JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.140.166.113

158.140.166.113 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 87%: ?

87%

ISP	PT. Eka Mas Republik
Usage Type	Fixed Line ISP
ASN	AS63859
Hostname(s)	host-158.140.166-113.myrepublic.co.id
Domain Name	myrepublic.co.id
Country	🇮🇩 Indonesia
City	Semarang, Central Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.140.166.113

Whois 158.140.166.113

IP Abuse Reports for 158.140.166.113:

This IP address has been reported a total of 36 times from 27 distinct sources. 158.140.166.113 was first reported on July 8th 2023, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 el-brujo	2026-06-21 01:41:53 (15 hours ago)	Cloudflare WAF: Request Path: /Smileys/navidad/aplaudir.gif Request Query: Host: forum.elhacker.net ... show more Cloudflare WAF: Request Path: /Smileys/navidad/aplaudir.gif Request Query: Host: forum.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36 Action: managed_challenge Source: firewallCustom ASN Description: PT. Eka Mas Republik Country: ID Method: GET Timestamp: 2026-06-21T01:41:53Z ruleId: 770fb332273f47628e1c012f2ac4e3d3. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-20 22:00:26 (18 hours ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-19. show less	Web App Attack SSH Hacking
🇮🇩 securejdprop	2026-06-20 08:15:22 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-19 21:59:47 (1 day ago)	Auto-ban: >3000 req/min op 2026-06-19	Web App Attack SSH Hacking
🇺🇸 kosada.com	2026-06-19 15:21:41 (2 days ago)	Web vulnerability probing: /.git/HEAD	Web App Attack
🇮🇩 securejdprop	2026-06-19 14:56:25 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/vpatch-git-config. WAF block: crowdsecurit ... show more This IP was detected by CrowdSec triggering crowdsecurity/vpatch-git-config. WAF block: crowdsecurity/vpatch-git-config from 158.140.166.113 (172.18.0.4) show less	Hacking
🇫🇷 Baking333	2026-06-19 14:19:13 (2 days ago)	[redacted] 158.140.166.113 - - [19/Jun/2026:15:19:10 +0100] "GET /.git/HEAD HTTP/1.1" 302 1528 0/387 ... show more [redacted] 158.140.166.113 - - [19/Jun/2026:15:19:10 +0100] "GET /.git/HEAD HTTP/1.1" 302 1528 0/387874 "http://[redacted]/.git/HEAD" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" [redacted] 158.140.166.113 - - [19/Jun/2026:15:19:11 +0100] "GET / HTTP/1.1" 200 7997 0/523738 "https://[redacted]/.git/HEAD" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-06-19 13:06:53 (2 days ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 158.140.166.113 (ID/Indonesia/host- ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 158.140.166.113 (ID/Indonesia/host-158.140.166-113.myrepublic.co.id): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 12:29:39 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 158.140.166.113 (host-158.140.166-113.myrepubli ... show more (mod_security) mod_security (id:210492) triggered by 158.140.166.113 (host-158.140.166-113.myrepublic.co.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 08:29:31.864133 2026] [security2:error] [pid 6791:tid 6791] [client 158.140.166.113:41311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thebradleyclinic.com"] [uri "/.git/HEAD"] [unique_id "ajU2KxkhALjtmwfedloihAAAACM"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Baking333	2026-06-19 12:07:30 (2 days ago)	[redacted] 158.140.166.113 - - [19/Jun/2026:13:03:09 +0100] "GET /.git/HEAD HTTP/1.1" 302 5253 0/128 ... show more [redacted] 158.140.166.113 - - [19/Jun/2026:13:03:09 +0100] "GET /.git/HEAD HTTP/1.1" 302 5253 0/128351 "https://[redacted]/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" [redacted] 158.140.166.113 - - [19/Jun/2026:13:07:26 +0100] "GET /.git/HEAD HTTP/1.1" 302 5303 0/63521 "http://[redacted]/.git/HEAD" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0" show less	Bad Web Bot Web App Attack
🇭🇺 Adorjan Daczo	2026-06-19 11:44:53 (2 days ago)	Probe for vulnerabilities. Path attempted: /.git/HEAD	Web App Attack
🇩🇪 on-com	2026-06-19 11:27:55 (2 days ago)	URL scan	Brute-Force Web App Attack
Anonymous	2026-06-19 11:05:29 (2 days ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=4	Hacking
🇩🇪 Inamin	2026-06-15 04:12:55 (6 days ago)	158.140.166.113 - - [15/Jun/2026:10:42:47 +0800] "GET /index.php?hidebots=1&limit=100&target=%E4%B8% ... show more 158.140.166.113 - - [15/Jun/2026:10:42:47 +0800] "GET /index.php?hidebots=1&limit=100&target=%E4%B8%89%E8%88%B9%E6%A0%9E%E5%AD%90%2F%E9%9D%99%E8%AC%90%E3%81%AA%E7%A9%BA%E6%B0%97%E3%81%AE%E3%81%AA%E3%81%8B%E3%81%A7&title=%E7%89%B9%E6%AE%8A%3A%E5%B7%B2%E9%80%A3%E7%B5%90%E7%9A%84%E6%9C%80%E8%BF%91%E8%AE%8A%E6%9B%B4 HTTP/2.0" 502 157 "-" "Mozilla/5.0 (X11; Linux i686; rv:1.9.7.20) Gecko/5343-04-27 04:04:42.952148 Firefox/11.0" 158.140.166.113 - - [15/Jun/2026:12:12:55 +0800] "GET /index.php?title=%E7%89%B9%E6%AE%8A%3A%E6%BF%AB%E7%94%A8%E6%97%A5%E8%AA%8C&wpSearchTitle=%E6%B5%B7%E3%81%AE%E4%B8%8A%E3%81%AE%E5%A4%A7%E7%86%B1%E6%88%A6%2F%E5%A0%B1%E9%85%AC HTTP/2.0" 504 569 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 5.2; Trident/5.1)" ... show less	Brute-Force
🇺🇸 ALSCO®️	2026-06-12 22:00:14 (1 week ago)	Report By ALSCO Security Team: Unsolicited Connection Attempt	Web App Attack

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.235

🇺🇸 173.44.180.42

🇺🇸 2604:a880:400:d1:0:4:9e97:e001

🇺🇸 2604:a880:400:d1:0:4:9e8d:1001

🇷🇺 178.177.40.170

🇩🇪 167.94.146.52

🇷🇺 147.45.48.17

🇰🇪 102.207.168.62

🇮🇹 93.42.33.238

🇮🇳 45.118.49.18

🇦🇺 211.27.6.90

🇭🇰 199.45.154.176

🇯🇵 152.32.204.21

🇬🇪 146.255.228.189

🇰🇪 102.210.148.41

🇩🇪 94.16.17.139

🇺🇸 34.16.225.84

🇳🇱 2a06:a880:5:67e0::1

🇷🇺 178.177.55.11

🇺🇸 40.124.175.233