This IP address has been reported a total of
45
times from
30 distinct
sources.
149.102.233.162 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ...
show moreHoneypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud
show less
(wordpress) Failed wordpress login from 149.102.233.162 (BR/Brazil/unn-149-102-233-162.datapacket.co ...
show more(wordpress) Failed wordpress login from 149.102.233.162 (BR/Brazil/unn-149-102-233-162.datapacket.com): (CF_ENABLE)
show less
http-probing - IP: 149.102.233.162 - time="2026-04-30T12:56:23+02:00" level=info msg="(555f66b4f6a7 ...
show morehttp-probing - IP: 149.102.233.162 - time="2026-04-30T12:56:23+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 149.102.233.162 (BR/212238) : 4h ban on Ip 149.102.233.162" module=db
show less
Bot / scanning and/or hacking attempts: GET //?author=1 HTTP/1.1, POST //xmlrpc.php HTTP/1.1, GET / ...
show moreBot / scanning and/or hacking attempts: GET //?author=1 HTTP/1.1, POST //xmlrpc.php HTTP/1.1, GET / HTTP/1.1, GET //?author=2 HTTP/1.1, GET //?author=3 HTTP/1.1, GET //xmlrpc.php?rsd HTTP/1.1, GET //wp-includes/wlwmanifest.xml HTTP/1.1, GET //wp-json/wp/v2/users/ HTTP/1.1
show less
[ThuApr3011:57:23.8435262026][security2:error][pid1908795:tid1909033][client149.102.233.162:0]ModSec ...
show more[ThuApr3011:57:23.8435262026][security2:error][pid1908795:tid1909033][client149.102.233.162:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"edomustech.ch\"][uri\"/xmlrpc.php\"][unique_id\"afMng98f79S79PWGVvBreAAAAMo\"]
show less
Triggered crowdsecurity/http-probing. More information at: https://app.crowdsec.net/cti/149.102.233. ...
show moreTriggered crowdsecurity/http-probing. More information at: https://app.crowdsec.net/cti/149.102.233.162
show less
http-probing - IP: 149.102.233.162 - time="2026-03-25T21:02:48+01:00" level=info msg="(555f66b4f6a7 ...
show morehttp-probing - IP: 149.102.233.162 - time="2026-03-25T21:02:48+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 149.102.233.162 (BR/212238) : 4h ban on Ip 149.102.233.162" module=db
show less