JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.214.0.247

102.214.0.247 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 60%: ?

60%

ISP	ZAP-Angola
Usage Type	Fixed Line ISP
ASN	AS37645
Hostname(s)	cust-102-214-0-247.zapfibra.co.ao
Domain Name	zap.co.ao
Country	🇦🇴 Angola
City	Luanda, Luanda

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.214.0.247

Whois 102.214.0.247

IP Abuse Reports for 102.214.0.247:

This IP address has been reported a total of 35 times from 16 distinct sources. 102.214.0.247 was first reported on May 28th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 15:11:40 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 102.214.0.247 (cust-102-214-0-247.zapfibra.co.a ... show more (mod_security) mod_security (id:240335) triggered by 102.214.0.247 (cust-102-214-0-247.zapfibra.co.ao): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 11:11:33.518711 2026] [security2:error] [pid 2886:tid 2886] [client 102.214.0.247:52328] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.214.0.247 (+1 hits since last alert)\|premierveterinarysurgery.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "premierveterinarysurgery.com"] [uri "/xmlrpc.php"] [unique_id "aiLnJWGEuGx41a9kW44S9gAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-05 13:56:36 (2 weeks ago)	Blocked by CSF 13 firewall - Rule: XMLRPC cust-102-214-0-247.zapfibra.co.ao	Web App Attack
Anonymous	2026-06-05 10:43:14 (2 weeks ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-05 02:10:17 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 102.214.0.247 (cust-102-214-0-247.zapfibra.co.a ... show more (mod_security) mod_security (id:240335) triggered by 102.214.0.247 (cust-102-214-0-247.zapfibra.co.ao): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 22:10:11.171733 2026] [security2:error] [pid 15317:tid 15326] [client 102.214.0.247:54997] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.214.0.247 (+1 hits since last alert)\|emehache.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "emehache.com"] [uri "/xmlrpc.php"] [unique_id "aiIwA9hA0LT4m-qKgCpduwAAAMY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-04 20:15:54 (2 weeks ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
Anonymous	2026-06-04 19:45:07 (2 weeks ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇲🇾 Rizzy	2026-06-04 18:14:07 (2 weeks ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-04 16:37:43 (2 weeks ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇫🇷 dynamix	2026-06-04 15:58:33 (2 weeks ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 WellSpring	2026-06-04 14:52:47 (2 weeks ago)	xmlrpc exploit on 510.today/xmlrpc.php — WellSpr.ing/NetSentinel civic-AI security layer	Brute-Force Web App Attack
Anonymous	2026-06-04 14:05:28 (2 weeks ago)	[redacted] 102.214.0.247 - - [04/Jun/2026:16:04:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "W ... show more [redacted] 102.214.0.247 - - [04/Jun/2026:16:04:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 102.214.0.247 - - [04/Jun/2026:16:04:41 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 102.214.0.247 - - [04/Jun/2026:16:04:52 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.3; http://site34010079.com" [redacted] 102.214.0.247 - - [04/Jun/2026:16:05:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 102.214.0.247 - - [04/Jun/2026:16:05:26 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site94930423.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 13:42:05 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 102.214.0.247 (cust-102-214-0-247.zapfibra.co.a ... show more (mod_security) mod_security (id:240335) triggered by 102.214.0.247 (cust-102-214-0-247.zapfibra.co.ao): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 09:41:57.307493 2026] [security2:error] [pid 20106:tid 20106] [client 102.214.0.247:60677] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.214.0.247 (+1 hits since last alert)\|theamarals.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theamarals.com"] [uri "/xmlrpc.php"] [unique_id "aiGApa5tB5_VdQVkNvI7wgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 12:37:12 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 102.214.0.247 (cust-102-214-0-247.zapfibra.co.a ... show more (mod_security) mod_security (id:240335) triggered by 102.214.0.247 (cust-102-214-0-247.zapfibra.co.ao): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 08:37:04.964652 2026] [security2:error] [pid 20823:tid 20823] [client 102.214.0.247:52240] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.214.0.247 (+1 hits since last alert)\|metcomarine.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "metcomarine.com"] [uri "/xmlrpc.php"] [unique_id "aiFxcKrFuNBe2g3qvnn9twAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 11:05:20 (2 weeks ago)	[osotir.org] httpd-xmlrpc-post: sites=drasimas.gr; logs=/var/log/httpd/domains/drasimas.gr.log; samp ... show more [osotir.org] httpd-xmlrpc-post: sites=drasimas.gr; logs=/var/log/httpd/domains/drasimas.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 08:32:28 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 102.214.0.247 (cust-102-214-0-247.zapfibra.co.a ... show more (mod_security) mod_security (id:240335) triggered by 102.214.0.247 (cust-102-214-0-247.zapfibra.co.ao): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 04:32:24.184409 2026] [security2:error] [pid 28339:tid 28339] [client 102.214.0.247:64456] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.214.0.247 (+1 hits since last alert)\|marianozaro.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "marianozaro.com"] [uri "/xmlrpc.php"] [unique_id "aiE4GH28tdB1Os5X_QhJgQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 175.107.204.64

🇺🇸 162.217.103.68

🇷🇺 94.243.8.138

🇨🇳 14.103.127.7

🇨🇳 202.111.183.254

🇨🇳 180.109.12.6

🇺🇸 156.227.242.156

🇮🇳 125.19.161.150

🇸🇬 103.3.164.243

🇳🇱 91.92.40.204

🇺🇸 23.99.131.37

🇺🇸 13.68.214.34

🇺🇸 198.12.254.228

🇨🇳 119.96.81.99

🇮🇱 34.165.238.151

🇨🇦 20.151.110.96

🇮🇳 2401:4900:88d2:f4f2:f53a:21b7:4ed6:44e3

🇩🇪 178.104.168.249

🇺🇸 64.62.156.22

🇭🇰 34.96.193.126