JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.47.242.66

202.47.242.66 was found in our database!

This IP was reported 60 times. Confidence of Abuse is 0%: ?

ISP	CAT TELECOM Data Comm. Dept, Intrenet Office
Usage Type	Fixed Line ISP
ASN	AS9931
Domain Name	ntplc.co.th
Country	🇹🇭 Thailand
City	Bangkok, Bangkok

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.47.242.66

Whois 202.47.242.66

IP Abuse Reports for 202.47.242.66:

This IP address has been reported a total of 60 times from 25 distinct sources. 202.47.242.66 was first reported on May 5th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2024-09-24 08:18:40 (1 year ago)	202.47.242.66 - - [24/Sep/2024:10:18:40 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux ... show more 202.47.242.66 - - [24/Sep/2024:10:18:40 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-09-21 04:43:32 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 202.47.242.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 202.47.242.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 21 00:43:25.096634 2024] [security2:error] [pid 9956:tid 9956] [client 202.47.242.66:41779] [client 202.47.242.66] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.47.242.66 (+1 hits since last alert)\|www.wild-goose.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.wild-goose.net"] [uri "/xmlrpc.php"] [unique_id "Zu5O7fAUtE_OXkkrBCe5fAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2024-09-20 23:57:03 (1 year ago)	202.47.242.66 - - [21/Sep/2024:01:57:03 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux ... show more 202.47.242.66 - - [21/Sep/2024:01:57:03 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇲🇹 Malta	2024-09-18 18:01:28 (1 year ago)	202.47.242.66 - - [18/Sep/2024:20:01:28 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux ... show more 202.47.242.66 - - [18/Sep/2024:20:01:28 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
Anonymous	2024-09-18 15:22:41 (1 year ago)		Web App Attack
Anonymous	2024-09-18 14:51:12 (1 year ago)	apache-wordpress-login	Brute-Force Web App Attack
🇺🇸 Spamectomy_Doctor_USA	2024-09-16 20:23:18 (1 year ago)	email spam phishing spoofing	Phishing Email Spam
🇦🇺 MAGIC	2024-09-10 07:00:14 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇮 bittiguru.fi	2024-09-08 01:34:41 (1 year ago)	202.47.242.66 - [08/Sep/2024:04:34:37 +0300] "POST /xmlrpc.php HTTP/1.1" 200 235 "-" "Mozilla/5.0 (M ... show more 202.47.242.66 - [08/Sep/2024:04:34:37 +0300] "POST /xmlrpc.php HTTP/1.1" 200 235 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" "1.86" 202.47.242.66 - [08/Sep/2024:04:34:40 +0300] "POST /xmlrpc.php HTTP/1.1" 200 235 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" "1.86" ... show less	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-09-07 08:08:53 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 202.47.242.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 202.47.242.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 07 04:08:44.962252 2024] [security2:error] [pid 21554:tid 21554] [client 202.47.242.66:39703] [client 202.47.242.66] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.47.242.66 (+1 hits since last alert)\|webuychesterfieldhouses.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "webuychesterfieldhouses.com"] [uri "/xmlrpc.php"] [unique_id "ZtwKDK2uO7ceRl8FCFMTigAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-07 02:24:51 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 202.47.242.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 202.47.242.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 06 22:24:44.069650 2024] [security2:error] [pid 4166034:tid 4166093] [client 202.47.242.66:33831] [client 202.47.242.66] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.47.242.66 (+1 hits since last alert)\|sevenislandsvilla.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sevenislandsvilla.com"] [uri "/xmlrpc.php"] [unique_id "Ztu5bI9rSWFse6mRwos2HgAAAoQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Netgnome	2024-09-03 07:39:17 (1 year ago)	SMTP/25 Attempts send from non-existent domain	Brute-Force
🇺🇸 TPI-Abuse	2024-09-03 00:44:50 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 202.47.242.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 202.47.242.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 02 20:44:42.664874 2024] [security2:error] [pid 27040:tid 27040] [client 202.47.242.66:47143] [client 202.47.242.66] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.47.242.66 (+1 hits since last alert)\|www.uphillfarmvt.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.uphillfarmvt.com"] [uri "/xmlrpc.php"] [unique_id "ZtZb-rHJNCKa2o56IOcVmAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Smel	2024-08-31 03:04:09 (1 year ago)	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	Email Spam Hacking Brute-Force
🇺🇸 TPI-Abuse	2024-08-30 17:32:59 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 202.47.242.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 202.47.242.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 30 13:32:52.188826 2024] [security2:error] [pid 20891:tid 20891] [client 202.47.242.66:57705] [client 202.47.242.66] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.47.242.66 (+1 hits since last alert)\|victorvictor.biz\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "victorvictor.biz"] [uri "/xmlrpc.php"] [unique_id "ZtICRHWsdWfr3tgH6Zgd5QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 60 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 192.178.37.153

🇨🇳 180.76.168.83

🇺🇸 162.243.228.110

🇺🇸 142.252.33.43

🇻🇳 103.82.20.28

🇬🇧 94.10.71.4

🇫🇷 90.9.234.63

🇳🇱 45.153.34.186

🇨🇳 36.156.65.222

🇺🇸 31.76.151.106

🇫🇷 185.208.207.227

🇺🇸 134.122.21.135

🇲🇦 102.78.237.240

🇳🇱 98.98.200.162

🇳🇱 45.148.10.152

🇺🇸 216.180.246.194

🇭🇰 199.45.154.182

🇺🇸 172.118.10.137

🇺🇸 108.31.93.252

🇻🇳 103.130.213.223