JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.15.40.60

157.15.40.60 was found in our database!

This IP was reported 426 times. Confidence of Abuse is 100%: ?

100%

ISP	PT Trisari Data Indonesia
Usage Type	Fixed Line ISP
ASN	AS139952
Domain Name	trisari.id
Country	🇮🇩 Indonesia
City	Madiun, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.15.40.60

Whois 157.15.40.60

IP Abuse Reports for 157.15.40.60:

This IP address has been reported a total of 426 times from 185 distinct sources. 157.15.40.60 was first reported on November 2nd 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-11-03 15:35:26 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 157.15.40.60 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 157.15.40.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 03 10:35:18.382979 2025] [security2:error] [pid 27704:tid 27704] [client 157.15.40.60:48042] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globalpackets.net"] [uri "/.env"] [unique_id "aQjLtl1Vx4mJtizdSWY43AAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇪 Unwasted	2025-11-03 15:27:52 (7 months ago)	File scanning	Hacking Web App Attack
🇩🇪 hbrks	2025-11-03 15:16:05 (7 months ago)	4 attack(s) detected, such as these: {"event":"nginx_block","ip":"157.15.40.60","host":"git.marche-b ... show more 4 attack(s) detected, such as these: {"event":"nginx_block","ip":"157.15.40.60","host":"git.marche-be.com","request":"POST / HTTP/1.1","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36","reason":"404","timestamp":"2025-11-03T15:16:05 00:00","logentry":"git.marche-be.com 157.15.40.60 - - [03/Nov/2025:15:16:05 0000] POST / HTTP/1.1 301 169 - Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 - matched:-"} * Report Details : https://p4u.xyz/67CIQG8NNQN/1 IP Details *: https://p4u.xyz/67CIQG8NNQN/2 show less	Web Spam Hacking Bad Web Bot
🇺🇸 myagent.site	2025-11-03 14:57:10 (7 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-11-03 14:53:31 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 157.15.40.60 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 157.15.40.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 03 09:53:28.265773 2025] [security2:error] [pid 18378:tid 18378] [client 157.15.40.60:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cheferica.com"] [uri "/.env"] [unique_id "aQjB6OAAB-7LrTkIibhiSgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 hbrks	2025-11-03 14:42:11 (7 months ago)	2 attack(s) detected, such as these: {"event":"nginx_block","ip":"157.15.40.60","host":"gh.estate.ka ... show more 2 attack(s) detected, such as these: {"event":"nginx_block","ip":"157.15.40.60","host":"gh.estate.kasm.life","request":"POST / HTTP/1.1","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36","reason":"service:unknow","timestamp":"2025-11-03T14:42:11 00:00","logentry":"gh.estate.kasm.life 157.15.40.60 - - [03/Nov/2025:14:42:11 0000] POST / HTTP/1.1 444 0 - Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 - matched:service:unknow"} * Report Details : https://p4u.xyz/21AY7DMR958/1 IP Details *: https://p4u.xyz/21AY7DMR958/2 show less	Web Spam Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-03 14:33:33 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 157.15.40.60 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 157.15.40.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 03 09:33:29.583706 2025] [security2:error] [pid 26234:tid 26335] [client 157.15.40.60:33358] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nederbragt.net"] [uri "/.env"] [unique_id "aQi9OXEVG0qHg0KY2l1rKwAAAQE"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Swiptly	2025-11-03 14:16:31 (7 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇵🇱 sefinek.net	2025-11-03 14:13:42 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from ID. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from ID. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.env UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-03 14:06:47 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 157.15.40.60 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 157.15.40.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 03 09:06:40.607736 2025] [security2:error] [pid 2698460:tid 2698460] [client 157.15.40.60:34774] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "centrosteckerl.com"] [uri "/.env"] [unique_id "aQi28GonwRWfkajDNl5AbwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 GoodOldTOS	2025-11-03 13:32:54 (7 months ago)	Bad keywords detected in request: /.env	Web App Attack
🇩🇪 bescared	2025-11-03 11:59:17 (7 months ago)	F2B - Malicious activity detected. URL Probing.	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-03 10:37:44 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 157.15.40.60 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 157.15.40.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 03 05:37:37.565809 2025] [security2:error] [pid 28195:tid 28195] [client 157.15.40.60:36892] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "frenosilent.net.ar.misterflores.com"] [uri "/.env"] [unique_id "aQiF8Yk0iGwMeoo2sRTTBAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-03 08:48:53 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 157.15.40.60 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 157.15.40.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 03 03:48:45.522798 2025] [security2:error] [pid 24969:tid 24969] [client 157.15.40.60:49964] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "flugstadcom.xn--lyngr-yua.net"] [uri "/.env"] [unique_id "aQhsbUBoSo3lu13CST5b9AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2025-11-03 08:36:09 (7 months ago)	131 requests with url.path *.env	Brute-Force Bad Web Bot

Showing 406 to 420 of 426 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇳 190.11.239.117

🇦🇹 152.53.0.56

🇺🇸 137.184.112.103

🇨🇳 117.50.75.90

🇨🇳 112.102.169.30

🇺🇸 107.172.78.18

🇮🇳 49.200.158.226

🇬🇧 35.203.210.118

🇦🇪 20.203.42.204

🇨🇿 185.91.116.105

🇦🇷 181.225.198.49

🇧🇷 179.124.26.42

🇳🇱 176.65.149.14

🇧🇼 168.167.72.132

🇩🇪 151.243.11.35

🇷🇺 130.49.172.112

🇭🇰 114.111.52.109

🇺🇸 35.186.185.251

🇷🇺 31.173.2.182

🇶🇦 2600:1900:4260:40e::69