JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 169.150.1.36

169.150.1.36 was found in our database!

This IP was reported 45 times. Confidence of Abuse is 100%: ?

100%

ISP	MAGAZINE LUIZA S/A
Usage Type	Data Center/Web Hosting/Transit
ASN	AS272432
Hostname(s)	169-150-1-36.br-se-1.user-content.mgc-public.net
Domain Name	magazineluiza.com.br
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 169.150.1.36

Whois 169.150.1.36

IP Abuse Reports for 169.150.1.36:

This IP address has been reported a total of 45 times from 30 distinct sources. 169.150.1.36 was first reported on June 1st 2026, and the most recent report was 27 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 11:49:04 (27 minutes ago)	(mod_security) mod_security (id:225170) triggered by 169.150.1.36 (169-150-1-36.br-se-1.user-content ... show more (mod_security) mod_security (id:225170) triggered by 169.150.1.36 (169-150-1-36.br-se-1.user-content.mgc-public.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 07:48:56.862794 2026] [security2:error] [pid 31683:tid 31683] [client 169.150.1.36:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|upskirtcrazy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "upskirtcrazy.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiFmKHIZv7dPiIwvwnDenwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ambor	2026-06-04 11:16:30 (1 hour ago)	L0ss Honeypot: WordPress login access attempt. Path: /wp-login.php	Brute-Force Web App Attack
🇺🇸 nyt	2026-06-04 11:11:07 (1 hour ago)	Repeated WordPress login POSTs blocked by WAF (3 in 6h)	Brute-Force Web App Attack
🇬🇧 spamverify.com	2026-06-04 09:02:56 (3 hours ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-06-04 05:02:55 (7 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (5000900-122)	Web App Attack
Anonymous	2026-06-04 02:50:04 (9 hours ago)	Web App Attack, Hacking	Hacking Web App Attack
🇫🇷 masterguru	2026-06-04 02:09:23 (10 hours ago)	(modsec_5040) ModSec 5040: API Basic Auth blocked from 169.150.1.36 (BR/Brazil/169-150-1-36.br-se-1. ... show more (modsec_5040) ModSec 5040: API Basic Auth blocked from 169.150.1.36 (BR/Brazil/169-150-1-36.br-se-1.user-content.mgc-public.net): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 Victor López	2026-06-04 01:54:10 (10 hours ago)	reparaya.com.co 169.150.1.36 - - [03/Jun/2026:20:49:51 -0500] "GET /wp-login.php HTTP/2.0" 200 2993 ... show more reparaya.com.co 169.150.1.36 - - [03/Jun/2026:20:49:51 -0500] "GET /wp-login.php HTTP/2.0" 200 2993 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" reparaya.com.co 169.150.1.36 - - [03/Jun/2026:20:49:52 -0500] "POST /wp-login.php HTTP/2.0" 200 3171 "https://reparaya.com.co/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" valquintero.com.co 169.150.1.36 - - [03/Jun/2026:20:54:09 -0500] "POST /xmlrpc.php HTTP/1.1" 200 249 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Hacking Web App Attack
🇦🇺 QT	2026-06-04 01:53:02 (10 hours ago)	Unauthorised WordPress admin login attempted at 2026-06-04 11:52:53 +1000	Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 01:34:22 (10 hours ago)	(mod_security) mod_security (id:225170) triggered by 169.150.1.36 (169-150-1-36.br-se-1.user-content ... show more (mod_security) mod_security (id:225170) triggered by 169.150.1.36 (169-150-1-36.br-se-1.user-content.mgc-public.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 21:34:16.082370 2026] [security2:error] [pid 2193:tid 2193] [client 169.150.1.36:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|avaliantlife.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "avaliantlife.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiDWGNNY5KDrMY96aCYNOwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 QT	2026-06-04 01:25:47 (10 hours ago)	Unauthorised WordPress admin login attempted at 2026-06-04 11:25:45 +1000	Web App Attack
🇺🇸 nationaleventpros.com	2026-06-04 01:19:58 (10 hours ago)	WordPress login attempt	Brute-Force
🇬🇧 spamverify.com	2026-06-04 00:42:39 (11 hours ago)	Honeypot Hit: xmlrpc.php	Web Spam Blog Spam Bad Web Bot Web App Attack
🇺🇸 xxkodedxx	2026-06-03 22:04:58 (14 hours ago)	[Zorvexus edge-defense] GET .env / WordPress honeypot probe Trigger: 1× honeypot-get in 10m window. ... show more [Zorvexus edge-defense] GET .env / WordPress honeypot probe Trigger: 1× honeypot-get in 10m window. Active: 22:04:33 UTC Volume: 1 honeypot probe(s) Bait taken: /wp-login.php UA: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" Auto-banned 30d. zorvexus-banner. show less	Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-03 19:31:25 (16 hours ago)	(modsec_5040) ModSec 5040: API Basic Auth blocked from 169.150.1.36 (BR/Brazil/169-150-1-36.br-se-1. ... show more (modsec_5040) ModSec 5040: API Basic Auth blocked from 169.150.1.36 (BR/Brazil/169-150-1-36.br-se-1.user-content.mgc-public.net): 1 in the last 3600 secs (0-193) show less	Hacking

Showing 1 to 15 of 45 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 175.0.254.13

🇻🇳 171.231.195.192

🇺🇸 135.232.200.203

🇮🇳 128.185.33.227

🇫🇷 91.231.89.172

🇩🇪 69.5.169.17

🇺🇸 37.19.221.89

🇺🇸 34.16.175.247

🇷🇺 2a09:bac5:5151:2369::387:33

🇮🇳 180.151.254.218

🇫🇷 176.188.68.125

🇺🇸 172.236.119.165

🇺🇸 154.197.57.70

🇺🇸 134.209.5.217

🇯🇵 92.113.142.203

🇺🇸 84.37.194.209

🇺🇸 66.132.195.119

🇸🇬 47.84.130.38

🇭🇰 45.142.154.105

🇸🇳 41.208.191.133