Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
168.149.102.85 has a threat confidence score of 86%. This IP address from Saudi Arabia (AS25019, Saudi Telecom Company JSC) has been observed in 66 honeypot sessions targeting MSSQL, SMB protocols. First observed on April 8, 2026, most recently active April 8, 2026.
Composite behavior identifying SMB access to the IPC$ share followed by opening of the SVCCTL named pipe. This pattern indicates interaction with the Windows Service Control Manager over SMB and is commonly observed during remote service enumeration, service manipulation, or preparation for remote service-based execution.