00128: File does not exist: /var/www/franvallejo/.env, referer: http://85.85.126.22/.env [Mon Jun 15 20:04:42.238941 2026] [core:info] [pid 481576:tid 130565990770368] [client 177.153.38.157:36118] AH00128: File does not exist: /var/www/franvallejo/api/.env, referer: http://85.85.126.22/api/.env [Mon Jun 15 20:04:42.239863 2026] [core:info] [pid 293330:tid 130566536033984] [client 177.153.38.157:36132] AH00128: File does not exist: /var/www/franvallejo/project/.env, referer: http://85.85.126.22/project/.env [Mon Jun 15 20:04:42.748460 2026] [core:info] [pid 293330:tid 130565990770368] [client 177.153.38.157:36138] AH00128: File does not exist: /var/www/franvallejo/.env [Mon Jun 15 20:04:42.753753 2026] [core:info] [pid 481576:tid 130567198729920] [client 177.153.38.157:36144] AH00128: File does not exist: /var/www/franvallejo/project/.env ... show less	Brute-Force SSH
🇺🇸 [email protected]	2026-06-15 17:40:33 (1 week ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-06-15T17:40:33Z	Brute-Force
🇫🇷 ELYAZ	2026-06-15 17:29:07 (1 week ago)	(y3) Failed access -byebye- from 177.153.38.157 (BR/Brazil/-): (CF_ENABLE)	Hacking
🇳🇱 wlt-blocker	2026-06-15 17:18:39 (1 week ago)	Unauthorized access to webpage admin	Web App Attack

Showing 1 to 15 of 46 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.214

🇪🇸 196.196.150.5

🇭🇰 165.154.41.6

🇺🇸 147.185.132.97

🇸🇪 90.230.212.29

🇺🇸 44.90.213.156

🇧🇪 34.77.24.24

🇹🇷 5.11.192.95

🇺🇸 2607:f8b0:4023:1009::12a

🇫🇷 2001:41d0:33d:9200::402

🇨🇭 209.99.191.19

🇬🇧 93.119.124.158

🇨🇳 47.95.234.23

🇺🇸 44.224.241.208

🇺🇸 18.116.101.220

🇳🇱 195.178.110.30

🇲🇦 160.179.151.235

🇺🇸 152.32.235.69

🇵🇱 95.214.53.157

🇺🇸 44.193.99.202