JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.213.42.86

102.213.42.86 was found in our database!

This IP was reported 45 times. Confidence of Abuse is 79%: ?

79%

ISP	FBB_BYO-GPON&ADSL FIREWALLS
Usage Type	Fixed Line ISP
ASN	AS37204
Domain Name	telone.co.zw
Country	🇿🇼 Zimbabwe
City	Bulawayo, Bulawayo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.213.42.86

Whois 102.213.42.86

IP Abuse Reports for 102.213.42.86:

This IP address has been reported a total of 45 times from 25 distinct sources. 102.213.42.86 was first reported on May 25th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 20:11:11 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 102.213.42.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 102.213.42.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 16:11:06.702079 2026] [security2:error] [pid 2036:tid 2036] [client 102.213.42.86:25071] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.213.42.86 (+1 hits since last alert)\|iconbizpromo.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iconbizpromo.com"] [uri "/xmlrpc.php"] [unique_id "aiMtWtam7Cy0LfMaBTlm7wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 18:08:08 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 102.213.42.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 102.213.42.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 14:08:05.576549 2026] [security2:error] [pid 19462:tid 19462] [client 102.213.42.86:4930] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.213.42.86 (+1 hits since last alert)\|warpedweed.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "warpedweed.com"] [uri "/xmlrpc.php"] [unique_id "aiMQhbq9sRqBg7rsvBp-GwAAAC0"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-06-05 13:29:12 (6 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 19:20:43 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 102.213.42.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 102.213.42.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 15:20:38.496504 2026] [security2:error] [pid 20345:tid 20345] [client 102.213.42.86:27586] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.213.42.86 (+1 hits since last alert)\|rodandreelpiercam.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rodandreelpiercam.com"] [uri "/xmlrpc.php"] [unique_id "aiHQBgslpFlKPn5cvblnQAAAADI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 16:05:24 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 102.213.42.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 102.213.42.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 12:05:20.768394 2026] [security2:error] [pid 2453:tid 2453] [client 102.213.42.86:52057] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|calvarycavaliers.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "calvarycavaliers.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aiGiQMxCqAu27n8-c10mxgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 alferez	2026-06-04 15:51:44 (1 week ago)	Multiple WP Login Attack	Brute-Force
Anonymous	2026-06-04 14:27:11 (1 week ago)	Attac	Brute-Force
🇳🇱 Site.eu	2026-06-04 12:58:56 (1 week ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-04 05:53:08 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 102.213.42.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 102.213.42.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 01:53:02.759190 2026] [security2:error] [pid 28925:tid 28925] [client 102.213.42.86:24755] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.213.42.86 (+1 hits since last alert)\|iconconstructors.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iconconstructors.com"] [uri "/xmlrpc.php"] [unique_id "aiESvs-XsjfAhRdlnUO_LQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 Dunham Support	2026-06-04 04:49:32 (1 week ago)	(wordpress) Failed wordpress login from 102.213.42.86 (ZW/Zimbabwe/-)	Brute-Force
🇺🇸 integrantservices.com	2026-06-04 00:12:08 (1 week ago)	(wordpress) Failed wordpress login from 102.213.42.86 (ZW/Zimbabwe/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-03 22:43:06 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 102.213.42.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 102.213.42.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 18:43:02.027578 2026] [security2:error] [pid 20706:tid 20706] [client 102.213.42.86:23545] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.213.42.86 (+1 hits since last alert)\|dogarttoday.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dogarttoday.com"] [uri "/xmlrpc.php"] [unique_id "aiCt9hY2Ghx4Gpw_4jDfwAAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 16:11:56 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 102.213.42.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 102.213.42.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 12:11:49.796581 2026] [security2:error] [pid 2682:tid 2682] [client 102.213.42.86:35299] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.213.42.86 (+1 hits since last alert)\|stlouisdave.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stlouisdave.com"] [uri "/xmlrpc.php"] [unique_id "aiBSRXQu6_DCFkGqiotZxAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Tha_14	2026-06-03 16:10:31 (1 week ago)	Limit on login attempts is reached	Brute-Force
Anonymous	2026-06-03 14:37:21 (1 week ago)	[redacted] 102.213.42.86 - - [03/Jun/2026:16:36:38 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ... show more [redacted] 102.213.42.86 - - [03/Jun/2026:16:36:38 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)" [redacted] 102.213.42.86 - - [03/Jun/2026:16:36:48 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 102.213.42.86 - - [03/Jun/2026:16:36:59 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.1; http://site31162472.com" [redacted] 102.213.42.86 - - [03/Jun/2026:16:37:09 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site22039223.com" [redacted] 102.213.42.86 - - [03/Jun/2026:16:37:20 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)" ... show less	Hacking Web App Attack

Showing 1 to 15 of 45 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇳 197.240.133.242

🇺🇸 173.255.223.115

🇺🇸 162.216.150.28

🇺🇸 138.68.253.19

🇳🇱 93.123.109.114

🇲🇾 47.254.238.61

🇺🇸 47.189.194.174

🇮🇳 2401:4900:1cb1:90c:7847:46ac:9dd0:9c93

🇺🇸 209.87.169.92

🇳🇱 154.13.197.35

🇵🇰 119.156.28.157

🇩🇪 69.5.169.228

🇿🇦 41.116.64.9

🇮🇩 202.145.0.18

🇺🇸 165.154.162.126

🇨🇦 159.203.47.94

🇭🇰 123.58.210.86

🇳🇵 110.34.30.120

🇹🇼 198.235.24.50

🇺🇸 137.184.217.238