JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.96.225.177

66.96.225.177 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 0%: ?

ISP	PT. Eka Mas Republik
Usage Type	Fixed Line ISP
ASN	AS63859
Hostname(s)	host-66-96-225-177.myrepublic.co.id
Domain Name	myrepublic.co.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.96.225.177

Whois 66.96.225.177

IP Abuse Reports for 66.96.225.177:

This IP address has been reported a total of 22 times from 11 distinct sources. 66.96.225.177 was first reported on November 9th 2023, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 bigscoots.com	2026-01-14 10:55:43 (5 months ago)	66.96.225.177 (ID/Indonesia/host-66-96-225-177.myrepublic.co.id), 5 distributed sshd attacks on acco ... show more 66.96.225.177 (ID/Indonesia/host-66-96-225-177.myrepublic.co.id), 5 distributed sshd attacks on account [admin] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jan 14 04:53:31 15192 sshd[25283]: Invalid user admin from 66.96.225.163 port 59952 Jan 14 04:53:34 15192 sshd[25283]: Failed password for invalid user admin from 66.96.225.163 port 59952 ssh2 Jan 14 04:55:33 15192 sshd[25475]: Invalid user admin from 66.96.225.105 port 53914 Jan 14 04:54:10 15192 sshd[25359]: Invalid user admin from 66.96.225.177 port 53354 Jan 14 04:54:12 15192 sshd[25359]: Failed password for invalid user admin from 66.96.225.177 port 53354 ssh2 IP Addresses Blocked: 66.96.225.163 (ID/Indonesia/host-66-96-225-163.myrepublic.co.id) 66.96.225.105 (ID/Indonesia/host-66-96-225-105.myrepublic.co.id) show less	Brute-Force SSH
🇮🇩 hermawan	2025-10-29 06:22:47 (7 months ago)	[Wed Oct 29 13:22:01.573821 2025] [security2:error] [pid 983273:tid 140039287731904] [client 66.96.2 ... show more [Wed Oct 29 13:22:01.573821 2025] [security2:error] [pid 983273:tid 140039287731904] [client 66.96.225.177:53812] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "utf-8" at REQUEST_HEADERS:Accept-Charset. [file "/etc/modsecurity/coreruleset-4.19.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "332"] [id "440015"] [msg "Bot Accept-Charset utf-8"] [data "Matched Data: utf-8 found within REQUEST_HEADERS:Accept-Charset: utf-8 request_line = HEAD / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aQGyia5HS4unVCrIJjBaMQAAAEQ"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[983304] [pB6BJoY5aKY] [aQGyia5HS4unVCrIJjBaMQAAAEQ] keep_alive=[0] [2025-10-29 13:22:01.573836] [R:aQGyia5HS4unVCrIJjBaMQAAAEQ] UA:'Mozilla/5.0 (CentOS; Linux i686; rv:134.0) Gecko/20100101 Firefox/134.0' Host:'staklim-jatim.bmkg.go.id' ... show less	Hacking Web App Attack
🇮🇩 sockominfo	2025-10-29 06:20:18 (7 months ago)	[WAZUH] HTTP access to suspicious file extension detected	Hacking Web App Attack
🇺🇸 ipblock.com	2025-10-27 07:46:00 (8 months ago)	IPBlock protected site ID [4055-d][s=06]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2025-10-27 02:00:00 (8 months ago)	IPBlock protected site ID [4055-d][s=03]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇮🇩 penjaga BRIN	2025-07-21 17:09:12 (11 months ago)	-111	Web App Attack
🇮🇩 Burayot	2025-07-21 16:07:24 (11 months ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 66.96.225.177 (ID/Indonesia/host-66- ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 66.96.225.177 (ID/Indonesia/host-66-96-225-177.myrepublic.co.id): 1 in the last 3600 secs show less	Web App Attack
🇮🇩 penjaga BRIN	2025-07-21 11:16:21 (11 months ago)	nginx-alfa-95	Web App Attack
🇮🇹 VHosting	2025-07-21 09:10:49 (11 months ago)	Detected attack by Imunify360	Brute-Force Web App Attack
🇩🇪 Skyrider	2025-07-21 02:59:08 (11 months ago)	66.96.225.177 - - [21/Jul/2025:04:58:10 +0200] "GET /administrator/index.php HTTP/2.0" 404 36 "-" "p ... show more 66.96.225.177 - - [21/Jul/2025:04:58:10 +0200] "GET /administrator/index.php HTTP/2.0" 404 36 "-" "python-requests/2.32.4" 66.96.225.177 - - [21/Jul/2025:04:58:20 +0200] "GET /admin/index.php HTTP/2.0" 404 36 "-" "python-requests/2.32.4" 66.96.225.177 - - [21/Jul/2025:04:58:37 +0200] "GET /wp-includes/js/jquery/jquery.js HTTP/2.0" 404 123 "-" "python-requests/2.32.4" 66.96.225.177 - - [21/Jul/2025:04:58:51 +0200] "GET /wp-admin/setup-config.php?step=1 HTTP/2.0" 404 36 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0" 66.96.225.177 - - [21/Jul/2025:04:59:08 +0200] "GET /blog/wp-admin/setup-config.php?step=1 HTTP/2.0" 404 36 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0" show less	Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2025-07-20 15:05:00 (11 months ago)	IPBlock protected site ID [4055-d][s=06]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇮🇩 penjaga BRIN	2025-07-19 19:22:38 (11 months ago)	apache-alfa-158	Web App Attack
🇮🇹 VHosting	2025-07-18 04:20:48 (11 months ago)	Detected attack by Imunify360	Brute-Force Web App Attack
🇮🇩 penjaga BRIN	2025-07-17 18:14:41 (11 months ago)	apache-alfa-111	Web App Attack
🇮🇩 hermawan	2025-05-16 06:23:25 (1 year ago)	[Fri May 16 13:22:38.936263 2025] [security2:error] [pid 279580:tid 140680619873984] [client 66.96.2 ... show more [Fri May 16 13:22:38.936263 2025] [security2:error] [pid 279580:tid 140680619873984] [client 66.96.225.177:42438] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "myactivity.google.com" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.14.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "439"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: myactivity.google.com found within REQUEST_HEADERS:Referer: https://myactivity.google.com/ request_line = GET /images/Klimatologi/Analisis/04-Analisis-6-Bulanan/musim_hujan/2024-2025/1_Tabel_Normal_Curah_Hujan_Periode_1991-2020_dalam_satuan_milimeter_di_Zona_Musim_Jawa_Timur.webp HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Analisis/04-Analisis-6-Bulanan/musim_hujan/2024-2025/1_Tabel_Normal_Curah_Hujan_Periode_1991-2020_dalam_satuan_milimeter_di_Zona_Musim_Jawa_Timur.webp"] [unique_id "aCbZrluw7e2TS0d_ENn08QABygA"], referer https://myactivity.google.com/ ... show less	Hacking Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 189.217.130.86

🇺🇸 172.234.199.75

🇳🇱 2001:67c:e60:c0c:192:42:116:50

🇳🇱 185.226.197.70

🇨🇳 123.245.85.73

🇩🇪 118.193.59.142

🇺🇸 104.234.53.39

🇺🇸 66.132.172.188

🇭🇰 65.181.88.245

🇸🇬 47.128.112.251

🇭🇰 45.142.154.15

🇨🇳 14.18.122.98

🇩🇴 190.103.180.119

🇨🇴 186.31.95.163

🇩🇪 167.94.146.33

🇺🇸 64.62.156.66

🇦🇺 45.67.96.145

🇺🇸 209.87.169.136

🇬🇧 206.189.19.19

🇨🇳 202.46.62.119