JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.140.163.88

158.140.163.88 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 24%: ?

24%

ISP	PT. Eka Mas Republik
Usage Type	Fixed Line ISP
ASN	AS63859
Hostname(s)	host-158.140.163-88.myrepublic.co.id
Domain Name	myrepublic.co.id
Country	🇮🇩 Indonesia
City	Malang, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.140.163.88

Whois 158.140.163.88

IP Abuse Reports for 158.140.163.88:

This IP address has been reported a total of 15 times from 9 distinct sources. 158.140.163.88 was first reported on December 1st 2020, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 drewf.ink	2026-06-15 06:44:29 (1 week ago)	[06:44] Triggered SMB honeypot on port 445. Type: NetBIOS + SMB1. Dialect(s): PC NETWORK PROGRAM 1.0 ... show more [06:44] Triggered SMB honeypot on port 445. Type: NetBIOS + SMB1. Dialect(s): PC NETWORK PROGRAM 1.0, LANMAN1.0, Windows for Workgroups 3.1a, LM1.2X002, LANMAN2.1, NT LM 0.12 show less	Hacking Exploited Host
🇮🇩 hermawan	2026-06-15 05:52:01 (1 week ago)	[Mon Jun 15 12:51:58.494835 2026] [security2:error] [pid 809558:tid 139672723297984] [client 158.140 ... show more [Mon Jun 15 12:51:58.494835 2026] [security2:error] [pid 809558:tid 139672723297984] [client 158.140.163.88:41488] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-klimat-story/555561581-mengenal-fenomena-la-nina-si-pembawa-hujan HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-klimat-story/555561581-mengenal-fenomena-la-nina-si-pembawa-hujan"] [unique_id "ai-S_vqWzS4gdLWa3iO3rwAARRU"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[809631] [JBWvbMQQHEo] [ai-S_vqWzS4gdLWa3iO3rwAARRU] keep_alive=[1] ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-08 05:58:25 (2 weeks ago)	[Mon Jun 08 12:58:20.920549 2026] [security2:error] [pid 751743:tid 140662279231168] [client 158.140 ... show more [Mon Jun 08 12:58:20.920549 2026] [security2:error] [pid 751743:tid 140662279231168] [client 158.140.163.88:33433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "AndroidHttpClient" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "254"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: AndroidHttpClient found within REQUEST_HEADERS:User-Agent: AndroidHttpClient (Linux; U; Android 15; en_US; Infinix X6855; Build/AP3A.240905.015.A2; Cronet/144.0.7500.8) request_line = GET /images/Klimatologi/Infografis/Infografis-Iklim/Klimat_Story/2026/06_Juni_2026/Apa_itu_Bediding-600.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Infografis/Infografis-Iklim/Klimat_Story/2026/06_Juni_2026/Apa_itu_Bediding-600.jpg"] [unique_id "aiZZ_IAwUlwgL_MQT_YHpQAAgwE"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[751745] [W6uasvce ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-02 16:55:20 (2 weeks ago)	[Tue Jun 02 23:55:19.671576 2026] [security2:error] [pid 76557:tid 139947349595840] [client 158.140. ... show more [Tue Jun 02 23:55:19.671576 2026] [security2:error] [pid 76557:tid 139947349595840] [client 158.140.163.88:38516] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "bing" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "254"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: bing found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 16; Pixel 8 Build/BP2A.250805.005; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36 BingSapphire/32.3.430811006 request_line = GET /index.php/analisis-bulanan/4229-tingkat-ketersediaan-air-tanah/tingkat-ketersediaan-air-tanah-di-provinsi-jawa-timur/analisis-bulanan-tingkat-ketersediaan-air-tanah-di-provinsi-jawa-timur-tahun-2024/555560752-analisis-bulanan-tingkat-ketersediaan-air-tanah-bu..."] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/analisis-bulanan/4229-tingkat-kete ... show less	Email Spam Hacking
🇩🇪 SMARTNET	2026-05-27 06:03:53 (3 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 22ada211-5b5c-463a-b46f-60fd11dc639d	DDoS Attack
🇫🇷 Sklurk	2026-05-27 00:37:20 (3 weeks ago)	Web App Attack	Web App Attack
🇮🇩 hermawan	2026-05-21 07:20:30 (1 month ago)	1779347974.008239 158.140.163.88 103.166.156.58 65535_2-4-8-1-3_1420_10 2026-05-21 14:19:34 WIB ...	Email Spam Hacking
Anonymous	2024-08-12 17:29:18 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-08-02 09:06:47 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇨🇦 smick	2024-07-02 10:58:00 (1 year ago)	RDP Brute-force.	Brute-Force
IrisFlower	2021-01-15 10:35:49 (5 years ago)	Unauthorized connection attempt detected from IP address 158.140.163.88 to port 445	Hacking
IrisFlower	2021-01-15 10:01:58 (5 years ago)	Unauthorized connection attempt detected from IP address 158.140.163.88 to port 445	Hacking
IrisFlower	2021-01-15 09:41:53 (5 years ago)	Unauthorized connection attempt detected from IP address 158.140.163.88 to port 445	Hacking
🇩🇪 IP Analyzer	2021-01-06 05:02:29 (5 years ago)	Unauthorized connection attempt from IP address 158.140.163.88 on Port 445(SMB)	Port Scan
🇩🇪 Hiffo	2020-12-01 03:53:44 (5 years ago)	1606812822 - 12/01/2020 09:53:42 Host: 158.140.163.88/158.140.163.88 Port: 445 TCP Blocked	Port Scan

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 137.59.146.223

🇮🇩 103.97.101.25

🇨🇳 101.71.220.62

🇮🇳 45.195.83.7

🇺🇸 45.156.129.164

🇨🇦 216.26.238.201

🇨🇦 216.26.238.105

🇩🇪 209.50.191.213

🇩🇪 209.50.189.159

🇩🇪 209.50.183.150

🇺🇸 198.199.83.232

🇬🇧 193.163.125.189

🇮🇶 185.166.25.150

🇺🇸 137.184.28.183

🇨🇳 111.38.37.210

🇮🇩 103.112.245.85

🇵🇱 45.141.233.195

🇩🇪 45.3.54.172

🇭🇰 43.252.230.112

🇭🇰 43.154.78.242