JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 36.93.192.4

36.93.192.4 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 0%: ?

ISP	PT Telekomunikasi Indonesia
Usage Type	Fixed Line ISP
ASN	AS7713
Domain Name	telkom.co.id
Country	🇮🇩 Indonesia
City	Sidoarjo, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 36.93.192.4

Whois 36.93.192.4

IP Abuse Reports for 36.93.192.4:

This IP address has been reported a total of 30 times from 28 distinct sources. 36.93.192.4 was first reported on March 8th 2023, and the most recent report was 2 years ago.

Old Reports: The most recent abuse report for this IP address is from 2 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 vestibtech	2024-01-09 13:05:11 (2 years ago)	36.93.192.4 - - [09/Jan/2024:06:05:11 -0700] "GET /db/phpMyAdmin3/index.php?lang=en HTTP/1.1" 404 63 ... show more 36.93.192.4 - - [09/Jan/2024:06:05:11 -0700] "GET /db/phpMyAdmin3/index.php?lang=en HTTP/1.1" 404 6384 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36" ... show less	Web App Attack
🇩🇪 ManagedStack	2024-01-09 07:12:59 (2 years ago)	Wordpress Attack	Web App Attack
Anonymous	2023-12-27 10:18:20 (2 years ago)	Dec 27 11:18:18 syscgn kernel: [1195777.246563] [UFW BLOCK] IN=eth0 OUT= MAC=0a:d1:7f:3c:98:09:10:0e ... show more Dec 27 11:18:18 syscgn kernel: [1195777.246563] [UFW BLOCK] IN=eth0 OUT= MAC=0a:d1:7f:3c:98:09:10:0e:7e:26:f1:c0:08:00 SRC=36.93.192.4 DST=185.194.141.106 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=8833 DF PROTO=TCP SPT=58798 DPT=3306 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Hacking
🇨🇦 Largnet SOC	2023-12-26 05:21:54 (2 years ago)	36.93.192.4 triggered Icarus honeypot on port 3306. Check us out on github.	Port Scan Hacking
Anonymous	2023-11-28 21:30:05 (2 years ago)	TCP/80 probe	Port Scan
🇺🇸 . .	2023-11-27 08:00:40 (2 years ago)	Nov 27 17:00:39 [REDACTED] kernel: [9609292.038943] [UFW BLOCK] IN=[REDACTED] OUT= MAC=[REDACTED] SR ... show more Nov 27 17:00:39 [REDACTED] kernel: [9609292.038943] [UFW BLOCK] IN=[REDACTED] OUT= MAC=[REDACTED] SRC=36.93.192.4 DST=[REDACTED] LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=39981 DF PROTO=TCP SPT=59576 DPT=3306 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇬🇧 Andrew	2023-11-25 07:27:23 (2 years ago)	2023-11-25T07:27:21.132819Z 1448 [Note] [MY-010926] [Server] Access denied for user 'username'@'36.9 ... show more 2023-11-25T07:27:21.132819Z 1448 [Note] [MY-010926] [Server] Access denied for user 'username'@'36.93.192.4' (using password: YES) 2023-11-25T07:27:22.178240Z 1449 [Note] [MY-010926] [Server] Access denied for user 'username'@'36.93.192.4' (using password: YES) 2023-11-25T07:27:23.200841Z 1450 [Note] [MY-010926] [Server] Access denied for user 'username'@'36.93.192.4' (using password: YES) ... show less	Hacking Brute-Force
🇩🇪 HoneyPotDu3	2023-10-25 10:51:53 (2 years ago)	36.93.192.4 - - [25/Oct/2023:12:51:21 +0200] "GET /phpmyAdmin/index.php?lang=en HTTP/1.1" 404 181 "- ... show more 36.93.192.4 - - [25/Oct/2023:12:51:21 +0200] "GET /phpmyAdmin/index.php?lang=en HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 ... show less	Bad Web Bot Web App Attack
🇬🇧 blik2108	2023-10-23 08:14:30 (2 years ago)	gw.blacknell.co.uk:80 36.93.192.4 - - [23/Oct/2023:09:14:28 +0100] "GET /phpMyAdmin-5.3.0-all-langua ... show more gw.blacknell.co.uk:80 36.93.192.4 - - [23/Oct/2023:09:14:28 +0100] "GET /phpMyAdmin-5.3.0-all-languages/index.php?lang=en HTTP/1.1" 404 434 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36" gw.blacknell.co.uk:80 36.93.192.4 - - [23/Oct/2023:09:14:28 +0100] "GET /phpMyAdmin-5.3.0/index.php?lang=en HTTP/1.1" 404 434 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36" gw.blacknell.co.uk:80 36.93.192.4 - - [23/Oct/2023:09:14:28 +0100] "GET /phpmyadmin_/index.php?lang=en HTTP/1.1" 404 434 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36" gw.blacknell.co.uk:80 36.93.192.4 - - [23/Oct/2023:09:14:29 +0100] "GET /phpmyadmin5/index.php?lang=en HTTP/1.1" 404 434 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36" gw.blacknell.co.uk:8 ... show less	Brute-Force Web App Attack
🇺🇸 bigscoots.com	2023-10-16 13:29:14 (2 years ago)	(ftpd) Failed FTP login from 36.93.192.4 (ID/Indonesia/-): 3 in the last 3600 secs; Ports: ; Direct ... show more (ftpd) Failed FTP login from 36.93.192.4 (ID/Indonesia/-): 3 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_FTPD; Logs: Oct 16 08:28:54 9266 pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [trash] Oct 16 08:29:00 9266 pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [www] Oct 16 08:29:07 9266 pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [daemon] show less	Brute-Force SSH
🇻🇳 Xuan Can	2023-10-05 00:46:18 (2 years ago)	(mod_security) mod_security (id:1900947723) triggered by 36.93.192.4 (ID/Indonesia/-): 1 in the last ... show more (mod_security) mod_security (id:1900947723) triggered by 36.93.192.4 (ID/Indonesia/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 05 07:46:11.804202 2023] [security2:error] [pid 10857:tid 47176820508416] [client 36.93.192.4:57850] [client 36.93.192.4] ModSecurity: Access denied with code 403 (phase 1). String match "/phpmyadmin" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "61"] [id "1900947723"] [msg "Deny phpMyAdmin"] [hostname "112.213.85.145"] [uri "/phpmyadmin2022/index.php"] [unique_id "ZR4HU3W6Bf1nIiZMg-oWfQAAAFg"] show less	Brute-Force SSH
🇩🇰 Nieman426	2023-09-24 08:35:16 (2 years ago)	Scanning phpadmin/mysql	Web App Attack
🇷🇺 Limtech	2023-09-18 14:08:17 (2 years ago)	Mon, 18 Sep 2023 14:08:17 GMT. ftp(tcp/21) scan from 36.93.192.4	Port Scan
🇨🇳 ThreatBook.io	2023-09-11 01:04:43 (2 years ago)	ThreatBook Intelligence: Exploit more details on http://threatbook.io/ip/36.93.192.4 2023-09-10 09:1 ... show more ThreatBook Intelligence: Exploit more details on http://threatbook.io/ip/36.93.192.4 2023-09-10 09:12:42 /phpMyAdmin4/index.php?lang=en 2023-09-10 09:12:43 /phpMyAdmin-5.1.1/index.php?lang=en 2023-09-10 09:12:42 /1phpmyadmin/index.php?lang=en 2023-09-10 09:12:43 /phpmyadmin2017/index.php?lang=en 2023-09-10 09:12:42 /admin/phpmyadmin/index.php?lang=en 2023-09-10 09:12:43 /administrator/web/index.php?lang=en 2023-09-10 09:12:42 /phpmyadmin2012/index.php?lang=en 2023-09-10 09:12:42 /db/phpmyadmin4/index.php?lang=en 2023-09-10 09:12:42 /phpMyAdmin_/index.php?lang=en 2023-09-10 09:12:42 /shopdb/index.php?lang=en show less	Web App Attack
🇳🇱 Savvii	2023-08-16 20:12:15 (2 years ago)	10 attempts against mh-pma-try-ban on test-dns	Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2602:fb54:1a00::37

🇺🇸 213.169.209.143

🇺🇸 192.129.183.139

🇨🇱 170.82.129.8

🇺🇸 143.244.169.201

🇷🇸 109.206.121.75

🇷🇴 80.94.92.171

🇨🇦 72.55.189.248

🇩🇪 43.157.98.118

🇺🇸 34.162.150.22

🇳🇱 34.12.97.132

🇸🇦 2001:16a4:7f:fda3:35da:97b0:dbc8:a5a6

🇺🇸 209.33.124.173

🇻🇳 113.178.236.173

🇮🇹 87.2.73.14

🇻🇳 14.191.116.96

🇻🇳 14.161.29.62

🇱🇧 213.204.70.147

🇺🇸 172.253.7.82

🇮🇹 158.173.77.46