JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.96.225.128

66.96.225.128 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	PT. Eka Mas Republik
Usage Type	Fixed Line ISP
ASN	AS63859
Hostname(s)	host-66-96-225-128.myrepublic.co.id
Domain Name	myrepublic.co.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.96.225.128

Whois 66.96.225.128

IP Abuse Reports for 66.96.225.128:

This IP address has been reported a total of 14 times from 9 distinct sources. 66.96.225.128 was first reported on November 9th 2023, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 sockominfo	2025-10-29 09:02:25 (7 months ago)	[WAZUH] Critical LFI with PHP code injection detected - Basic 2	Hacking Web App Attack
🇺🇸 ipblock.com	2025-10-27 01:45:00 (7 months ago)	IPBlock protected site ID [4055-d][s=01]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇮🇩 titis.blitarkab	2025-10-26 01:11:00 (7 months ago)	gelk-golek ye? kang pulung ye?	Hacking Web App Attack
🇮🇩 penjaga BRIN	2025-06-18 00:02:28 (1 year ago)	apache-alfa-111	Web App Attack
Anonymous	2025-05-23 18:55:03 (1 year ago)	Web Scanning Attack to Multiple Domain	DDoS Attack Ping of Death Web Spam SQL Injection
🇮🇩 penjaga BRIN	2025-05-23 05:15:36 (1 year ago)	apache-alfa-111	Web App Attack
🇮🇩 penjaga BRIN	2025-02-14 02:12:49 (1 year ago)	nginx-alfa-240	Web App Attack
🇮🇩 Ridwan Na'im	2024-12-19 02:00:24 (1 year ago)	Multiple web server 400 error codes from same source ip. - Vulnerability Scanning	Hacking Web App Attack
Anonymous	2024-06-18 13:56:30 (2 years ago)	XSS Attempt	Hacking
🇮🇩 hermawan	2024-03-18 20:52:25 (2 years ago)	[Tue Mar 19 03:15:55.126689 2024] [security2:error] [pid 72430:tid 138854770148928] [client 66.96.22 ... show more [Tue Mar 19 03:15:55.126689 2024] [security2:error] [pid 72430:tid 138854770148928] [client 66.96.225.128:63794] [client 66.96.225.128] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"'`]\\\\s?(?:(?:n(?:and\|ot)\|(?:x?x)?or\|between\|\\\\\|\\\\\|\|and\|div\|&&)\\\\s+[\\\\s\\\\w]+=\\\\s?\\\\w+\\\\s?having\\\\s+\|like(?:\\\\s+[\\\\s\\\\w]+=\\\\s?\\\\w+\\\\s?having\\\\s+\|\\\\W?[\\"'`\\\\d])\|[^?\\\\w\\\\s=.,;)(]++\\\\s?[(@\\"'`]?\\\\s?\\\\w+\\\\W+\\\\w\|\\\\\\\\s*?\\\\w+\\\\W+[\\"'`])\|(?:unio ..." at REQUEST_COOKIES:cfz_google-analytics_v4. [file "/etc/modsecurity/coreruleset-4.0.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2236"] [id "942262"] [msg "Detects basic SQL authentication bypass attempts 2/3"] [data "Matched Data: \\x22:{\\x22value\\x22:\\x220 found within REQUEST_COOKIES:cfz_google-analytics_v4: {\\x220bd2_engagementDuration\\x22:{\\x22value\\x22:\\x220\\x22,\\x22expires\\x22:1742328951273},\\x220bd2_engagementStart\\x22:{\\x22value\\x22:\ ... show less	Hacking Web App Attack
🇮🇩 hermawan	2024-03-05 02:13:36 (2 years ago)	[Tue Mar 05 09:13:34.247433 2024] [security2:error] [pid 146897:tid 124667538966080] [client 66.96.2 ... show more [Tue Mar 05 09:13:34.247433 2024] [security2:error] [pid 146897:tid 124667538966080] [client 66.96.225.128:50464] [client 66.96.225.128] ModSecurity: Access denied with code 403 (phase 2). Pattern match "." at ARGS_NAMES:hl. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "664"] [id "921170"] [data "Matched Data: h found within ARGS_NAMES:hl: hl request_line = GET /images/Klimatologi/Analisis/03-Analisis_Bulanan/Analisis_Distibusi_Sifat_Hujan_Bulanan/Analisis_Distibusi_Sifat_Hujan_Bulanan_Provinsi_Jawa_Timur/2018/09_September_2018/Analisis_Distribusi_Sifat_Hujan_Bulan_September_Tahun_2018_di_Provinsi_Jawa_Timur.jpg?hl=en_US HTTP/2.0"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "capec/1000/152/137/15/460"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Analisis/03-Analisis_Bulanan/Analisis_Distibusi_Sifat_Hujan_Bulanan/Analisis_Dis ... show less	Hacking Web App Attack
🇮🇩 hermawan	2024-01-08 07:15:39 (2 years ago)	[Mon Jan 08 14:15:34.007475 2024] [security2:error] [pid 870680:tid 140080923272768] [client 66.96.2 ... show more [Mon Jan 08 14:15:34.007475 2024] [security2:error] [pid 870680:tid 140080923272768] [client 66.96.225.128:51524] [client 66.96.225.128] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<(?:a\|abbr\|acronym\|address\|applet\|area\|audioscope\|b\|base\|basefront\|bdo\|bgsound\|big\|blackface\|blink\|blockquote\|body\|bq\|br\|button\|caption\|center\|cite\|code\|col\|colgroup\|comment\|dd\|del\|dfn\|dir\|div\|dl\|dt\|em\|embed\|fieldset\|fn\|font\|form\|frame\|frameset\|h1\|head ..." at REQUEST_FILENAME. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf"] [line "1625"] [id "941321"] [msg "Possible XSS Attack Detected - HTML Tag Handler"] [data "Matched Data: <link found within REQUEST_FILENAME: /index.php/profil/meteorologi/list-of-all-tags/<link rel= request_line = GET /index.php/profil/meteorologi/list-of-all-tags/%3Clink%20rel= HTTP/2.0"] [severity "CRITICAL"] [ver "OWASP_CRS/4.0.0-rc2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack ... show less	Hacking Web App Attack
🇮🇩 hermawan	2023-12-25 23:48:01 (2 years ago)	[Tue Dec 26 06:47:57.884123 2023] [security2:error] [pid 342037:tid 140235757307456] [client 66.96.2 ... show more [Tue Dec 26 06:47:57.884123 2023] [security2:error] [pid 342037:tid 140235757307456] [client 66.96.225.128:11829] [client 66.96.225.128] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_FILENAME. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "182"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /sftp-config.json found within REQUEST_FILENAME: /sftp-config.json request_line = GET /sftp-config.json HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/sftp-config.json"] [unique_id "ZYoUrT3jY_ed9p08JouRswAAAQU"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[342185] [DfgJMh610w4] [ZYoUrT3jY_ed9p08JouRswAAAQU] keep_alive=[0] [2 ... show less	Hacking Web App Attack
🇮🇩 Burayot	2023-11-09 08:24:00 (2 years ago)	LF_POP3D: (pop3d) Failed POP3 login from 66.96.225.128 (ID/Indonesia/host-66-96-225-128.myrepublic.c ... show more LF_POP3D: (pop3d) Failed POP3 login from 66.96.225.128 (ID/Indonesia/host-66-96-225-128.myrepublic.co.id): 2 in the last 3600 secs show less	Brute-Force

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 218.51.148.194

🇸🇬 213.35.107.21

🇺🇸 68.183.120.40

🇨🇭 185.125.27.44

🇷🇺 185.44.11.191

🇵🇱 172.253.255.61

🇩🇪 104.248.253.201

🇺🇸 100.29.192.98

🇬🇧 92.27.101.99

🇮🇷 78.39.48.166

🇺🇸 66.132.195.25

🇲🇾 47.250.132.207

🇳🇱 34.178.59.223

🇺🇸 216.25.89.137

🇺🇦 212.111.193.14

🇺🇸 198.74.59.236

🇬🇧 185.247.137.91

🇬🇪 185.81.94.58

🇧🇷 179.255.244.206

🇮🇩 43.249.140.69