JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.15.40.93

157.15.40.93 was found in our database!

This IP was reported 575 times. Confidence of Abuse is 48%: ?

48%

ISP	PT Trisari Data Indonesia
Usage Type	Fixed Line ISP
ASN	AS139952
Domain Name	trisari.id
Country	🇮🇩 Indonesia
City	Madiun, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.15.40.93

Whois 157.15.40.93

IP Abuse Reports for 157.15.40.93:

This IP address has been reported a total of 575 times from 166 distinct sources. 157.15.40.93 was first reported on October 8th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 sockominfo	2026-04-15 09:00:55 (1 month ago)	IDOR Attempt. Threat Score: 8.8/10 (CRITICAL). Confidence: 70%. CVSS v3.1: 10/10 (Critical). CVSS Ve ... show more IDOR Attempt. Threat Score: 8.8/10 (CRITICAL). Confidence: 70%. CVSS v3.1: 10/10 (Critical). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. Bayesian Probability: 87%. MITRE ATT&CK: T1210 (Exploitation of Remote Services). Tactic: TA0001. Freshness: Fresh. Source Reputation: KNOWN_MALICIOUS. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇲🇾 Rizzy	2026-04-15 08:46:54 (1 month ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇮🇩 sockominfo	2026-04-15 08:00:19 (1 month ago)	IDOR Attempt. Threat Score: 6.9/10 (MEDIUM). Reported by TangerangKota-CSIRT	Hacking Web App Attack
🇺🇸 mind5t0rm	2026-04-14 19:25:25 (1 month ago)	(WPLOGIN) WP Login Attack 157.15.40.93 (ID/Indonesia/-): 3 in the last 3600 secs; Ports: ; Directio ... show more (WPLOGIN) WP Login Attack 157.15.40.93 (ID/Indonesia/-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 157.15.40.93 - - [15/Apr/2026:02:25:14 +0700] "GET /wp-login.php HTTP/2.0" 200 3117 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.62 Safari/537.36" 157.15.40.93 - - [15/Apr/2026:02:25:17 +0700] "POST /wp-login.php HTTP/2.0" 200 3236 "https://www.zerowaterthailand.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.62 Safari/537.36" 157.15.40.93 - - [15/Apr/2026:02:25:23 +0700] "GET /wp-login.php HTTP/2.0" 200 3117 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.53 Safari/537.36" show less	Port Scan
🇮🇩 Burayot	2026-04-11 16:44:52 (1 month ago)	LF_CPANEL: (cpanel) Failed cPanel login from 157.15.40.93 (ID/Indonesia/-): 1 in the last 3600 secs	Brute-Force
🇬🇧 consul.to	2026-04-11 13:57:45 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 Skyrider	2026-04-10 09:58:03 (1 month ago)	157.15.40.93 - - [10/Apr/2026:11:57:59 +0200] "GET /login2.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Wi ... show more 157.15.40.93 - - [10/Apr/2026:11:57:59 +0200] "GET /login2.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5384.0 Safari/537.36" 157.15.40.93 - - [10/Apr/2026:11:58:00 +0200] "GET /login2.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36" 157.15.40.93 - - [10/Apr/2026:11:58:01 +0200] "GET /login2.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.62 Safari/537.36" 157.15.40.93 - - [10/Apr/2026:11:58:02 +0200] "GET /login2.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36" 157.15.40.93 - - [10/Apr/2026:11:58:03 +0200] "GET /login2.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.66 Safari/537.36" show less	Bad Web Bot Web App Attack
🇮🇩 securejdprop	2026-04-08 22:40:43 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-admin-interface-probing. Ip 157.15.40 ... show more This IP was detected by CrowdSec triggering crowdsecurity/http-admin-interface-probing. Ip 157.15.40.93 performed 'crowdsecurity/http-admin-interface-probing' (3 events over 5.094939198s) at 2026-04-08 22:40:41.848376262 +0000 UTC show less	Hacking Web App Attack
🇧🇬 Stoyko Stoykov	2026-04-08 04:13:02 (1 month ago)	157.15.40.93 - - [08/Apr/2026:07:13:02 +0300] "GET /admin/file-manager/initialize HTTP/1.1" 404 0 "- ... show more 157.15.40.93 - - [08/Apr/2026:07:13:02 +0300] "GET /admin/file-manager/initialize HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Hacking Web App Attack
🇩🇪 Skyrider	2026-04-07 22:51:47 (1 month ago)	157.15.40.93 - - [08/Apr/2026:00:51:38 +0200] "GET /:lawrence HTTP/2.0" 404 11237 "-" "Mozilla/5.0 ( ... show more 157.15.40.93 - - [08/Apr/2026:00:51:38 +0200] "GET /:lawrence HTTP/2.0" 404 11237 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.165 Safari/537.36" 157.15.40.93 - - [08/Apr/2026:00:51:41 +0200] "GET /:lawrence HTTP/2.0" 404 11239 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36" 157.15.40.93 - - [08/Apr/2026:00:51:44 +0200] "GET /:lawrence HTTP/2.0" 404 11235 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.62 Safari/537.36" 157.15.40.93 - - [08/Apr/2026:00:51:46 +0200] "GET /:lawrence HTTP/2.0" 404 11236 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36" 157.15.40.93 - - [08/Apr/2026:00:51:47 +0200] "GET /:lawrence HTTP/2.0" 404 11234 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.62 Safari/537.36" show less	Bad Web Bot Web App Attack
🇭🇺 kranem	2026-04-07 21:00:50 (1 month ago)	Triggered Cloudflare WAF from ID. Action taken: BLOCK ASN: 139952 (TRIDATA-AS-ID PT Trisari Data Ind ... show more Triggered Cloudflare WAF from ID. Action taken: BLOCK ASN: 139952 (TRIDATA-AS-ID PT Trisari Data Indonusa) Protocol: HTTP/1.1 (GET method) Endpoint: /login Timestamp: 2026-04-07T19:27:32Z User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36 show less	Bad Web Bot
🇩🇪 FeG Deutschland	2026-04-06 00:57:04 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 CBJ	2026-04-06 00:06:19 (1 month ago)	fail2ban: apache-filepath-recon ...	Web App Attack
🇩🇪 Skyrider	2026-04-05 11:59:24 (1 month ago)	157.15.40.93 - - [05/Apr/2026:13:59:16 +0200] "GET /login2.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Wi ... show more 157.15.40.93 - - [05/Apr/2026:13:59:16 +0200] "GET /login2.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.70 Safari/537.36" 157.15.40.93 - - [05/Apr/2026:13:59:19 +0200] "GET /login2.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.65 Safari/537.36" 157.15.40.93 - - [05/Apr/2026:13:59:20 +0200] "GET /login2.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.66 Safari/537.36" 157.15.40.93 - - [05/Apr/2026:13:59:22 +0200] "GET /login2.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36" 157.15.40.93 - - [05/Apr/2026:13:59:23 +0200] "GET /login2.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36" show less	Bad Web Bot Web App Attack
🇧🇬 Stoyko Stoykov	2026-04-05 08:42:46 (1 month ago)	157.15.40.93 - - [05/Apr/2026:11:42:46 +0300] "GET /simple.php HTTP/1.1" 301 162 "-" "Mozlila/5.0 (L ... show more 157.15.40.93 - - [05/Apr/2026:11:42:46 +0300] "GET /simple.php HTTP/1.1" 301 162 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" ... show less	Hacking Web App Attack

Showing 31 to 45 of 575 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 189.194.140.170

🇳🇱 176.65.149.212

🇭🇰 199.45.155.73

🇮🇳 135.13.28.35

🇳🇿 121.73.163.27

🇨🇳 116.255.208.96

🇫🇷 91.196.152.18

🇸🇦 82.167.182.120

🇳🇱 45.148.10.151

🇭🇰 43.255.118.11

🇧🇪 35.189.196.224

🇺🇸 2604:a940:300:5b6:0:12::

🇧🇷 187.8.120.90

🇧🇷 179.222.190.59

🇳🇱 176.65.148.29

🇺🇸 172.253.7.30

🇺🇸 172.238.160.104

🇹🇬 156.38.73.89

🇿🇦 147.136.67.52

🇨🇳 120.133.60.156