JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.140.171.60

158.140.171.60 was found in our database!

This IP was reported 58 times. Confidence of Abuse is 30%: ?

30%

ISP	PT. Eka Mas Republik
Usage Type	Fixed Line ISP
ASN	AS63859
Hostname(s)	host-158.140.171-60.myrepublic.co.id
Domain Name	myrepublic.co.id
Country	🇮🇩 Indonesia
City	Surabaya, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.140.171.60

Whois 158.140.171.60

IP Abuse Reports for 158.140.171.60:

This IP address has been reported a total of 58 times from 20 distinct sources. 158.140.171.60 was first reported on January 31st 2021, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 Threat.live	2026-06-07 17:10:04 (5 days ago)	Suspicious Connection Attempts	Brute-Force
🇩🇪 Hazzard	2026-06-06 23:08:55 (6 days ago)	158.140.171.60 (ID/Indonesia/East Java/Surabaya/host-158.140.171-60.myrepublic.co.id/[redacted]	Brute-Force
🇸🇰 GOVCERT	2026-06-05 15:55:39 (1 week ago)	SMB Port Scan	Port Scan
🇸🇬 mypatricks	2026-05-25 21:05:48 (2 weeks ago)	158.140.171.60 \| Port: 11861 \| DNS: host-158.140.171-60.myrepublic.co.id 2026-05-26T05:05:48+08:00 A ... show more 158.140.171.60 \| Port: 11861 \| DNS: host-158.140.171-60.myrepublic.co.id 2026-05-26T05:05:48+08:00 Asia/Jakarta \| HOST Data Center/Web Hosting/Transit Spam list \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 HTTP/1.1 443 GET \| URL: /zh/page/2?acedbd8ff9ec9cbec9d=218&1775165387 \| Ref: - \| Country: ID/Indonesia/+07:00 IP City: Surabaya macOS a01780117c8aced2-CGK/Jakarta, Indonesia 1 hits/0 secs Browser 2 show less	Brute-Force Web App Attack Blog Spam Web Spam Exploited Host
Anonymous	2026-04-28 15:33:42 (1 month ago)	2026-04-28 11:33:30 184465845 [Warning] Access denied for user 'root'@'158.140.171.60' (using passwo ... show more 2026-04-28 11:33:30 184465845 [Warning] Access denied for user 'root'@'158.140.171.60' (using password: NO) 2026-04-28 11:33:31 184465884 [Warning] Access denied for user 'root'@'158.140.171.60' (using password: YES) 2026-04-28 11:33:41 184466282 [Warning] Access denied for user 'root'@'158.140.171.60' (using password: YES) ... show less	Brute-Force
🇸🇬 securejdprop	2026-04-07 18:57:26 (2 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(🐾 - 🚨 Network 🕵 sc ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(🐾 - 🚨 Network 🕵 scan 🎩 Nuclei 👨‍💻). Ip 158.140.171.60 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-04-07 18:57:23.660366468 +0000 UTC show less	Hacking Web App Attack
🇺🇸 kosada.com	2026-03-18 09:14:20 (2 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
Anonymous	2026-02-21 15:15:09 (3 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
Anonymous	2025-11-17 13:38:06 (6 months ago)	scanning http requests from known botnet	Web App Attack
🇮🇩 hermawan	2025-10-26 03:51:51 (7 months ago)	[Sun Oct 26 10:43:38.802605 2025] [security2:error] [pid 227572:tid 140451381241536] [client 158.140 ... show more [Sun Oct 26 10:43:38.802605 2025] [security2:error] [pid 227572:tid 140451381241536] [client 158.140.171.60:37003] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].?[\\"'`]\|(?:\\\\r?\\\\n)?\\\\z\|[^\\"'`]+)\|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]?from\|(?:alter\|(?:(?:cre\|trunc\|upd)at\|renam)e\|d(?:e(?:lete\|sc)\|rop)\|(?:inser\|selec)t\|load)[\\\\s\\\\x0b]?\\\\([\\\\s\\\\x0b]?space[\\\\s\\\\x0b]?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2129"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Version/4.0 Chrome/141.0.7390.97 Mobile Safari/537.36 OcIdWebView ({\\x22os\\x22:\\x22Android\\x22, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 11; vivo 19 ... show less	Hacking Web App Attack
Anonymous	2025-10-14 08:36:33 (7 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇩🇪 Packets-Decreaser.NET	2025-10-08 09:09:15 (8 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇫🇷 ericshim.me	2025-09-29 23:30:41 (8 months ago)	Dionaea honeypot SMB access at 2025-09-29T07:28:23.925909	Brute-Force
Anonymous	2025-08-06 08:02:36 (10 months ago)	Web attack	Bad Web Bot Web App Attack

Showing 1 to 15 of 58 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 179.43.163.26

🇭🇰 107.150.119.80

🇳🇬 102.88.137.145

🇺🇸 45.156.129.125

🇮🇹 37.182.177.100

🇷🇴 193.32.162.13

🇺🇸 192.169.213.186

🇩🇪 158.94.208.36

🇬🇭 102.223.92.101

🇦🇴 102.213.34.99

🇿🇦 102.37.156.238

🇯🇵 101.36.105.94

🇫🇷 82.64.38.234

🇷🇴 80.94.92.187

🇳🇱 45.137.215.217

🇨🇳 219.151.190.165

🇸🇬 172.71.124.124

🇺🇸 162.216.149.156

🇸🇪 138.124.71.25

🇰🇪 102.210.148.92