JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.140.166.115

158.140.166.115 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 10%: ?

10%

ISP	PT. Eka Mas Republik
Usage Type	Fixed Line ISP
ASN	AS63859
Hostname(s)	host-158.140.166-115.myrepublic.co.id
Domain Name	myrepublic.co.id
Country	🇮🇩 Indonesia
City	Semarang, Central Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.140.166.115

Whois 158.140.166.115

IP Abuse Reports for 158.140.166.115:

This IP address has been reported a total of 16 times from 13 distinct sources. 158.140.166.115 was first reported on June 11th 2021, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-09 01:17:04 (1 week ago)	[Tue Jun 09 08:16:54.683543 2026] [security2:error] [pid 70286:tid 140244280133312] [client 158.140. ... show more [Tue Jun 09 08:16:54.683543 2026] [security2:error] [pid 70286:tid 140244280133312] [client 158.140.166.115:13651] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yandex.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yandex.go.id found within REQUEST_HEADERS:Referer: https://www.yandex.go.id/ request_line = GET /index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur"] [unique_id "aidphPzAZ_aNUXF4cl_nBgAACRs"], referer https://www.yandex.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[70484] [6e/S4QcOx7o] [aidphPzAZ_aNUXF4cl_nBgAACRs] keep_alive=[1] [2026-06-09 08:16:54.683552] [R:aidphPzAZ_aNUXF4cl_nBgAACRs] UA:'Mozilla/5.0 (Linux; Android 6.0. ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-01 05:55:03 (2 weeks ago)	[Mon Jun 01 12:54:56.397326 2026] [authz_core:error] [pid 1666425:tid 140573464827584] [client 158.1 ... show more [Mon Jun 01 12:54:56.397326 2026] [authz_core:error] [pid 1666425:tid 140573464827584] [client 158.140.166.115:51499] AH01630: client denied by server configuration: /var/matomo/gemini-jscompress-dev_13-05-2026_matomo_5_10_0.js, referer https://matomo.staklim-malang.info/ [matomo.staklim-malang.info] [matomo.staklim-malang.info] top=[1666439] [61xz1eosFe4] [ah0er8UjV_Oee8LlnklTDwABlAU] keep_alive=[1] [2026-06-01 12:54:56.397343] [R:ah0er8UjV_Oee8LlnklTDwABlAU] UA:'Mozilla/5.0 (iPhone; CPU iPhone OS 15_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15_6 Mobile/15E148 Safari/604.1' Host:'matomo.staklim-malang.info:443' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8' Referer:'https://matomo.staklim-malang.info/ Accept-Encoding:'gzip, deflate, br Accept-Language:'en-US,en;q=0.8 ... show less	Email Spam Hacking
🇨🇭 backslash	2026-04-27 06:33:49 (1 month ago)		DDoS Attack
🇫🇷 security.rdmc.fr	2026-04-08 06:51:09 (2 months ago)	Port Scan Attack proto:TCP src:60072 dst:3306	Port Scan
🇳🇵 radheykrishna.com.np	2026-04-06 08:41:38 (2 months ago)	Apr 6 14:26:37 kernel: [624648.686148] [UFW BLOCK] IN=ens160 OUT= SRC=158.140.166.115 LEN=52 TOS=0x ... show more Apr 6 14:26:37 kernel: [624648.686148] [UFW BLOCK] IN=ens160 OUT= SRC=158.140.166.115 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=23823 DF PROTO=TCP SPT=56174 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇳🇱 maxxsense	2026-03-28 10:36:58 (2 months ago)	158.140.166.115 (ID/Indonesia/host-158.140.166-115.myrepublic.co.id), 12 distributed imapd attacks o ... show more 158.140.166.115 (ID/Indonesia/host-158.140.166-115.myrepublic.co.id), 12 distributed imapd attacks on account [redacted] show less	Brute-Force
🇷🇺 DZBOT	2026-03-15 12:13:47 (3 months ago)	SMTP. NO LOGIN / auth failed	Port Scan Brute-Force
🇫🇷 tr1n	2025-08-06 03:28:31 (10 months ago)	Blocked by UFW on tr1n.services (fr1) [1433/tcp] Source port: 19125 TTL: 100 Packet length: 52 TOS: ... show more Blocked by UFW on tr1n.services (fr1) [1433/tcp] Source port: 19125 TTL: 100 Packet length: 52 TOS: 0x08 show less	Port Scan
Anonymous	2024-12-14 22:08:32 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇨🇦 smick	2024-09-26 11:43:03 (1 year ago)	RDP Brute-force.	Brute-Force
🇨🇦 smick	2024-08-31 01:59:59 (1 year ago)	RDP Brute-force.	Brute-Force
Anonymous	2024-05-12 06:07:22 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-04-29 04:17:10 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 VSM Networks	2021-06-12 18:33:17 (5 years ago)	Credential Stuffing	Brute-Force
🇩🇪 ManagedStack	2021-06-12 02:10:11 (5 years ago)	Unauthorized path/IP Access (full log not revealed as it contains sensitive data)	Hacking Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.64

🇹🇼 198.235.24.120

🇭🇰 43.161.234.148

🇨🇳 223.167.206.119

🇺🇸 198.98.56.227

🇨🇳 124.152.53.142

🇮🇳 122.168.127.153

🇮🇳 52.172.177.191

🇸🇬 47.79.201.58

🇸🇬 45.78.235.96

🇰🇷 218.149.228.155

🇩🇪 178.105.86.29

🇲🇽 148.222.152.94

🇺🇸 71.6.134.230

🇸🇬 47.79.200.141

🇷🇺 31.173.31.59

🇺🇸 3.20.225.198

🇺🇸 207.90.244.19

🇪🇬 197.199.224.52

🇸🇪 176.125.241.194