JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 36.50.92.149

36.50.92.149 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 7%: ?

ISP	PT Data Multimedia Network
Usage Type	Fixed Line ISP
ASN	AS141642
Hostname(s)	host-ip-36-50-92-149.ring.net.id
Domain Name	datamultimedianetwork.id
Country	🇮🇩 Indonesia
City	Banjar, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 36.50.92.149

Whois 36.50.92.149

IP Abuse Reports for 36.50.92.149:

This IP address has been reported a total of 8 times from 4 distinct sources. 36.50.92.149 was first reported on November 9th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VHosting	2026-04-26 08:43:11 (1 month ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
Anonymous	2026-04-14 20:50:18 (1 month ago)	\| [Normal/Unknown] Aggressive IP 36.50.92.149 (~350 hits). Type: DoS Defender- Web server 400 error ... show more \| [Normal/Unknown] Aggressive IP 36.50.92.149 (~350 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
🇮🇹 VHosting	2026-04-10 05:17:27 (1 month ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇩🇪 NoaQT	2026-04-05 22:06:45 (1 month ago)	36.50.92.149 - - [05/Apr/2026:16:32:07 +0200] "GET /web/login HTTP/1.1" 499 0 "https://blog.cloud.uk ... show more 36.50.92.149 - - [05/Apr/2026:16:32:07 +0200] "GET /web/login HTTP/1.1" 499 0 "https://blog.cloud.uk/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 36.50.92.149 - - [05/Apr/2026:16:58:41 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.facebook.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 36.50.92.149 - - [05/Apr/2026:16:58:41 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.facebook.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" ... show less	DDoS Attack
🇩🇪 NoaQT	2026-04-05 15:42:08 (1 month ago)	36.50.92.149 - - [05/Apr/2026:17:39:44 +0200] "GET /web/login HTTP/1.1" 499 0 "https://app.superprim ... show more 36.50.92.149 - - [05/Apr/2026:17:39:44 +0200] "GET /web/login HTTP/1.1" 499 0 "https://app.superprime.org/about" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 36.50.92.149 - - [05/Apr/2026:17:39:48 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.instagram.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 36.50.92.149 - - [05/Apr/2026:17:39:48 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.instagram.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 36.50.92.149 - - [05/Apr/2026:17:41:47 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.google.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 36.50.92.149 - - [05/Apr/2026:17:41:47 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.google.com/" "Mozilla/5.0 (X11; ... show less	DDoS Attack
🇮🇩 hermawan	2026-03-12 01:34:03 (2 months ago)	[Thu Mar 12 08:32:35.052572 2026] [security2:error] [pid 237794:tid 140135948605120] [client 36.50.9 ... show more [Thu Mar 12 08:32:35.052572 2026] [security2:error] [pid 237794:tid 140135948605120] [client 36.50.92.149:42189] ModSecurity: Access denied with code 403 (phase 1). Match of "pm matomo.staklim-malang.info " against "SERVER_NAME" required. [file "/etc/modsecurity/coreruleset-4.24.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "192"] [id "440235"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: ?id= found within SERVER_NAME: staklim-malang.info request_line = GET /index.php/profil/arsip-artikel?id=56&start=60 HTTP/2.0 Request URI RAW = /index.php/profil/arsip-artikel?id=56&start=60 Request Basename = arsip-artikel"] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "abIXs4PEatqUw5Qx_wZAqwABBQI"], referer https://staklim-malang.info/ [staklim-malang.info] [staklim-malang.info] top=[237808] [ljwdusk9dwA] [abIXs4PEatqUw5Qx_wZAqwABBQI] keep_alive=[1] [2026-03-12 0 ... show less	Web App Attack Hacking
🇮🇩 hermawan	2025-12-09 04:26:35 (5 months ago)	[Tue Dec 09 11:26:04.759733 2025] [security2:error] [pid 78523:tid 140516988499648] [client 36.50.92 ... show more [Tue Dec 09 11:26:04.759733 2025] [security2:error] [pid 78523:tid 140516988499648] [client 36.50.92.149:56802] ModSecurity: Access denied with code 403 (phase 1). Match of "pm matomo.staklim-malang.info " against "SERVER_NAME" required. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "188"] [id "440235"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: %3a found within SERVER_NAME: staklim-malang.info request_line = GET /index.php/profil/arsip-artikel?catid=474&id=982%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-3-9-mei-2016&start=140 HTTP/2.0 Request URI RAW = /index.php/profil/arsip-artikel?catid=474&id=982%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-3-9-mei-2016&start=140 Request Basen..."] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "aTek3JIjb9nCd2L ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-11-09 10:03:32 (6 months ago)	[Sun Nov 09 17:02:46.049247 2025] [security2:error] [pid 1144700:tid 140440549353152] [client 36.50. ... show more [Sun Nov 09 17:02:46.049247 2025] [security2:error] [pid 1144700:tid 140440549353152] [client 36.50.92.149:59686] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].?[\\"'`]\|(?:\\\\r?\\\\n)?\\\\z\|[^\\"'`]+)\|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]?from\|(?:alter\|(?:(?:cre\|trunc\|upd)at\|renam)e\|d(?:e(?:lete\|sc)\|rop)\|(?:inser\|selec)t\|load)[\\\\s\\\\x0b]?\\\\([\\\\s\\\\x0b]?space[\\\\s\\\\x0b]?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "1989"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Version/4.0 Chrome/141.0.7390.122 Mobile Safari/537.36 OcIdWebView ({\\x22os\\x22:\\x22Android\\x22, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 15; 25053PC ... show less	Hacking Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇴 200.105.172.184

🇧🇪 198.235.24.219

🇬🇧 178.62.82.141

🇺🇸 91.230.168.48

🇨🇦 69.156.93.145

🇺🇸 195.184.76.1

🇬🇧 193.163.125.123

🇳🇱 164.90.195.107

🇭🇰 150.5.169.176

🇺🇸 148.153.121.223

🇵🇭 103.186.139.149

🇻🇳 103.172.236.15

🇨🇦 85.217.149.60

🇨🇳 60.223.245.120

🇳🇱 45.148.10.200

🇳🇱 45.148.10.157

🇳🇱 45.148.10.152

🇰🇪 41.139.183.135

🇨🇳 175.0.255.188

🇫🇮 147.185.133.35