JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.140.171.47

158.140.171.47 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 62%: ?

62%

ISP	PT. Eka Mas Republik
Usage Type	Fixed Line ISP
ASN	AS63859
Hostname(s)	host-158.140.171-47.myrepublic.co.id
Domain Name	myrepublic.co.id
Country	🇮🇩 Indonesia
City	Surabaya, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.140.171.47

Whois 158.140.171.47

IP Abuse Reports for 158.140.171.47:

This IP address has been reported a total of 27 times from 23 distinct sources. 158.140.171.47 was first reported on January 25th 2023, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-18 12:31:35 (1 day ago)	[Thu Jun 18 19:31:34.877705 2026] [security2:error] [pid 459416:tid 140711254025920] [client 158.140 ... show more [Thu Jun 18 19:31:34.877705 2026] [security2:error] [pid 459416:tid 140711254025920] [client 158.140.171.47:13800] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:^\|b[\\"'\\\\)\\\\[\\\\x5c](?:(?:(?:\\\\\|\\\\\|\|&&)[\\\\s\\\\x0b])?\\\\$[!#\\\$\\\\\\\\-0-9\\\\?@_a-\\\\{])?\\\\x5c?u[\\"'\\\$\\\\[\\\\x5c](?:(?:(?:\\\\\|\\\\\|\|&&)[\\\\s\\\\x0b])?\\\\$[!#\\\$\\\\\\\\-0-9\\\\?@_a-\\\\{])?\\\\x5c?s[\\"'\\\$\\\\[\\\\x5c](?:(?:(?:\\\\\|\\\\\|\|&&)[\\\\s\\\\x0b])?\\\\$[!#\\\\(\\\\*\\\\-0- ..." at ARGS_NAMES:id. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "3256"] [id "932350"] [msg "Remote Command Execution: Direct Unix Command Execution (No Arguments)"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: id found within ARGS_NAMES:id: id request_line = GET /index.php/component/search/?Itemid=1309&catid=113&id=555561510&format=opensearch HTTP/2.0 Reques ... show less	Email Spam Hacking
🇺🇸 WeekendWeb	2026-06-17 13:33:56 (2 days ago)	Wordpress Vunerability attack	Web App Attack
Anonymous	2026-06-17 13:32:51 (2 days ago)	158.140.171.47 - - [17/Jun/2026:15:32:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 624 "-" "Jetpack by ... show more 158.140.171.47 - - [17/Jun/2026:15:32:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 624 "-" "Jetpack by WordPress.com" 158.140.171.47 - - [17/Jun/2026:15:32:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 624 "-" "WordPress.com; https://wordpress.com" 158.140.171.47 - - [17/Jun/2026:15:32:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 624 "-" "Jetpack by WordPress.com" 158.140.171.47 - - [17/Jun/2026:15:32:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 624 "-" "Jetpack/12.0; WordPress/6.2; http://site62804304.com" 158.140.171.47 - - [17/Jun/2026:15:32:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 624 "-" "WordPress.com; https://wordpress.com" ... show less	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-17 12:52:23 (2 days ago)	(xmlrpc) Apache: Failed xmlrpc access from 158.140.171.47 (ID/Indonesia/host-158.140.171-47.myrepubl ... show more (xmlrpc) Apache: Failed xmlrpc access from 158.140.171.47 (ID/Indonesia/host-158.140.171-47.myrepublic.co.id): 10 in the last 3600 secs (0-201) show less	Hacking
🇨🇦 Dunham Support	2026-06-16 07:44:34 (3 days ago)	(wordpress) Failed wordpress login from 158.140.171.47 (ID/Indonesia/host-158.140.171-47.myrepublic. ... show more (wordpress) Failed wordpress login from 158.140.171.47 (ID/Indonesia/host-158.140.171-47.myrepublic.co.id) show less	Brute-Force
🇫🇷 dynamix	2026-06-16 07:43:27 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇲🇾 Rizzy	2026-06-09 18:57:46 (1 week ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-07 12:05:09 (1 week ago)	Blocked by CSF 13 firewall - Rule: mysaslmatch ID/Indonesia/host-158.140.171-47.myrepublic.co.id	Web App Attack
🇱🇻 garmtech.com	2026-06-02 12:19:01 (2 weeks ago)	IM360 WAF: Rate limit exceeded for XMLRPC DoS	Web App Attack
Anonymous	2026-06-01 11:05:53 (2 weeks ago)	[redacted] 158.140.171.47 - - [01/Jun/2026:13:05:08 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 158.140.171.47 - - [01/Jun/2026:13:05:08 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 158.140.171.47 - - [01/Jun/2026:13:05:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" [redacted] 158.140.171.47 - - [01/Jun/2026:13:05:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" [redacted] 158.140.171.47 - - [01/Jun/2026:13:05:40 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)" [redacted] 158.140.171.47 - - [01/Jun/2026:13:05:51 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack
🇩🇪 HandyTreff.de	2026-05-17 17:10:56 (1 month ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -43.105 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -43.105 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 show less	Web App Attack Bad Web Bot
🇩🇪 Phenix Info	2026-05-14 04:47:00 (1 month ago)	SmallGuard.fr/Prestashop Massive 403	Web App Attack
🇨🇳 ThreatBook.io	2026-05-12 00:39:21 (1 month ago)	ThreatBook Intelligence: Zombie,Mobile more details on https://threatbook.io/ip/158.140.171.47	SSH
🇫🇷 security.rdmc.fr	2026-04-24 03:04:14 (1 month ago)	Port Scan Attack proto:TCP src:48681 dst:3306	Port Scan
Anonymous	2026-04-24 02:39:02 (1 month ago)	Port-Scan	Port Scan

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇦 213.111.150.241

🇺🇸 172.190.89.127

🇩🇪 134.122.93.100

🇳🇱 91.92.40.217

🇮🇶 65.20.141.202

🇺🇸 43.162.112.238

🇵🇰 39.60.246.209

🇨🇳 36.133.208.182

🇺🇸 34.231.156.59

🇮🇷 31.7.66.163

🇬🇧 195.96.139.219

🇩🇪 194.187.176.165

🇺🇿 170.168.6.72

🇺🇸 162.216.150.217

🇺🇸 157.245.114.249

🇺🇸 142.251.156.1

🇸🇬 138.2.99.225

🇨🇳 117.72.10.130

🇷🇺 85.30.212.24

🇱🇹 45.227.254.170