AbuseIPDB » 13.84.42.66

13.84.42.66 was found in our database!

This IP was reported 78 times. Confidence of Abuse is 93%: ?

93%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
Domain Name	microsoft.com
Country	United States of America
City	San Antonio, Texas

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 13.84.42.66

Whois 13.84.42.66

IP Abuse Reports for 13.84.42.66:

This IP address has been reported a total of 78 times from 34 distinct sources. 13.84.42.66 was first reported on November 17th 2021, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	Date	Comment	Categories
Anonymous	29 Jul 2022	(mod_security) mod_security (id:972687) triggered by 13.84.42.66 (US/United States/-): 2 in the last ... show more(mod_security) mod_security (id:972687) triggered by 13.84.42.66 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Jul 29 21:33:44.411217 2022] [:error] [pid 2393862] [client 13.84.42.66:47368] [client 13.84.42.66] ModSecurity: Access denied with code 401 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "7"] [id "972687"] [msg "xmlrpc request blocked, no referrer"] [hostname "vidrosnacional.com.br"] [uri "/xmlrpc.php"] [unique_id "YuR8aO98l5S63Cxv6hrAxQAAADA"] [Fri Jul 29 21:33:44.596450 2022] [:error] [pid 2393456] [client 13.84.42.66:47369] [client 13.84.42.66] ModSecurity: Access denied with code 401 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "7"] [id "972687"] [msg "xmlrpc request blocked, no referrer"] [hostname "vidrosnacional.com.br"] [uri "/xmlrpc.php"] [unique_id "YuR8aBIL134TcKAiGjUxmAAAAAg"] show less	Port Scan
John Chrys.	29 Jul 2022	13.84.42.66 - - [29/Jul/2022:14:11:22 +0300] "POST /xmlrpc.php HTTP/1.1" 403 5584 "-" "Mozilla/5.0 ( ... show more13.84.42.66 - - [29/Jul/2022:14:11:22 +0300] "POST /xmlrpc.php HTTP/1.1" 403 5584 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" ... show less	Brute-Force Web App Attack
Jean Valjean	27 Jul 2022	Fail2ban Bopeep : xmlrpc.php Abuse	SQL Injection Web App Attack
Anonymous	25 Jul 2022	XMLRPC Hack Attempts	Hacking Brute-Force
Anonymous	24 Jul 2022	(mod_security) mod_security (id:972687) triggered by 13.84.42.66 (US/United States/-): 2 in the last ... show more(mod_security) mod_security (id:972687) triggered by 13.84.42.66 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Sun Jul 24 13:01:46.475192 2022] [:error] [pid 3398736] [client 13.84.42.66:47368] [client 13.84.42.66] ModSecurity: Access denied with code 401 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "7"] [id "972687"] [msg "xmlrpc request blocked, no referrer"] [hostname "centergreen.com.br"] [uri "/xmlrpc.php"] [unique_id "Yt1s6umZcv_yJLogpojvqAAAAAE"] [Sun Jul 24 13:01:46.824443 2022] [:error] [pid 3397180] [client 13.84.42.66:47369] [client 13.84.42.66] ModSecurity: Access denied with code 401 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "7"] [id "972687"] [msg "xmlrpc request blocked, no referrer"] [hostname "centergreen.com.br"] [uri "/xmlrpc.php"] [unique_id "Yt1s6s2f7InOHVqXfhfm8wAAAAU"] show less	Port Scan
Anonymous	23 Jul 2022	VILLAROMEO.DE 13.84.42.66 [21/Jul/2022:07:41:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 580 "-" "Mozi ... show moreVILLAROMEO.DE 13.84.42.66 [21/Jul/2022:07:41:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 580 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" villaromeo.de 13.84.42.66 [21/Jul/2022:07:41:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 580 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" show less	Web App Attack
Anonymous	21 Jul 2022	VILLAROMEO.DE 13.84.42.66 [21/Jul/2022:07:41:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 580 "-" "Mozi ... show moreVILLAROMEO.DE 13.84.42.66 [21/Jul/2022:07:41:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 580 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" villaromeo.de 13.84.42.66 [21/Jul/2022:07:41:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 580 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" show less	Web App Attack
Anonymous	17 Jul 2022	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
MarkGGN	16 Jul 2022	Webexploits. 13.84.42.66 - - [16/Jul/2022:12:13:55 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "M ... show moreWebexploits. 13.84.42.66 - - [16/Jul/2022:12:13:55 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 13.84.42.66 - - [16/Jul/2022:12:13:55 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" show less	Brute-Force Bad Web Bot Web App Attack
billyborsht	15 Jul 2022	wordpress authentication brute force	Hacking Web App Attack
rsiddall	15 Jul 2022	13.84.42.66 - - [15/Jul/2022:06:44:32 -0400] "POST /BLOG/xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/ ... show more13.84.42.66 - - [15/Jul/2022:06:44:32 -0400] "POST /BLOG/xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 13.84.42.66 - - [15/Jul/2022:06:44:32 -0400] "POST /blog/xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" ... show less	Brute-Force
Anonymous	15 Jul 2022	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
F242	14 Jul 2022	Jul 14 23:23:58 mx1 wordpress(marc-eggert.de)[23805]: XML-RPC authentication attempt for unknown use ... show moreJul 14 23:23:58 mx1 wordpress(marc-eggert.de)[23805]: XML-RPC authentication attempt for unknown user marc-eggert from 13.84.42.66 ... show less	Web App Attack
Anonymous	13 Jul 2022	fulda-media.de 13.84.42.66 [13/Jul/2022:20:44:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 5718 "-" "Mo ... show morefulda-media.de 13.84.42.66 [13/Jul/2022:20:44:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 5718 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" FULDA-MEDIA.DE 13.84.42.66 [13/Jul/2022:20:44:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 5718 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" show less	Web App Attack
wnbhosting.dk	13 Jul 2022	WP xmlrpc [2022-07-12T10:16:41+02:00]	Hacking Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩