JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 118.99.112.8

118.99.112.8 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 3%: ?

ISP	Biznet Prepaid BLITAR
Usage Type	Fixed Line ISP
ASN	AS17451
Domain Name	biznetnetworks.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 118.99.112.8

Whois 118.99.112.8

IP Abuse Reports for 118.99.112.8:

This IP address has been reported a total of 42 times from 18 distinct sources. 118.99.112.8 was first reported on October 18th 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 pengpeng	2026-06-12 04:15:10 (1 week ago)	monitor: on VM-0-7-ubuntu \| port: 17103 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 17103 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2025-10-15 03:07:35 (8 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇮🇩 hermawan	2025-07-26 06:12:59 (10 months ago)	[Sat Jul 26 13:12:57.418869 2025] [security2:error] [pid 519728:tid 140078646011584] [client 118.99. ... show more [Sat Jul 26 13:12:57.418869 2025] [security2:error] [pid 519728:tid 140078646011584] [client 118.99.112.8:8132] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "themes" at REQUEST_FILENAME. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "69"] [id "448101"] [msg "BAD REQUEST FILENAME - Detected and Blocked"] [data "Matched Data: themes found within REQUEST_FILENAME: /TableFilter/TF_Themes/Default/TF_Default.css request_line = GET /TableFilter/TF_Themes/Default/TF_Default.css HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/TableFilter/TF_Themes/Default/TF_Default.css"] [unique_id "aIRx6YK5FJsUGY9JV8Y0GgAAjQU"], referer https://staklim-jatim.bmkg.go.id/Prakicu_Mingguan_Malang_Batu-v1.html [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[519735] [fjQe847N6Kw] [aIRx6YK5FJsUGY9JV8Y0GgAAjQU] keep_alive=[1] [2025-07-26 13:12:57.418873] [R:aIRx6YK5FJsUGY9JV8Y0GgAAjQU] UA:'Mozilla/5.0 (Window ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-06-22 15:41:08 (11 months ago)	[Sun Jun 22 22:40:22.582069 2025] [security2:error] [pid 177722:tid 140372563928768] [client 118.99. ... show more [Sun Jun 22 22:40:22.582069 2025] [security2:error] [pid 177722:tid 140372563928768] [client 118.99.112.8:53974] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "themes" at REQUEST_FILENAME. [file "/etc/modsecurity/coreruleset-4.15.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "68"] [id "448101"] [msg "BAD REQUEST FILENAME - Detected and Blocked"] [data "Matched Data: themes found within REQUEST_FILENAME: /TableFilter/TF_Themes/Default/TF_Default.css request_line = GET /TableFilter/TF_Themes/Default/TF_Default.css HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/TableFilter/TF_Themes/Default/TF_Default.css"] [unique_id "aFgj5kf_0gMpg111vFoZzAAAGA0"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[177736] [IxvJ6er0UE0] [aFgj5kf_0gMpg111vFoZzAAAGA0] keep_alive=[1] [2025-06-22 22:40:22.582084] [R:aFgj5kf_0gMpg111vFoZzAAAGA0] UA:'Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Mobile ... show less	Hacking Web App Attack
Anonymous	2025-02-10 16:10:17 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2024-09-15 09:40:41 (1 year ago)	Ports: 25,465,587; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇺🇦 SWF	2024-09-07 05:51:03 (1 year ago)	Port scanning	Port Scan Hacking
🇫🇮 bittiguru.fi	2024-06-21 03:17:10 (1 year ago)	Jun 21 06:17:09 www11 sshd[3177760]: Invalid user 1 from 118.99.112.8 port 49861 Jun 21 06:17:09 www ... show more Jun 21 06:17:09 www11 sshd[3177760]: Invalid user 1 from 118.99.112.8 port 49861 Jun 21 06:17:09 www11 sshd[3177763]: Invalid user 1 from 118.99.112.8 port 49860 Jun 21 06:17:09 www11 sshd[3177761]: Invalid user 1 from 118.99.112.8 port 49857 ... show less	Brute-Force SSH
🇨🇿 lp	2024-06-15 04:50:44 (2 years ago)	SSH Brute force: 78 attempts were recorded from 118.99.112.8 2024-06-15T06:21:53+02:00 Connection cl ... show more SSH Brute force: 78 attempts were recorded from 118.99.112.8 2024-06-15T06:21:53+02:00 Connection closed by authenticating user root 118.99.112.8 port 2540 [preauth] 2024-06-15T06:21:55+02:00 Connection closed by authenticating user root 118.99.112.8 port 2595 [preauth] 2024-06-15T06:21:57+02:00 Connection closed by authenticating user root 118.99.112.8 port 2797 [preauth] 2024-06-15T06:21:59+02:00 Connection closed by authenticating user root 118.99.112.8 port 2837 [preauth] 2024-06-15T06:22:00+02:00 Connection closed by authenticating user root 118.99.112.8 port 2890 [preauth] 2024-06-15T06:22:01+02:00 Connection closed by authenticating user root 118.99.112.8 port 2952 [preauth] 2024-06-15T06:22:02+02:00 Connection closed by authenticating user root 118.99.112.8 port 2990 [preauth] 2024-06-15T06:22:03+02:00 Connection closed by authenticating user root 118.99.112.8 port 3026 [preauth] show less	Brute-Force SSH
🇺🇸 PeravixGroup	2024-06-15 04:08:16 (2 years ago)	2024-06-15T05:08:03.669457 AdbuseHP sshd[753258]: pam_unix(sshd:auth): authentication failure; logna ... show more 2024-06-15T05:08:03.669457 AdbuseHP sshd[753258]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.99.112.8 user=root 2024-06-15T05:08:05.284154 AdbuseHP sshd[753258]: Failed password for root from 118.99.112.8 port 1359 ssh2 ... show less	Brute-Force SSH
🇮🇩 hermawan	2024-05-26 14:15:59 (2 years ago)	[Sun May 26 21:15:56.759760 2024] [security2:error] [pid 900929:tid 134487669212736] [client 118.99. ... show more [Sun May 26 21:15:56.759760 2024] [security2:error] [pid 900929:tid 134487669212736] [client 118.99.112.8:3347] [client 118.99.112.8] ModSecurity: Access denied with code 403 (phase 1). Match of "rx br\|compress\|deflate\|(?:pack200-)?gzip\|\\\\*\|^$\|aes128gcm\|exi\|zstd\|x-(?:compress\|gzip)" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/modsecurity/coreruleset-4.0.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1807"] [id "920525"] [msg "Illegal Accept-Encoding header"] [data "identity request_line = GET /b/bulanan.pdf HTTP/2.0"] [severity "CRITICAL"] [ver "OWASP_CRS/4.0.0-rc2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/3"] [tag "OWASP_CRS"] [tag "capec/1000/255/153"] [tag "PCI/12.1"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/b/bulanan.pdf"] [unique_id "ZlNEHALBbe1BW6jL-T1mcwABVg0"], referer https://www.google.com/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[900943] [ii3zCWzlS ... show less	Hacking Web App Attack
Anonymous	2024-04-20 21:43:32 (2 years ago)	Malicious activity detected	Hacking Web App Attack
Anonymous	2024-04-16 13:29:23 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-03-11 14:32:56 (2 years ago)	(mod_security) mod_security (id:225170) triggered by 118.99.112.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 118.99.112.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 11 10:32:50.518589 2024] [security2:error] [pid 19098] [client 118.99.112.8:55547] [client 118.99.112.8] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.kbalan.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.kbalan.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Ze8WEsMiYi3DTG1myznfBgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Mölkky	2023-10-22 02:59:15 (2 years ago)	Probing	Port Scan

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 172.71.102.140

🇩🇪 213.209.159.235

🇩🇪 165.154.164.21

🇨🇳 101.126.53.14

🇭🇰 101.36.116.204

🇬🇧 94.72.107.16

🇩🇪 46.101.201.146

🇳🇱 45.148.10.152

🇬🇧 35.203.210.7

🇺🇸 8.235.125.164

🇰🇷 211.253.31.143

🇬🇧 185.216.145.164

🇿🇦 105.233.66.167

🇦🇪 91.73.75.175

🇫🇷 85.217.140.9

🇺🇸 66.132.172.123

🇳🇱 51.15.44.6

🇳🇱 45.148.10.200

🇮🇹 31.3.182.133

🇺🇸 165.154.162.57