JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.208.220.206

102.208.220.206 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 52%: ?

52%

ISP	BEELINE TELECOMS LIMITED
Usage Type	Mobile ISP
ASN	AS329444
Domain Name	zedmobile.co.zm
Country	🇿🇲 Zambia
City	Lusaka, Lusaka Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.208.220.206

Whois 102.208.220.206

IP Abuse Reports for 102.208.220.206:

This IP address has been reported a total of 140 times from 79 distinct sources. 102.208.220.206 was first reported on May 23rd 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇹 rnl	2026-06-17 17:19:31 (4 days ago)	postfix	Brute-Force Email Spam
🇵🇹 rnl	2026-06-16 16:16:01 (5 days ago)	postfix (unknown user, SPF fail or relay access denied)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-13 03:00:41 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 102.208.220.206 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 102.208.220.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 23:00:36.511575 2026] [security2:error] [pid 19449:tid 19449] [client 102.208.220.206:54140] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.208.220.206 (+1 hits since last alert)\|mrccertification.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mrccertification.com"] [uri "/xmlrpc.php"] [unique_id "aizH1LYwoknkV_TCKxrvbAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 21:11:08 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 102.208.220.206 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 102.208.220.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 17:11:02.145751 2026] [security2:error] [pid 23758:tid 23758] [client 102.208.220.206:49167] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.208.220.206 (+1 hits since last alert)\|fishleadership.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fishleadership.org"] [uri "/xmlrpc.php"] [unique_id "aix15hVskI86ryUDK9-eNgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-12 21:02:30 (1 week ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 integrantservices.com	2026-06-12 16:21:09 (1 week ago)	(wordpress) Failed wordpress login from 102.208.220.206 (ZM/Zambia/-)	Brute-Force
🇩🇪 ger-stg-sifi1	2026-06-12 15:49:48 (1 week ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 22:32:30 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 102.208.220.206 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 102.208.220.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 18:32:23.925596 2026] [security2:error] [pid 28998:tid 28998] [client 102.208.220.206:61111] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.208.220.206 (+1 hits since last alert)\|lightupaustralia.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lightupaustralia.org"] [uri "/xmlrpc.php"] [unique_id "ais3d27Fawsz_kNz7YOVwwAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 20:20:35 (1 week ago)	[redacted] 102.208.220.206 - - [09/Jun/2026:22:19:45 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ... show more [redacted] 102.208.220.206 - - [09/Jun/2026:22:19:45 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" [redacted] 102.208.220.206 - - [09/Jun/2026:22:19:53 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" [redacted] 102.208.220.206 - - [09/Jun/2026:22:20:15 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)" [redacted] 102.208.220.206 - - [09/Jun/2026:22:20:23 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 102.208.220.206 - - [09/Jun/2026:22:20:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
Anonymous	2026-06-08 17:44:17 (1 week ago)	Attac	Brute-Force
🇩🇪 David Ferneding	2026-05-11 20:12:52 (1 month ago)	Blocked by UFW (TCP on 23) Source port: 24022 TTL: 50 Packet length: 44 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 23) Source port: 24022 TTL: 50 Packet length: 44 TOS: 0x00 This report (for 102.208.220.206) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇬🇧 PeravixGroup	2026-05-11 00:54:57 (1 month ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇫🇷 evvsk	2026-05-08 03:06:47 (1 month ago)	23/tcp	Port Scan IoT Targeted
Anonymous	2026-04-28 22:10:12 (1 month ago)	Unauthorized connection to Telnet port 23	Port Scan
🇺🇸 cybsecaoccol	2026-04-28 21:02:46 (1 month ago)	unauthorized connection or malicious port scan attempted on tcp port - corp	Port Scan Hacking

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 2a09:bac1:27a0:1b08::40c:1f

🇮🇳 183.82.56.79

🇳🇱 176.65.139.181

🇺🇸 147.185.132.231

🇺🇸 147.185.132.165

🇺🇸 147.185.132.18

🇺🇸 107.174.212.19

🇺🇸 65.56.62.250

🇸🇦 46.152.120.45

🇳🇱 45.148.10.151

🇨🇳 223.241.247.227

🇧🇷 205.210.31.242

🇨🇴 190.249.17.63

🇻🇪 190.142.109.246

🇸🇪 185.29.10.101

🇪🇨 181.211.248.102

🇧🇷 170.238.160.191

🇭🇰 152.32.129.236

🇨🇦 149.56.174.78

🇺🇸 147.185.132.159