JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.140.185.58

158.140.185.58 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 4%: ?

ISP	PT. Eka Mas Republik
Usage Type	Fixed Line ISP
ASN	AS63859
Hostname(s)	host-158.140.185-58.myrepublic.co.id
Domain Name	myrepublic.co.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.140.185.58

Whois 158.140.185.58

IP Abuse Reports for 158.140.185.58:

This IP address has been reported a total of 32 times from 22 distinct sources. 158.140.185.58 was first reported on November 23rd 2023, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-08 12:31:53 (2 hours ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇬🇧 PeravixGroup	2026-05-12 11:34:38 (3 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇧🇬 lukanet	2026-01-06 01:03:34 (5 months ago)	Invalid user admin from 158.140.185.58 port 42008	Brute-Force SSH
🇨🇳 ThreatBook.io	2025-12-27 00:43:59 (5 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/158.140.185.58	Brute-Force
🇪🇸 el-brujo	2025-12-25 03:02:54 (5 months ago)	12/25/2025-04:02:54.088047 158.140.185.58 Protocol: 6 ET SCAN Potential SSH Scan	Port Scan
🇺🇸 TPI-Abuse	2025-10-27 18:23:47 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 158.140.185.58 (host-158.140.185-58.myrepublic. ... show more (mod_security) mod_security (id:225170) triggered by 158.140.185.58 (host-158.140.185-58.myrepublic.co.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 27 14:23:42.659324 2025] [security2:error] [pid 8540:tid 8540] [client 158.140.185.58:51343] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dvdmasters.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dvdmasters.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aP-4rnIgo66ACq3eqMADhgAAAAg"], referer: https://dvdmasters.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-10-11 10:26:40 (7 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇳🇱 antikirra	2025-09-11 23:06:19 (8 months ago)	Proxy Port Scanning	Port Scan
🇺🇸 TPI-Abuse	2025-08-05 16:11:06 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 158.140.185.58 (host-158.140.185-58.myrepublic. ... show more (mod_security) mod_security (id:225170) triggered by 158.140.185.58 (host-158.140.185-58.myrepublic.co.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 12:11:01.088426 2025] [security2:error] [pid 21589:tid 21589] [client 158.140.185.58:55420] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|passy.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "passy.us"] [uri "/wp-json/wp/v2/users/"] [unique_id "aJItFaZiahZOuaqFAJqxDAAAAAM"], referer: https://passy.us/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-07-18 13:18:54 (10 months ago)	Ports: 25,2525,465,587,2525; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-07-15 13:26:39 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 158.140.185.58 (host-158.140.185-58.myrepublic. ... show more (mod_security) mod_security (id:225170) triggered by 158.140.185.58 (host-158.140.185-58.myrepublic.co.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 15 09:26:32.916550 2025] [security2:error] [pid 30193:tid 30193] [client 158.140.185.58:52851] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|firstunitedreserve.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "firstunitedreserve.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aHZXCKNVPBHAKRo9_PjUAgAAAAI"], referer: https://firstunitedreserve.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Tripwire	2025-06-07 18:08:19 (1 year ago)	Wordpress login attempts	Brute-Force Web App Attack
Anonymous	2025-05-29 21:11:19 (1 year ago)	Spam in form	Email Spam
🇲🇾 syokadmin	2025-04-23 18:18:59 (1 year ago)	158.140.185.58 (ID/Indonesia/host-158.140.185-58.myrepublic.co.id), 8 distributed SMTP Logins on acc ... show more 158.140.185.58 (ID/Indonesia/host-158.140.185-58.myrepublic.co.id), 8 distributed SMTP Logins on account [[email protected]] in the last 300 secs show less	Brute-Force
Anonymous	2025-04-12 00:16:20 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4001:c2e::128

🇺🇸 135.119.16.173

🇨🇳 112.83.254.115

🇨🇳 106.14.183.112

🇮🇳 103.91.246.73

🇬🇧 93.119.124.38

🇺🇿 213.230.126.162

🇺🇸 108.188.144.209

🇵🇰 103.117.162.67

🇷🇺 94.243.15.80

🇮🇷 91.251.42.33

🇩🇪 64.89.163.50

🇳🇱 45.148.10.183

🇮🇩 36.95.194.54

🇺🇸 34.68.151.150

🇹🇼 198.235.24.125

🇺🇸 192.227.229.70

🇫🇮 178.20.210.208

🇺🇸 173.255.230.103

🇮🇳 122.165.124.15